./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1079920506 <...> syzkaller login: [ 81.833569][ T26] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.151' (ECDSA) to the list of known hosts. execve("./syz-executor1079920506", ["./syz-executor1079920506"], 0x7ffc60b9d790 /* 10 vars */) = 0 brk(NULL) = 0x555556fb2000 brk(0x555556fb2c40) = 0x555556fb2c40 arch_prctl(ARCH_SET_FS, 0x555556fb2300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1079920506", 4096) = 28 brk(0x555556fd3c40) = 0x555556fd3c40 brk(0x555556fd4000) = 0x555556fd4000 mprotect(0x7f12a8efd000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5090 attached , child_tidptr=0x555556fb25d0) = 5090 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] getpid( [pid 5089] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5091 [pid 5090] <... getpid resumed>) = 5090 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached [pid 5090] mkdir("./syzkaller.mChxQ2", 0700 [pid 5089] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5092 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5093 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5094 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... mkdir resumed>) = 0 [pid 5090] chmod("./syzkaller.mChxQ2", 0777 [pid 5089] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5095 ./strace-static-x86_64: Process 5094 attached [pid 5090] <... chmod resumed>) = 0 [pid 5094] getpid(./strace-static-x86_64: Process 5095 attached [pid 5095] getpid( [pid 5094] <... getpid resumed>) = 5094 [pid 5094] mkdir("./syzkaller.OGM8ip", 0700 [pid 5090] chdir("./syzkaller.mChxQ2"./strace-static-x86_64: Process 5092 attached [pid 5091] getpid( [pid 5090] <... chdir resumed>) = 0 [pid 5095] <... getpid resumed>) = 5095 [pid 5095] mkdir("./syzkaller.un8xAu", 0700./strace-static-x86_64: Process 5093 attached [pid 5092] getpid( [pid 5091] <... getpid resumed>) = 5091 [pid 5090] mkdir("./0", 0777 [pid 5094] <... mkdir resumed>) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5095] chmod("./syzkaller.un8xAu", 0777 [pid 5090] <... mkdir resumed>) = 0 [pid 5091] mkdir("./syzkaller.Hb3eS8", 0700 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... chmod resumed>) = 0 [pid 5095] chdir("./syzkaller.un8xAu") = 0 [pid 5095] mkdir("./0", 0777 [pid 5094] chmod("./syzkaller.OGM8ip", 0777 [pid 5091] <... mkdir resumed>) = 0 [pid 5091] chmod("./syzkaller.Hb3eS8", 0777 [pid 5090] <... openat resumed>) = 3 [pid 5091] <... chmod resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5094] <... chmod resumed>) = 0 [pid 5094] chdir("./syzkaller.OGM8ip") = 0 [pid 5094] mkdir("./0", 0777) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5091] chdir("./syzkaller.Hb3eS8" [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] <... chdir resumed>) = 0 [pid 5090] close(3 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] <... openat resumed>) = 3 [pid 5095] close(3 [pid 5091] mkdir("./0", 0777 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5096 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5097 ./strace-static-x86_64: Process 5096 attached ./strace-static-x86_64: Process 5097 attached [pid 5096] chdir("./0" [pid 5091] <... mkdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] <... close resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5097] chdir("./0" [pid 5096] <... chdir resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5098 [pid 5097] <... chdir resumed>) = 0 [pid 5091] close(3) = 0 [pid 5092] <... getpid resumed>) = 5092 [pid 5093] getpid( [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] mkdir("./syzkaller.D0iHUc", 0700 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5096] <... prctl resumed>) = 0 [pid 5097] <... prctl resumed>) = 0 [pid 5093] <... getpid resumed>) = 5093 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5099 [pid 5093] mkdir("./syzkaller.gCxZIj", 0700 [pid 5097] setpgid(0, 0 [pid 5096] setpgid(0, 0 [pid 5097] <... setpgid resumed>) = 0 [pid 5096] <... setpgid resumed>) = 0 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5092] <... mkdir resumed>) = 0 [pid 5097] write(3, "1000", 4 [pid 5096] write(3, "1000", 4./strace-static-x86_64: Process 5099 attached [pid 5097] <... write resumed>) = 4 [pid 5096] <... write resumed>) = 4 [pid 5093] <... mkdir resumed>) = 0 [pid 5092] chmod("./syzkaller.D0iHUc", 0777 [pid 5099] chdir("./0" [pid 5097] close(3 [pid 5096] close(3 [pid 5093] chmod("./syzkaller.gCxZIj", 0777 [pid 5092] <... chmod resumed>) = 0 ./strace-static-x86_64: Process 5098 attached [pid 5099] <... chdir resumed>) = 0 [pid 5097] <... close resumed>) = 0 [pid 5096] <... close resumed>) = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5097] symlink("/dev/binderfs", "./binderfs" [pid 5096] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... chmod resumed>) = 0 [pid 5092] chdir("./syzkaller.D0iHUc" [pid 5099] <... prctl resumed>) = 0 [pid 5098] chdir("./0" [pid 5097] <... symlink resumed>) = 0 [pid 5096] <... symlink resumed>) = 0 [pid 5093] chdir("./syzkaller.gCxZIj" [pid 5099] setpgid(0, 0 [pid 5097] memfd_create("syzkaller", 0 [pid 5096] memfd_create("syzkaller", 0 [pid 5099] <... setpgid resumed>) = 0 [pid 5098] <... chdir resumed>) = 0 [pid 5096] <... memfd_create resumed>) = 3 [pid 5093] <... chdir resumed>) = 0 [pid 5092] <... chdir resumed>) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5099] <... openat resumed>) = 3 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5096] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] mkdir("./0", 0777 [pid 5092] mkdir("./0", 0777 [pid 5099] write(3, "1000", 4 [pid 5098] <... prctl resumed>) = 0 [pid 5097] <... memfd_create resumed>) = 3 [pid 5093] <... mkdir resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5098] setpgid(0, 0 [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5099] <... write resumed>) = 4 [pid 5098] <... setpgid resumed>) = 0 [pid 5097] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5099] close(3) = 0 [pid 5099] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5099] memfd_create("syzkaller", 0 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5099] <... memfd_create resumed>) = 3 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5098] <... openat resumed>) = 3 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5098] write(3, "1000", 4 [pid 5093] <... close resumed>) = 0 [pid 5092] close(3 [pid 5098] <... write resumed>) = 4 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5098] close(3) = 0 [ 82.980928][ T5097] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5097 'syz-executor107' [pid 5098] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5100 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5101 ./strace-static-x86_64: Process 5100 attached [pid 5100] chdir("./0" [pid 5098] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5101 attached [pid 5100] <... chdir resumed>) = 0 [pid 5098] memfd_create("syzkaller", 0 [pid 5101] chdir("./0" [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5098] <... memfd_create resumed>) = 3 [pid 5101] <... chdir resumed>) = 0 [pid 5100] <... prctl resumed>) = 0 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5100] setpgid(0, 0 [pid 5101] <... prctl resumed>) = 0 [pid 5100] <... setpgid resumed>) = 0 [pid 5098] <... mmap resumed>) = 0x7f12a0a40000 [pid 5101] setpgid(0, 0 [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5101] <... setpgid resumed>) = 0 [pid 5100] <... openat resumed>) = 3 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5100] write(3, "1000", 4 [pid 5101] <... openat resumed>) = 3 [pid 5100] <... write resumed>) = 4 [pid 5101] write(3, "1000", 4 [pid 5100] close(3 [pid 5101] <... write resumed>) = 4 [pid 5100] <... close resumed>) = 0 [pid 5101] close(3 [pid 5100] symlink("/dev/binderfs", "./binderfs" [pid 5101] <... close resumed>) = 0 [pid 5100] <... symlink resumed>) = 0 [pid 5101] symlink("/dev/binderfs", "./binderfs" [pid 5100] memfd_create("syzkaller", 0 [pid 5101] <... symlink resumed>) = 0 [pid 5100] <... memfd_create resumed>) = 3 [pid 5101] memfd_create("syzkaller", 0 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5101] <... memfd_create resumed>) = 3 [pid 5100] <... mmap resumed>) = 0x7f12a0a40000 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5097] <... write resumed>) = 4194304 [pid 5099] <... write resumed>) = 4194304 [pid 5097] munmap(0x7f12a0a40000, 4194304 [pid 5096] <... write resumed>) = 4194304 [pid 5097] <... munmap resumed>) = 0 [pid 5097] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5098] <... write resumed>) = 4194304 [pid 5097] ioctl(4, LOOP_SET_FD, 3 [pid 5096] munmap(0x7f12a0a40000, 4194304 [pid 5099] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5099] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5099] ioctl(4, LOOP_SET_FD, 3 [pid 5098] munmap(0x7f12a0a40000, 4194304 [pid 5097] <... ioctl resumed>) = 0 [pid 5096] <... munmap resumed>) = 0 [pid 5099] <... ioctl resumed>) = 0 [pid 5098] <... munmap resumed>) = 0 [pid 5097] close(3 [pid 5096] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5097] <... close resumed>) = 0 [pid 5098] <... openat resumed>) = 4 [pid 5097] mkdir("./file1", 0777 [pid 5096] <... openat resumed>) = 4 [pid 5097] <... mkdir resumed>) = 0 [pid 5098] ioctl(4, LOOP_SET_FD, 3 [pid 5096] ioctl(4, LOOP_SET_FD, 3 [pid 5097] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5099] close(3) = 0 [pid 5101] <... write resumed>) = 4194304 [pid 5099] mkdir("./file1", 0777 [pid 5098] <... ioctl resumed>) = 0 [pid 5096] <... ioctl resumed>) = 0 [pid 5101] munmap(0x7f12a0a40000, 4194304 [pid 5099] <... mkdir resumed>) = 0 [ 83.332132][ T5097] loop5: detected capacity change from 0 to 8192 [ 83.340103][ T5099] loop1: detected capacity change from 0 to 8192 [ 83.357691][ T5098] loop0: detected capacity change from 0 to 8192 [ 83.364987][ T5096] loop4: detected capacity change from 0 to 8192 [pid 5099] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5101] <... munmap resumed>) = 0 [pid 5101] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5101] ioctl(4, LOOP_SET_FD, 3 [pid 5098] close(3 [pid 5096] close(3 [pid 5100] <... write resumed>) = 4194304 [pid 5100] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5100] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5098] <... close resumed>) = 0 [pid 5096] <... close resumed>) = 0 [pid 5100] <... openat resumed>) = 4 [ 83.385870][ T5097] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.392628][ T5101] loop2: detected capacity change from 0 to 8192 [ 83.400872][ T5097] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 83.418081][ T5100] loop3: detected capacity change from 0 to 8192 [pid 5100] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5098] mkdir("./file1", 0777 [pid 5096] mkdir("./file1", 0777 [pid 5100] close(3 [pid 5098] <... mkdir resumed>) = 0 [pid 5096] <... mkdir resumed>) = 0 [pid 5101] <... ioctl resumed>) = 0 [pid 5100] <... close resumed>) = 0 [pid 5100] mkdir("./file1", 0777) = 0 [ 83.418141][ T5099] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.424943][ T5097] REISERFS (device loop5): using ordered data mode [ 83.444999][ T5097] reiserfs: using flush barriers [ 83.451803][ T5099] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 83.459831][ T5100] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.462625][ T5099] REISERFS (device loop1): using ordered data mode [pid 5100] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5101] close(3 [pid 5098] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5096] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5101] <... close resumed>) = 0 [pid 5101] mkdir("./file1", 0777) = 0 [ 83.474286][ T5097] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.480893][ T5099] reiserfs: using flush barriers [ 83.497444][ T5097] REISERFS (device loop5): checking transaction log (loop5) [ 83.517470][ T5098] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.530927][ T5096] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.544041][ T5101] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.563139][ T5099] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.566469][ T5100] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 83.581860][ T5099] REISERFS (device loop1): checking transaction log (loop1) [ 83.593934][ T5096] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 83.608416][ T5101] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 83.616622][ T5098] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.641091][ T5101] REISERFS (device loop2): using ordered data mode [ 83.654426][ T5096] REISERFS (device loop4): using ordered data mode [ 83.658676][ T5098] REISERFS (device loop0): using ordered data mode [ 83.667009][ T5101] reiserfs: using flush barriers [ 83.672293][ T5098] reiserfs: using flush barriers [ 83.689811][ T5096] reiserfs: using flush barriers [ 83.696249][ T5100] REISERFS (device loop3): using ordered data mode [ 83.703596][ T5098] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.704184][ T5101] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.732692][ T5100] reiserfs: using flush barriers [ 83.743577][ T5097] REISERFS (device loop5): Using r5 hash to sort names [ 83.753569][ T5097] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 83.763124][ T5096] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.763968][ T5098] REISERFS (device loop0): checking transaction log (loop0) [pid 5101] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5097] <... mount resumed>) = 0 [pid 5097] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5097] chdir("./file1") = 0 [pid 5097] ioctl(4, LOOP_CLR_FD) = 0 [pid 5097] close(4) = 0 [pid 5097] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5097] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5097] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5097] exit_group(0) = ? [ 83.789688][ T5100] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.795912][ T5096] REISERFS (device loop4): checking transaction log (loop4) [ 83.808587][ T5100] REISERFS (device loop3): checking transaction log (loop3) [ 83.820319][ T5101] REISERFS (device loop2): checking transaction log (loop2) [pid 5097] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} --- [pid 5095] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./0/binderfs") = 0 [ 83.857486][ T5099] REISERFS (device loop1): Using r5 hash to sort names [pid 5095] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5099] <... mount resumed>) = 0 [pid 5099] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5099] chdir("./file1") = 0 [pid 5099] ioctl(4, LOOP_CLR_FD) = 0 [ 83.910976][ T5099] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5099] close(4) = 0 [pid 5099] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5099] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5099] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5099] exit_group(0) = ? [pid 5099] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./0/binderfs") = 0 [ 84.128494][ T5100] REISERFS (device loop3): Using r5 hash to sort names [ 84.168229][ T5100] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5100] <... mount resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5100] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5095] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5100] chdir("./file1" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5100] <... chdir resumed>) = 0 [pid 5095] lstat("./0/file1", [pid 5100] ioctl(4, LOOP_CLR_FD [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5100] <... ioctl resumed>) = 0 [pid 5095] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5100] close(4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5100] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5100] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] <... openat resumed>) = 4 [ 84.215111][ T5096] REISERFS (device loop4): Using r5 hash to sort names [ 84.219638][ T5098] REISERFS (device loop0): Using r5 hash to sort names [ 84.245481][ T5096] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 84.250729][ T5098] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5100] <... openat resumed>) = 4 [pid 5095] fstat(4, [pid 5100] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5100] <... mmap resumed>) = 0x20000000 [pid 5100] ioctl(4, FS_IOC_GETVERSION [pid 5096] <... mount resumed>) = 0 [pid 5095] getdents64(4, [pid 5100] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5096] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5100] exit_group(0 [pid 5096] <... openat resumed>) = 3 [pid 5095] getdents64(4, [pid 5100] <... exit_group resumed>) = ? [pid 5096] chdir("./file1" [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5100] +++ exited with 0 +++ [pid 5096] <... chdir resumed>) = 0 [pid 5095] close(4 [pid 5096] ioctl(4, LOOP_CLR_FD [pid 5095] <... close resumed>) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5096] <... ioctl resumed>) = 0 [pid 5095] rmdir("./0/file1" [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5096] close(4 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5096] <... close resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5096] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] getdents64(3, [pid 5096] <... openat resumed>) = 4 [pid 5093] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5096] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = 0 [pid 5096] <... mmap resumed>) = 0x20000000 [pid 5095] close(3 [pid 5093] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5096] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... close resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5091] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5096] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] rmdir("./0" [pid 5093] fstat(3, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5096] exit_group(0 [pid 5095] <... rmdir resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5098] <... mount resumed>) = 0 [pid 5096] <... exit_group resumed>) = ? [pid 5095] mkdir("./1", 0777 [pid 5093] getdents64(3, [pid 5091] lstat("./0/file1", [pid 5098] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5096] +++ exited with 0 +++ [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5098] <... openat resumed>) = 3 [pid 5095] <... mkdir resumed>) = 0 [pid 5093] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5098] chdir("./file1" [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5098] <... chdir resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5093] lstat("./0/binderfs", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5098] ioctl(4, LOOP_CLR_FD [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] <... restart_syscall resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5098] <... ioctl resumed>) = 0 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] unlink("./0/binderfs" [pid 5098] close(4 [pid 5095] close(3 [pid 5093] <... unlink resumed>) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5098] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5098] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5098] <... openat resumed>) = 4 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] fstat(4, [pid 5101] <... mount resumed>) = 0 [pid 5098] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... openat resumed>) = 3 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5101] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5098] <... mmap resumed>) = 0x20000000 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5109 [pid 5094] fstat(3, [pid 5091] getdents64(4, [pid 5101] <... openat resumed>) = 3 [pid 5098] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 84.279925][ T5101] REISERFS (device loop2): Using r5 hash to sort names [ 84.310001][ T5101] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5101] chdir("./file1" [pid 5098] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] getdents64(3, [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5109 attached [pid 5101] <... chdir resumed>) = 0 [pid 5098] exit_group(0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] getdents64(4, [pid 5109] chdir("./1" [pid 5101] ioctl(4, LOOP_CLR_FD [pid 5098] <... exit_group resumed>) = ? [pid 5094] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5109] <... chdir resumed>) = 0 [pid 5101] <... ioctl resumed>) = 0 [pid 5098] +++ exited with 0 +++ [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] close(4 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5101] close(4 [pid 5094] lstat("./0/binderfs", [pid 5091] <... close resumed>) = 0 [pid 5109] <... prctl resumed>) = 0 [pid 5101] <... close resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] rmdir("./0/file1" [pid 5109] setpgid(0, 0 [pid 5101] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] unlink("./0/binderfs" [pid 5109] <... setpgid resumed>) = 0 [pid 5101] <... openat resumed>) = 4 [pid 5094] <... unlink resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5101] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5101] <... mmap resumed>) = 0x20000000 [pid 5091] getdents64(3, [pid 5109] <... openat resumed>) = 3 [pid 5101] ioctl(4, FS_IOC_GETVERSION [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5109] write(3, "1000", 4 [pid 5101] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] close(3 [pid 5109] <... write resumed>) = 4 [pid 5101] exit_group(0 [pid 5109] close(3 [pid 5101] <... exit_group resumed>) = ? [pid 5091] <... close resumed>) = 0 [pid 5090] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5101] +++ exited with 0 +++ [pid 5109] <... close resumed>) = 0 [pid 5091] rmdir("./0" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] symlink("/dev/binderfs", "./binderfs" [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=29 /* 0.29 s */} --- [pid 5109] <... symlink resumed>) = 0 [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5091] <... rmdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] memfd_create("syzkaller", 0 [pid 5092] <... restart_syscall resumed>) = 0 [pid 5091] mkdir("./1", 0777 [pid 5109] <... memfd_create resumed>) = 3 [pid 5090] <... openat resumed>) = 3 [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5090] fstat(3, [pid 5109] <... mmap resumed>) = 0x7f12a0a40000 [pid 5092] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5090] getdents64(3, [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] getdents64(3, [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] close(3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./0/binderfs", [pid 5091] <... close resumed>) = 0 [pid 5090] lstat("./0/binderfs", [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] unlink("./0/binderfs" [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5090] unlink("./0/binderfs" [pid 5092] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5110 [pid 5090] <... unlink resumed>) = 0 [pid 5090] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5110 attached [pid 5110] chdir("./1") = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5110] setpgid(0, 0) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5110] write(3, "1000", 4) = 4 [pid 5110] close(3) = 0 [pid 5110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5110] memfd_create("syzkaller", 0) = 3 [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./0/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... umount2 resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... close resumed>) = 0 [pid 5092] lstat("./0/file1", [pid 5094] rmdir("./0/file1" [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] getdents64(3, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] close(3 [pid 5092] <... openat resumed>) = 4 [pid 5094] <... close resumed>) = 0 [pid 5092] fstat(4, [pid 5094] rmdir("./0" [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] getdents64(4, [pid 5094] mkdir("./1", 0777 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] getdents64(4, [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5093] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] close(4 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... close resumed>) = 0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] lstat("./0/file1", [pid 5092] rmdir("./0/file1" [pid 5094] close(3 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5093] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] close(3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5112 [pid 5093] <... openat resumed>) = 4 [pid 5092] <... close resumed>) = 0 [pid 5093] fstat(4, [pid 5092] rmdir("./0" [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5093] getdents64(4, [pid 5092] mkdir("./1", 0777 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... mkdir resumed>) = 0 [pid 5093] getdents64(4, [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5093] close(4 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5093] <... close resumed>) = 0 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] rmdir("./0/file1" [pid 5092] close(3 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5093] getdents64(3, [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5112 attached [pid 5093] close(3 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5113 [pid 5112] chdir("./1" [pid 5093] <... close resumed>) = 0 [pid 5112] <... chdir resumed>) = 0 [pid 5093] rmdir("./0" [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] <... rmdir resumed>) = 0 [pid 5112] <... prctl resumed>) = 0 [pid 5093] mkdir("./1", 0777./strace-static-x86_64: Process 5113 attached [pid 5112] setpgid(0, 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5113] chdir("./1" [pid 5112] <... setpgid resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5113] <... chdir resumed>) = 0 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] <... openat resumed>) = 3 [pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5112] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5113] <... prctl resumed>) = 0 [pid 5112] write(3, "1000", 4 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5113] setpgid(0, 0 [pid 5112] <... write resumed>) = 4 [pid 5093] close(3 [pid 5113] <... setpgid resumed>) = 0 [pid 5112] close(3 [pid 5093] <... close resumed>) = 0 [pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5112] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... umount2 resumed>) = 0 [pid 5113] <... openat resumed>) = 3 [pid 5112] symlink("/dev/binderfs", "./binderfs" [pid 5113] write(3, "1000", 4 [pid 5112] <... symlink resumed>) = 0 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5115 [pid 5113] <... write resumed>) = 4 [pid 5112] memfd_create("syzkaller", 0 [pid 5113] close(3 [pid 5112] <... memfd_create resumed>) = 3 [pid 5113] <... close resumed>) = 0 [pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5113] symlink("/dev/binderfs", "./binderfs" [pid 5112] <... mmap resumed>) = 0x7f12a0a40000 ./strace-static-x86_64: Process 5115 attached [pid 5113] <... symlink resumed>) = 0 [pid 5115] chdir("./1" [pid 5113] memfd_create("syzkaller", 0 [pid 5115] <... chdir resumed>) = 0 [pid 5113] <... memfd_create resumed>) = 3 [pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5115] <... prctl resumed>) = 0 [pid 5113] <... mmap resumed>) = 0x7f12a0a40000 [pid 5115] setpgid(0, 0) = 0 [pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5115] <... openat resumed>) = 3 [pid 5115] write(3, "1000", 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5115] <... write resumed>) = 4 [pid 5115] close(3 [pid 5090] lstat("./0/file1", [pid 5115] <... close resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5115] symlink("/dev/binderfs", "./binderfs" [pid 5090] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5115] <... symlink resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5115] memfd_create("syzkaller", 0 [pid 5090] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5115] <... memfd_create resumed>) = 3 [pid 5090] <... openat resumed>) = 4 [pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] fstat(4, [pid 5115] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./0/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./0") = 0 [pid 5090] mkdir("./1", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5110] <... write resumed>) = 4194304 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5116 ./strace-static-x86_64: Process 5116 attached [pid 5116] chdir("./1") = 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5110] munmap(0x7f12a0a40000, 4194304 [pid 5116] <... prctl resumed>) = 0 [pid 5110] <... munmap resumed>) = 0 [pid 5116] setpgid(0, 0 [pid 5110] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5116] <... setpgid resumed>) = 0 [pid 5110] <... openat resumed>) = 4 [pid 5109] <... write resumed>) = 4194304 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5110] ioctl(4, LOOP_SET_FD, 3 [pid 5116] <... openat resumed>) = 3 [pid 5109] munmap(0x7f12a0a40000, 4194304 [pid 5116] write(3, "1000", 4 [pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5109] <... munmap resumed>) = 0 [pid 5116] <... write resumed>) = 4 [pid 5116] close(3 [pid 5109] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5116] <... close resumed>) = 0 [pid 5116] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5109] <... openat resumed>) = 4 [pid 5116] memfd_create("syzkaller", 0 [pid 5109] ioctl(4, LOOP_SET_FD, 3 [pid 5116] <... memfd_create resumed>) = 3 [pid 5112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5110] <... ioctl resumed>) = 0 [pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5110] close(3 [pid 5109] <... ioctl resumed>) = 0 [pid 5110] <... close resumed>) = 0 [pid 5109] close(3 [pid 5110] mkdir("./file1", 0777 [pid 5109] <... close resumed>) = 0 [pid 5110] <... mkdir resumed>) = 0 [pid 5109] mkdir("./file1", 0777) = 0 [pid 5110] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 84.848360][ T5110] loop1: detected capacity change from 0 to 8192 [ 84.872376][ T5109] loop5: detected capacity change from 0 to 8192 [pid 5109] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 84.904262][ T5110] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.919113][ T5109] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.941058][ T5110] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5112] <... write resumed>) = 4194304 [ 84.950351][ T5110] REISERFS (device loop1): using ordered data mode [ 84.957081][ T5109] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 84.983717][ T5109] REISERFS (device loop5): using ordered data mode [ 84.990293][ T5109] reiserfs: using flush barriers [pid 5112] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5112] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5112] ioctl(4, LOOP_SET_FD, 3 [pid 5113] <... write resumed>) = 4194304 [pid 5113] munmap(0x7f12a0a40000, 4194304 [pid 5112] <... ioctl resumed>) = 0 [pid 5113] <... munmap resumed>) = 0 [pid 5112] close(3 [pid 5113] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5112] <... close resumed>) = 0 [pid 5113] <... openat resumed>) = 4 [pid 5112] mkdir("./file1", 0777 [pid 5113] ioctl(4, LOOP_SET_FD, 3 [pid 5112] <... mkdir resumed>) = 0 [ 84.997527][ T5109] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.016043][ T5109] REISERFS (device loop5): checking transaction log (loop5) [ 85.026709][ T5112] loop4: detected capacity change from 0 to 8192 [ 85.035644][ T5110] reiserfs: using flush barriers [pid 5112] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5115] <... write resumed>) = 4194304 [pid 5113] <... ioctl resumed>) = 0 [pid 5113] close(3) = 0 [pid 5113] mkdir("./file1", 0777) = 0 [pid 5113] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5115] munmap(0x7f12a0a40000, 4194304) = 0 [ 85.052010][ T5113] loop2: detected capacity change from 0 to 8192 [ 85.071665][ T5110] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.072109][ T5112] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5115] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 85.105327][ T5113] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.123838][ T5115] loop3: detected capacity change from 0 to 8192 [ 85.129431][ T5110] REISERFS (device loop1): checking transaction log (loop1) [pid 5115] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5115] close(3) = 0 [pid 5115] mkdir("./file1", 0777) = 0 [ 85.158921][ T5113] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 85.170101][ T5109] REISERFS (device loop5): Using r5 hash to sort names [ 85.177328][ T5113] REISERFS (device loop2): using ordered data mode [ 85.183971][ T5113] reiserfs: using flush barriers [ 85.184556][ T5115] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5115] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5109] <... mount resumed>) = 0 [pid 5109] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5116] <... write resumed>) = 4194304 [pid 5109] <... openat resumed>) = 3 [pid 5109] chdir("./file1" [pid 5116] munmap(0x7f12a0a40000, 4194304) = 0 [ 85.190066][ T5112] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 85.204485][ T5109] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 85.211285][ T5113] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.220777][ T5112] REISERFS (device loop4): using ordered data mode [ 85.244511][ T5112] reiserfs: using flush barriers [pid 5109] <... chdir resumed>) = 0 [pid 5116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5116] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5109] ioctl(4, LOOP_CLR_FD) = 0 [pid 5109] close(4) = 0 [ 85.251129][ T5115] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 85.261073][ T5112] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.261586][ T5115] REISERFS (device loop3): using ordered data mode [ 85.284358][ T5116] loop0: detected capacity change from 0 to 8192 [ 85.284796][ T5115] reiserfs: using flush barriers [ 85.299385][ T5113] REISERFS (device loop2): checking transaction log (loop2) [pid 5109] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5116] close(3 [pid 5109] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5116] <... close resumed>) = 0 [pid 5116] mkdir("./file1", 0777 [pid 5109] <... mmap resumed>) = 0x20000000 [pid 5109] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5116] <... mkdir resumed>) = 0 [pid 5109] exit_group(0 [pid 5116] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5109] <... exit_group resumed>) = ? [pid 5109] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 85.306954][ T5115] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.339214][ T5115] REISERFS (device loop3): checking transaction log (loop3) [ 85.382567][ T5116] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.386117][ T5112] REISERFS (device loop4): checking transaction log (loop4) [pid 5095] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5113] <... mount resumed>) = 0 [ 85.426857][ T5116] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.436627][ T5116] REISERFS (device loop0): using ordered data mode [ 85.443908][ T5116] reiserfs: using flush barriers [ 85.449530][ T5113] REISERFS (device loop2): Using r5 hash to sort names [ 85.457632][ T5113] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] unlink("./1/binderfs" [pid 5113] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5113] chdir("./file1") = 0 [pid 5113] ioctl(4, LOOP_CLR_FD) = 0 [pid 5113] close(4) = 0 [pid 5113] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5113] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5113] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5113] exit_group(0) = ? [pid 5113] +++ exited with 0 +++ [pid 5095] <... unlink resumed>) = 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5092] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, [pid 5095] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 85.470096][ T5116] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.487471][ T5116] REISERFS (device loop0): checking transaction log (loop0) [pid 5092] lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./1/binderfs") = 0 [pid 5092] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5092] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] <... mount resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 85.634745][ T5110] REISERFS (device loop1): Using r5 hash to sort names [ 85.656154][ T5110] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 85.666160][ T5115] REISERFS (device loop3): Using r5 hash to sort names [pid 5110] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] lstat("./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5110] <... openat resumed>) = 3 [pid 5110] chdir("./file1" [pid 5092] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5110] <... chdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5110] ioctl(4, LOOP_CLR_FD [pid 5092] <... openat resumed>) = 4 [pid 5110] <... ioctl resumed>) = 0 [pid 5110] close(4 [pid 5092] fstat(4, [pid 5110] <... close resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5110] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] getdents64(4, [pid 5110] <... openat resumed>) = 4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5110] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] getdents64(4, [pid 5110] <... mmap resumed>) = 0x20000000 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5110] ioctl(4, FS_IOC_GETVERSION [pid 5092] close(4) = 0 [pid 5110] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] rmdir("./1/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5110] exit_group(0 [pid 5092] <... close resumed>) = 0 [pid 5110] <... exit_group resumed>) = ? [pid 5092] rmdir("./1" [pid 5115] <... mount resumed>) = 0 [pid 5115] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5115] chdir("./file1") = 0 [pid 5115] ioctl(4, LOOP_CLR_FD [pid 5092] <... rmdir resumed>) = 0 [pid 5115] <... ioctl resumed>) = 0 [pid 5115] close(4) = 0 [pid 5115] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] mkdir("./2", 0777 [pid 5110] +++ exited with 0 +++ [pid 5092] <... mkdir resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5115] <... openat resumed>) = 4 [pid 5092] <... openat resumed>) = 3 [pid 5091] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5115] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] <... openat resumed>) = 3 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] fstat(3, [pid 5115] <... mmap resumed>) = 0x20000000 [pid 5092] close(3 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 85.678177][ T5115] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 85.682225][ T5112] REISERFS (device loop4): Using r5 hash to sort names [pid 5115] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... close resumed>) = 0 [pid 5091] getdents64(3, [pid 5115] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5115] exit_group(0) = ? [pid 5115] +++ exited with 0 +++ [pid 5091] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} --- [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5123 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./1/binderfs", ./strace-static-x86_64: Process 5123 attached [pid 5112] <... mount resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5123] chdir("./2" [pid 5112] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] unlink("./1/binderfs" [pid 5123] <... chdir resumed>) = 0 [pid 5112] <... openat resumed>) = 3 [pid 5091] <... unlink resumed>) = 0 [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5112] chdir("./file1" [pid 5123] <... prctl resumed>) = 0 [pid 5112] <... chdir resumed>) = 0 [pid 5093] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] setpgid(0, 0 [pid 5112] ioctl(4, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5123] <... setpgid resumed>) = 0 [pid 5116] <... mount resumed>) = 0 [pid 5112] <... ioctl resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5116] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5112] close(4 [pid 5093] <... openat resumed>) = 3 [pid 5123] <... openat resumed>) = 3 [pid 5123] write(3, "1000", 4 [pid 5116] <... openat resumed>) = 3 [pid 5112] <... close resumed>) = 0 [pid 5093] fstat(3, [pid 5112] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5123] <... write resumed>) = 4 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5112] <... openat resumed>) = 4 [pid 5093] getdents64(3, [pid 5123] close(3) = 0 [pid 5112] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5116] chdir("./file1" [pid 5123] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5116] <... chdir resumed>) = 0 [pid 5112] <... mmap resumed>) = 0x20000000 [pid 5093] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] memfd_create("syzkaller", 0 [pid 5116] ioctl(4, LOOP_CLR_FD [pid 5112] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5123] <... memfd_create resumed>) = 3 [pid 5093] lstat("./1/binderfs", [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5116] <... ioctl resumed>) = 0 [pid 5112] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5123] <... mmap resumed>) = 0x7f12a0a40000 [pid 5116] close(4 [pid 5112] exit_group(0 [pid 5093] unlink("./1/binderfs" [pid 5112] <... exit_group resumed>) = ? [pid 5093] <... unlink resumed>) = 0 [pid 5112] +++ exited with 0 +++ [pid 5093] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5116] <... close resumed>) = 0 [pid 5116] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 85.760934][ T5112] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 85.783098][ T5116] REISERFS (device loop0): Using r5 hash to sort names [ 85.790394][ T5116] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5116] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5116] <... mmap resumed>) = 0x20000000 [pid 5094] fstat(3, [pid 5116] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5116] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] <... umount2 resumed>) = 0 [pid 5094] getdents64(3, [pid 5095] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5116] exit_group(0 [pid 5094] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5116] <... exit_group resumed>) = ? [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./1/file1", [pid 5094] lstat("./1/binderfs", [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] unlink("./1/binderfs" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... unlink resumed>) = 0 [pid 5094] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... openat resumed>) = 4 [pid 5095] fstat(4, [pid 5116] +++ exited with 0 +++ [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5095] getdents64(4, [pid 5090] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] close(4 [pid 5090] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5095] rmdir("./1/file1" [pid 5090] fstat(3, [pid 5095] <... rmdir resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, [pid 5090] getdents64(3, [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] close(3 [pid 5090] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... close resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] rmdir("./1" [pid 5090] lstat("./1/binderfs", [pid 5095] <... rmdir resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] mkdir("./2", 0777 [pid 5090] unlink("./1/binderfs" [pid 5095] <... mkdir resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5090] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... openat resumed>) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5124 ./strace-static-x86_64: Process 5124 attached [pid 5124] chdir("./2") = 0 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5124] setpgid(0, 0) = 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5124] write(3, "1000", 4) = 4 [pid 5124] close(3) = 0 [pid 5124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5124] memfd_create("syzkaller", 0) = 3 [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./1/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./1") = 0 [pid 5091] mkdir("./2", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5126 [pid 5093] lstat("./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5126 attached [pid 5126] chdir("./2" [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5126] <... chdir resumed>) = 0 [pid 5093] fstat(4, [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5126] <... prctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5093] getdents64(4, [pid 5126] setpgid(0, 0 [pid 5094] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5126] <... setpgid resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] getdents64(4, [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5126] <... openat resumed>) = 3 [pid 5123] <... write resumed>) = 4194304 [pid 5094] lstat("./1/file1", [pid 5093] close(4 [pid 5126] write(3, "1000", 4 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... close resumed>) = 0 [pid 5123] munmap(0x7f12a0a40000, 4194304 [pid 5126] <... write resumed>) = 4 [pid 5094] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] rmdir("./1/file1" [pid 5126] close(3 [pid 5123] <... munmap resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5126] <... close resumed>) = 0 [pid 5123] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... rmdir resumed>) = 0 [pid 5126] symlink("/dev/binderfs", "./binderfs" [pid 5123] <... openat resumed>) = 4 [pid 5094] <... openat resumed>) = 4 [pid 5093] getdents64(3, [pid 5126] <... symlink resumed>) = 0 [pid 5123] ioctl(4, LOOP_SET_FD, 3 [pid 5094] fstat(4, [pid 5090] <... umount2 resumed>) = 0 [pid 5126] memfd_create("syzkaller", 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5126] <... memfd_create resumed>) = 3 [pid 5094] getdents64(4, [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5126] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] getdents64(4, [pid 5123] <... ioctl resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5090] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] close(3 [pid 5094] close(4 [pid 5123] <... close resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5123] mkdir("./file1", 0777 [pid 5094] rmdir("./1/file1" [pid 5093] rmdir("./1" [pid 5090] lstat("./1/file1", [pid 5123] <... mkdir resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5123] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] getdents64(3, [pid 5093] <... rmdir resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] mkdir("./2", 0777 [pid 5090] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(3) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] rmdir("./1" [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... rmdir resumed>) = 0 [pid 5094] mkdir("./2", 0777 [pid 5093] <... openat resumed>) = 3 [pid 5090] <... openat resumed>) = 4 [ 86.201581][ T5123] loop2: detected capacity change from 0 to 8192 [pid 5094] <... mkdir resumed>) = 0 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5090] fstat(4, [pid 5124] <... write resumed>) = 4194304 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5124] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... openat resumed>) = 3 [pid 5093] close(3 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5124] <... munmap resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5093] <... close resumed>) = 0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5124] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] close(3 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] getdents64(4, [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5124] <... openat resumed>) = 4 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5124] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5129 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5128 [pid 5090] getdents64(4, ./strace-static-x86_64: Process 5129 attached [pid 5129] chdir("./2") = 0 [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5129] setpgid(0, 0) = 0 [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5129] write(3, "1000", 4 [pid 5090] close(4./strace-static-x86_64: Process 5128 attached [pid 5129] <... write resumed>) = 4 [pid 5124] <... ioctl resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5129] close(3 [pid 5090] rmdir("./1/file1" [pid 5129] <... close resumed>) = 0 [pid 5128] chdir("./2" [pid 5124] close(3 [pid 5129] symlink("/dev/binderfs", "./binderfs" [pid 5128] <... chdir resumed>) = 0 [pid 5124] <... close resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5129] <... symlink resumed>) = 0 [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5124] mkdir("./file1", 0777 [pid 5090] getdents64(3, [pid 5129] memfd_create("syzkaller", 0 [pid 5128] <... prctl resumed>) = 0 [pid 5124] <... mkdir resumed>) = 0 [pid 5129] <... memfd_create resumed>) = 3 [pid 5128] setpgid(0, 0 [pid 5124] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5128] <... setpgid resumed>) = 0 [pid 5129] <... mmap resumed>) = 0x7f12a0a40000 [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] close(3 [pid 5128] <... openat resumed>) = 3 [pid 5128] write(3, "1000", 4 [pid 5090] <... close resumed>) = 0 [pid 5128] <... write resumed>) = 4 [ 86.251436][ T5123] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.279541][ T5124] loop5: detected capacity change from 0 to 8192 [ 86.290361][ T5123] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5090] rmdir("./1" [pid 5128] close(3 [pid 5090] <... rmdir resumed>) = 0 [pid 5128] <... close resumed>) = 0 [pid 5128] symlink("/dev/binderfs", "./binderfs" [pid 5090] mkdir("./2", 0777 [pid 5128] <... symlink resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5128] memfd_create("syzkaller", 0) = 3 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [ 86.339540][ T5124] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.352898][ T5123] REISERFS (device loop2): using ordered data mode [ 86.359438][ T5123] reiserfs: using flush barriers [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5126] <... write resumed>) = 4194304 [pid 5126] munmap(0x7f12a0a40000, 4194304 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5131 [pid 5126] <... munmap resumed>) = 0 [pid 5126] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5126] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5131 attached [pid 5131] chdir("./2") = 0 [ 86.383802][ T5124] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 86.398331][ T5126] loop1: detected capacity change from 0 to 8192 [ 86.411332][ T5124] REISERFS (device loop5): using ordered data mode [ 86.418070][ T5124] reiserfs: using flush barriers [pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5126] <... ioctl resumed>) = 0 [pid 5131] <... prctl resumed>) = 0 [pid 5131] setpgid(0, 0) = 0 [pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5131] write(3, "1000", 4) = 4 [pid 5131] close(3) = 0 [pid 5131] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5131] memfd_create("syzkaller", 0) = 3 [pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5126] close(3) = 0 [pid 5126] mkdir("./file1", 0777) = 0 [ 86.425448][ T5124] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.438967][ T5123] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.488490][ T5126] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.503636][ T5124] REISERFS (device loop5): checking transaction log (loop5) [ 86.511688][ T5123] REISERFS (device loop2): checking transaction log (loop2) [pid 5126] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5129] <... write resumed>) = 4194304 [pid 5128] <... write resumed>) = 4194304 [pid 5129] munmap(0x7f12a0a40000, 4194304) = 0 [ 86.562187][ T5126] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5129] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5129] ioctl(4, LOOP_SET_FD, 3 [pid 5128] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5128] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5128] ioctl(4, LOOP_SET_FD, 3 [pid 5124] <... mount resumed>) = 0 [pid 5129] <... ioctl resumed>) = 0 [pid 5129] close(3) = 0 [pid 5129] mkdir("./file1", 0777 [pid 5124] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5129] <... mkdir resumed>) = 0 [pid 5124] <... openat resumed>) = 3 [pid 5124] chdir("./file1" [ 86.616242][ T5126] REISERFS (device loop1): using ordered data mode [ 86.624165][ T5129] loop4: detected capacity change from 0 to 8192 [ 86.628928][ T5124] REISERFS (device loop5): Using r5 hash to sort names [ 86.634116][ T5128] loop3: detected capacity change from 0 to 8192 [ 86.639094][ T5124] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 86.654396][ T5126] reiserfs: using flush barriers [pid 5129] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5124] <... chdir resumed>) = 0 [pid 5128] <... ioctl resumed>) = 0 [pid 5128] close(3 [pid 5124] ioctl(4, LOOP_CLR_FD [pid 5128] <... close resumed>) = 0 [pid 5124] <... ioctl resumed>) = 0 [pid 5128] mkdir("./file1", 0777 [pid 5124] close(4 [pid 5128] <... mkdir resumed>) = 0 [pid 5124] <... close resumed>) = 0 [pid 5124] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5128] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5124] <... openat resumed>) = 4 [pid 5124] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5124] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5124] exit_group(0) = ? [pid 5124] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [ 86.667399][ T5126] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5095] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5095] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 86.711393][ T5128] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.734170][ T5126] REISERFS (device loop1): checking transaction log (loop1) [ 86.741970][ T5129] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5131] <... write resumed>) = 4194304 [pid 5095] unlink("./2/binderfs" [pid 5131] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... unlink resumed>) = 0 [pid 5131] <... munmap resumed>) = 0 [pid 5095] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5131] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 86.747151][ T5128] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 86.764610][ T5128] REISERFS (device loop3): using ordered data mode [ 86.790718][ T5128] reiserfs: using flush barriers [pid 5131] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5131] close(3) = 0 [pid 5131] mkdir("./file1", 0777) = 0 [ 86.802044][ T5128] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.819501][ T5131] loop0: detected capacity change from 0 to 8192 [ 86.824088][ T5129] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 86.826854][ T5128] REISERFS (device loop3): checking transaction log (loop3) [ 86.861433][ T5129] REISERFS (device loop4): using ordered data mode [ 86.868203][ T5129] reiserfs: using flush barriers [ 86.868791][ T5131] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5131] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 86.896561][ T5129] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5095] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./2/file1") = 0 [ 86.988004][ T5131] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.991296][ T5123] REISERFS (device loop2): Using r5 hash to sort names [ 86.998656][ T5131] REISERFS (device loop0): using ordered data mode [ 87.006361][ T5129] REISERFS (device loop4): checking transaction log (loop4) [ 87.012149][ T5131] reiserfs: using flush barriers [ 87.023487][ T5128] REISERFS (device loop3): Using r5 hash to sort names [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./2") = 0 [pid 5128] <... mount resumed>) = 0 [pid 5123] <... mount resumed>) = 0 [pid 5095] mkdir("./3", 0777 [pid 5128] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5123] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... mkdir resumed>) = 0 [pid 5128] <... openat resumed>) = 3 [pid 5123] <... openat resumed>) = 3 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5128] chdir("./file1" [pid 5123] chdir("./file1" [pid 5095] <... openat resumed>) = 3 [pid 5128] <... chdir resumed>) = 0 [pid 5123] <... chdir resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5128] ioctl(4, LOOP_CLR_FD [pid 5123] ioctl(4, LOOP_CLR_FD [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5128] <... ioctl resumed>) = 0 [pid 5123] <... ioctl resumed>) = 0 [pid 5095] close(3 [ 87.030839][ T5128] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 87.045262][ T5123] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 87.046290][ T5131] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.075610][ T5131] REISERFS (device loop0): checking transaction log (loop0) [pid 5128] close(4 [pid 5123] close(4 [pid 5095] <... close resumed>) = 0 [pid 5128] <... close resumed>) = 0 [pid 5123] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5128] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5123] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5128] <... openat resumed>) = 4 [pid 5123] <... openat resumed>) = 4 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5136 [pid 5128] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5123] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0./strace-static-x86_64: Process 5136 attached [pid 5128] <... mmap resumed>) = 0x20000000 [pid 5123] <... mmap resumed>) = 0x20000000 [pid 5128] ioctl(4, FS_IOC_GETVERSION [pid 5123] ioctl(4, FS_IOC_GETVERSION [pid 5128] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5123] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5128] exit_group(0 [pid 5123] exit_group(0 [pid 5136] chdir("./3" [pid 5128] <... exit_group resumed>) = ? [pid 5123] <... exit_group resumed>) = ? [pid 5128] +++ exited with 0 +++ [pid 5123] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5136] <... chdir resumed>) = 0 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5092] <... restart_syscall resumed>) = 0 [ 87.121208][ T5126] REISERFS (device loop1): Using r5 hash to sort names [pid 5093] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] fstat(3, [pid 5092] fstat(3, [pid 5126] <... mount resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5126] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5136] <... prctl resumed>) = 0 [pid 5093] getdents64(3, [pid 5092] getdents64(3, [pid 5136] setpgid(0, 0 [pid 5126] <... openat resumed>) = 3 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5136] <... setpgid resumed>) = 0 [pid 5126] chdir("./file1" [pid 5093] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5126] <... chdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5136] <... openat resumed>) = 3 [pid 5126] ioctl(4, LOOP_CLR_FD [pid 5093] lstat("./2/binderfs", [pid 5092] lstat("./2/binderfs", [pid 5136] write(3, "1000", 4 [pid 5126] <... ioctl resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5136] <... write resumed>) = 4 [pid 5126] close(4 [pid 5093] unlink("./2/binderfs" [pid 5092] unlink("./2/binderfs" [pid 5136] close(3 [pid 5126] <... close resumed>) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5136] <... close resumed>) = 0 [pid 5126] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] symlink("/dev/binderfs", "./binderfs" [pid 5126] <... openat resumed>) = 4 [pid 5136] <... symlink resumed>) = 0 [ 87.171485][ T5126] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5126] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5136] memfd_create("syzkaller", 0 [pid 5126] <... mmap resumed>) = 0x20000000 [pid 5136] <... memfd_create resumed>) = 3 [pid 5126] ioctl(4, FS_IOC_GETVERSION [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5126] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5136] <... mmap resumed>) = 0x7f12a0a40000 [pid 5126] exit_group(0) = ? [pid 5126] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5091] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./2/binderfs") = 0 [pid 5091] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 87.303908][ T5131] REISERFS (device loop0): Using r5 hash to sort names [ 87.327543][ T5129] REISERFS (device loop4): Using r5 hash to sort names [pid 5093] lstat("./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5129] <... mount resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5129] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5093] <... openat resumed>) = 4 [pid 5129] chdir("./file1" [pid 5093] fstat(4, [pid 5129] <... chdir resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5129] ioctl(4, LOOP_CLR_FD [pid 5093] getdents64(4, [pid 5129] <... ioctl resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5129] close(4 [pid 5093] getdents64(4, [pid 5129] <... close resumed>) = 0 [pid 5131] <... mount resumed>) = 0 [ 87.362291][ T5131] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 87.362500][ T5129] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5131] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5131] chdir("./file1") = 0 [pid 5131] ioctl(4, LOOP_CLR_FD) = 0 [pid 5131] close(4) = 0 [pid 5131] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5129] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5131] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5129] <... openat resumed>) = 4 [pid 5093] close(4 [pid 5131] <... mmap resumed>) = 0x20000000 [pid 5129] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... close resumed>) = 0 [pid 5131] ioctl(4, FS_IOC_GETVERSION [pid 5129] <... mmap resumed>) = 0x20000000 [pid 5093] rmdir("./2/file1" [pid 5131] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5129] ioctl(4, FS_IOC_GETVERSION [pid 5131] exit_group(0 [pid 5129] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... rmdir resumed>) = 0 [pid 5131] <... exit_group resumed>) = ? [pid 5129] exit_group(0 [pid 5093] getdents64(3, [pid 5131] +++ exited with 0 +++ [pid 5129] <... exit_group resumed>) = ? [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5129] +++ exited with 0 +++ [pid 5093] close(3 [pid 5090] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... close resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5093] rmdir("./2" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... rmdir resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5094] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] mkdir("./3", 0777 [pid 5090] fstat(3, [pid 5094] <... openat resumed>) = 3 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] fstat(3, [pid 5093] <... mkdir resumed>) = 0 [pid 5090] getdents64(3, [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] getdents64(3, [pid 5093] <... openat resumed>) = 3 [pid 5090] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] lstat("./2/binderfs", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] close(3 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] lstat("./2/binderfs", [pid 5093] <... close resumed>) = 0 [pid 5090] unlink("./2/binderfs" [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... unlink resumed>) = 0 [pid 5094] unlink("./2/binderfs" [pid 5090] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... unlink resumed>) = 0 [pid 5094] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5137 ./strace-static-x86_64: Process 5137 attached [pid 5137] chdir("./3") = 0 [pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5137] setpgid(0, 0) = 0 [pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5137] write(3, "1000", 4) = 4 [pid 5137] close(3) = 0 [pid 5137] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5137] memfd_create("syzkaller", 0) = 3 [pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5136] <... write resumed>) = 4194304 [pid 5136] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5136] close(3) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5136] mkdir("./file1", 0777 [pid 5091] <... umount2 resumed>) = 0 [pid 5092] lstat("./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, [pid 5136] <... mkdir resumed>) = 0 [pid 5136] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5091] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 87.612104][ T5136] loop5: detected capacity change from 0 to 8192 [pid 5091] lstat("./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5092] getdents64(4, [pid 5091] fstat(4, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./2/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./2") = 0 [pid 5091] getdents64(4, [pid 5137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] mkdir("./3", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5139 ./strace-static-x86_64: Process 5139 attached [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5139] chdir("./3") = 0 [pid 5139] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5139] setpgid(0, 0) = 0 [pid 5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5091] getdents64(4, [pid 5139] write(3, "1000", 4 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5139] <... write resumed>) = 4 [pid 5091] close(4 [pid 5139] close(3) = 0 [pid 5091] <... close resumed>) = 0 [pid 5139] symlink("/dev/binderfs", "./binderfs" [pid 5091] rmdir("./2/file1" [pid 5139] <... symlink resumed>) = 0 [pid 5139] memfd_create("syzkaller", 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5139] <... memfd_create resumed>) = 3 [pid 5091] getdents64(3, [pid 5139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./2") = 0 [ 87.676579][ T5136] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.701305][ T5136] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5091] mkdir("./3", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5140 ./strace-static-x86_64: Process 5140 attached [pid 5140] chdir("./3") = 0 [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 87.772314][ T5136] REISERFS (device loop5): using ordered data mode [ 87.783633][ T5136] reiserfs: using flush barriers [ 87.790047][ T5136] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5140] setpgid(0, 0) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5140] write(3, "1000", 4) = 4 [pid 5140] close(3) = 0 [pid 5140] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5140] memfd_create("syzkaller", 0) = 3 [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5137] <... write resumed>) = 4194304 [pid 5090] close(4 [pid 5137] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5137] <... munmap resumed>) = 0 [pid 5094] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] rmdir("./2/file1" [pid 5137] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... rmdir resumed>) = 0 [pid 5137] ioctl(4, LOOP_SET_FD, 3 [pid 5094] lstat("./2/file1", [pid 5090] getdents64(3, [pid 5139] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5137] <... ioctl resumed>) = 0 [pid 5094] fstat(4, [pid 5090] close(3 [pid 5137] close(3 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5137] <... close resumed>) = 0 [pid 5094] getdents64(4, [pid 5090] <... close resumed>) = 0 [pid 5137] mkdir("./file1", 0777 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] rmdir("./2" [pid 5094] getdents64(4, [pid 5137] <... mkdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5137] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] close(4 [pid 5090] mkdir("./3", 0777 [pid 5094] <... close resumed>) = 0 [ 87.893843][ T5136] REISERFS (device loop5): checking transaction log (loop5) [ 87.927926][ T5137] loop3: detected capacity change from 0 to 8192 [pid 5094] rmdir("./2/file1" [pid 5090] <... mkdir resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./2") = 0 [pid 5094] mkdir("./3", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] <... openat resumed>) = 3 [pid 5094] close(3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] close(3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5142 [pid 5090] <... close resumed>) = 0 ./strace-static-x86_64: Process 5142 attached [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5142] chdir("./3") = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5143 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5142] setpgid(0, 0) = 0 [ 87.962519][ T5137] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5143 attached ) = 3 [pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5143] chdir("./3" [pid 5142] write(3, "1000", 4 [pid 5143] <... chdir resumed>) = 0 [pid 5142] <... write resumed>) = 4 [pid 5139] <... write resumed>) = 4194304 [pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5142] close(3 [pid 5139] munmap(0x7f12a0a40000, 4194304 [pid 5143] setpgid(0, 0) = 0 [ 88.024261][ T5137] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 88.053741][ T5137] REISERFS (device loop3): using ordered data mode [ 88.060444][ T5137] reiserfs: using flush barriers [pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5143] write(3, "1000", 4) = 4 [pid 5143] close(3 [pid 5142] <... close resumed>) = 0 [pid 5139] <... munmap resumed>) = 0 [pid 5143] <... close resumed>) = 0 [pid 5142] symlink("/dev/binderfs", "./binderfs" [pid 5139] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5143] symlink("/dev/binderfs", "./binderfs" [pid 5142] <... symlink resumed>) = 0 [pid 5139] <... openat resumed>) = 4 [pid 5143] <... symlink resumed>) = 0 [pid 5142] memfd_create("syzkaller", 0 [pid 5139] ioctl(4, LOOP_SET_FD, 3 [pid 5143] memfd_create("syzkaller", 0 [pid 5142] <... memfd_create resumed>) = 3 [pid 5139] <... ioctl resumed>) = 0 [pid 5143] <... memfd_create resumed>) = 3 [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5139] close(3 [pid 5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5142] <... mmap resumed>) = 0x7f12a0a40000 [pid 5139] <... close resumed>) = 0 [pid 5143] <... mmap resumed>) = 0x7f12a0a40000 [ 88.066945][ T5137] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.083685][ T5137] REISERFS (device loop3): checking transaction log (loop3) [ 88.103606][ T5139] loop2: detected capacity change from 0 to 8192 [pid 5139] mkdir("./file1", 0777 [pid 5140] <... write resumed>) = 4194304 [pid 5139] <... mkdir resumed>) = 0 [pid 5140] munmap(0x7f12a0a40000, 4194304 [pid 5139] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5140] <... munmap resumed>) = 0 [pid 5140] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5140] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5140] close(3) = 0 [pid 5140] mkdir("./file1", 0777 [pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5140] <... mkdir resumed>) = 0 [ 88.173166][ T5139] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.188738][ T5140] loop1: detected capacity change from 0 to 8192 [pid 5140] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 88.230194][ T5140] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.262723][ T5136] REISERFS (device loop5): Using r5 hash to sort names [ 88.270356][ T5136] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5143] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5136] <... mount resumed>) = 0 [pid 5136] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5136] chdir("./file1") = 0 [pid 5136] ioctl(4, LOOP_CLR_FD) = 0 [pid 5136] close(4) = 0 [pid 5136] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5136] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5136] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5136] exit_group(0) = ? [pid 5136] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5095] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 88.271487][ T5139] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 88.281357][ T5140] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 88.297903][ T5137] REISERFS (device loop3): Using r5 hash to sort names [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5143] <... write resumed>) = 4194304 [pid 5095] getdents64(3, [pid 5143] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [ 88.326174][ T5137] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 88.329046][ T5139] REISERFS (device loop2): using ordered data mode [ 88.342134][ T5139] reiserfs: using flush barriers [ 88.351418][ T5139] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.365853][ T5140] REISERFS (device loop1): using ordered data mode [pid 5143] <... munmap resumed>) = 0 [pid 5095] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5143] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5143] <... openat resumed>) = 4 [pid 5095] lstat("./3/binderfs", [pid 5143] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5137] <... mount resumed>) = 0 [pid 5143] <... ioctl resumed>) = 0 [pid 5142] <... write resumed>) = 4194304 [pid 5095] unlink("./3/binderfs" [pid 5143] close(3 [pid 5137] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5143] <... close resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5143] mkdir("./file1", 0777 [pid 5137] <... openat resumed>) = 3 [pid 5095] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5143] <... mkdir resumed>) = 0 [pid 5137] chdir("./file1" [pid 5143] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5137] <... chdir resumed>) = 0 [pid 5137] ioctl(4, LOOP_CLR_FD) = 0 [ 88.374867][ T5140] reiserfs: using flush barriers [ 88.387503][ T5139] REISERFS (device loop2): checking transaction log (loop2) [ 88.393668][ T5140] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.400265][ T5143] loop0: detected capacity change from 0 to 8192 [pid 5137] close(4) = 0 [pid 5137] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5142] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5137] <... openat resumed>) = 4 [pid 5137] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5142] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5142] ioctl(4, LOOP_SET_FD, 3 [pid 5137] <... mmap resumed>) = 0x20000000 [pid 5137] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 88.433753][ T5140] REISERFS (device loop1): checking transaction log (loop1) [ 88.457407][ T5143] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.459453][ T5142] loop4: detected capacity change from 0 to 8192 [pid 5137] exit_group(0) = ? [pid 5137] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5093] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./3/binderfs") = 0 [ 88.489382][ T5143] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5093] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] <... ioctl resumed>) = 0 [pid 5142] close(3) = 0 [pid 5142] mkdir("./file1", 0777) = 0 [ 88.531416][ T5143] REISERFS (device loop0): using ordered data mode [ 88.537985][ T5143] reiserfs: using flush barriers [ 88.564470][ T5142] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.585534][ T5142] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 88.594870][ T5143] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.615029][ T5142] REISERFS (device loop4): using ordered data mode [ 88.623720][ T5143] REISERFS (device loop0): checking transaction log (loop0) [ 88.632735][ T5142] reiserfs: using flush barriers [pid 5142] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 88.659111][ T5139] REISERFS (device loop2): Using r5 hash to sort names [ 88.663643][ T5142] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.694158][ T5139] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5139] <... mount resumed>) = 0 [pid 5095] close(4 [pid 5139] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./3/file1" [pid 5139] <... openat resumed>) = 3 [pid 5139] chdir("./file1" [pid 5095] <... rmdir resumed>) = 0 [pid 5139] <... chdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5139] ioctl(4, LOOP_CLR_FD) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5139] close(4 [pid 5095] close(3 [pid 5139] <... close resumed>) = 0 [pid 5139] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] <... close resumed>) = 0 [pid 5139] <... openat resumed>) = 4 [pid 5095] rmdir("./3" [pid 5139] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5139] <... mmap resumed>) = 0x20000000 [pid 5095] mkdir("./4", 0777 [pid 5139] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5095] <... mkdir resumed>) = 0 [pid 5139] exit_group(0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5139] <... exit_group resumed>) = ? [pid 5095] <... openat resumed>) = 3 [pid 5139] +++ exited with 0 +++ [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5095] close(3 [pid 5140] <... mount resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5140] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 88.753043][ T5140] REISERFS (device loop1): Using r5 hash to sort names [ 88.764519][ T5142] REISERFS (device loop4): checking transaction log (loop4) [ 88.766467][ T5140] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5140] <... openat resumed>) = 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5148 attached [pid 5140] chdir("./file1" [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5148 [pid 5093] lstat("./3/file1", [pid 5092] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5148] chdir("./4" [pid 5140] <... chdir resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5148] <... chdir resumed>) = 0 [pid 5140] ioctl(4, LOOP_CLR_FD [pid 5093] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5140] <... ioctl resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... openat resumed>) = 3 [pid 5148] <... prctl resumed>) = 0 [pid 5140] close(4 [pid 5093] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] fstat(3, [pid 5148] setpgid(0, 0 [pid 5140] <... close resumed>) = 0 [pid 5093] <... openat resumed>) = 4 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5148] <... setpgid resumed>) = 0 [pid 5140] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] fstat(4, [pid 5092] getdents64(3, [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5148] <... openat resumed>) = 3 [pid 5140] <... openat resumed>) = 4 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5148] write(3, "1000", 4 [pid 5140] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5148] <... write resumed>) = 4 [pid 5140] <... mmap resumed>) = 0x20000000 [pid 5093] getdents64(4, [pid 5092] lstat("./3/binderfs", [pid 5148] close(3 [pid 5140] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5148] <... close resumed>) = 0 [pid 5140] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] getdents64(4, [pid 5092] unlink("./3/binderfs" [pid 5148] symlink("/dev/binderfs", "./binderfs" [pid 5140] exit_group(0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5148] <... symlink resumed>) = 0 [pid 5140] <... exit_group resumed>) = ? [pid 5093] close(4 [pid 5092] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5148] memfd_create("syzkaller", 0 [pid 5140] +++ exited with 0 +++ [pid 5148] <... memfd_create resumed>) = 3 [pid 5093] <... close resumed>) = 0 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] rmdir("./3/file1" [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5148] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5093] <... rmdir resumed>) = 0 [pid 5091] <... restart_syscall resumed>) = 0 [pid 5091] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./3/binderfs" [pid 5093] getdents64(3, [pid 5091] <... unlink resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] close(3) = 0 [pid 5093] rmdir("./3") = 0 [pid 5093] mkdir("./4", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5149 ./strace-static-x86_64: Process 5149 attached [pid 5149] chdir("./4") = 0 [pid 5149] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5149] setpgid(0, 0) = 0 [ 88.952378][ T5142] REISERFS (device loop4): Using r5 hash to sort names [ 88.973591][ T5142] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5149] write(3, "1000", 4) = 4 [pid 5149] close(3) = 0 [pid 5149] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5149] memfd_create("syzkaller", 0) = 3 [pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5143] <... mount resumed>) = 0 [pid 5143] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5143] chdir("./file1") = 0 [pid 5142] <... mount resumed>) = 0 [pid 5142] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5142] chdir("./file1" [pid 5143] ioctl(4, LOOP_CLR_FD [pid 5142] <... chdir resumed>) = 0 [pid 5142] ioctl(4, LOOP_CLR_FD) = 0 [pid 5143] <... ioctl resumed>) = 0 [ 89.003498][ T5143] REISERFS (device loop0): Using r5 hash to sort names [ 89.010875][ T5143] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5143] close(4 [pid 5142] close(4 [pid 5143] <... close resumed>) = 0 [pid 5142] <... close resumed>) = 0 [pid 5143] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5143] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5143] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5143] exit_group(0) = ? [pid 5143] +++ exited with 0 +++ [pid 5142] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5142] <... openat resumed>) = 4 [pid 5090] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5142] <... mmap resumed>) = 0x20000000 [pid 5090] <... openat resumed>) = 3 [pid 5142] ioctl(4, FS_IOC_GETVERSION [pid 5090] fstat(3, [pid 5142] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5142] exit_group(0 [pid 5090] getdents64(3, [pid 5142] <... exit_group resumed>) = ? [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] +++ exited with 0 +++ [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5090] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./3/binderfs" [pid 5094] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... unlink resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./3/binderfs") = 0 [pid 5094] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./3/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./3") = 0 [pid 5092] mkdir("./4", 0777 [pid 5149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5150 ./strace-static-x86_64: Process 5150 attached [pid 5150] chdir("./4") = 0 [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5150] setpgid(0, 0) = 0 [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5150] write(3, "1000", 4) = 4 [pid 5150] close(3) = 0 [pid 5150] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5150] memfd_create("syzkaller", 0) = 3 [pid 5091] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./3/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./3") = 0 [pid 5091] mkdir("./4", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5151 [pid 5148] <... write resumed>) = 4194304 [pid 5148] munmap(0x7f12a0a40000, 4194304) = 0 ./strace-static-x86_64: Process 5151 attached [pid 5151] chdir("./4" [pid 5148] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5151] <... chdir resumed>) = 0 [pid 5148] <... openat resumed>) = 4 [pid 5151] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5148] ioctl(4, LOOP_SET_FD, 3 [pid 5151] <... prctl resumed>) = 0 [pid 5151] setpgid(0, 0) = 0 [pid 5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5151] write(3, "1000", 4) = 4 [pid 5151] close(3) = 0 [pid 5151] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5151] memfd_create("syzkaller", 0) = 3 [pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5148] <... ioctl resumed>) = 0 [pid 5148] close(3) = 0 [pid 5148] mkdir("./file1", 0777) = 0 [ 89.286492][ T5148] loop5: detected capacity change from 0 to 8192 [pid 5148] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5149] <... write resumed>) = 4194304 [pid 5090] <... umount2 resumed>) = 0 [pid 5151] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 89.347917][ T5148] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5149] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5149] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5149] ioctl(4, LOOP_SET_FD, 3 [pid 5090] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5151] <... write resumed>) = 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./3/file1", [pid 5094] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] lstat("./3/file1", [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] fstat(4, [pid 5094] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5090] getdents64(4, [pid 5094] fstat(4, [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, [pid 5094] getdents64(4, [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] close(4 [pid 5094] getdents64(4, [pid 5090] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] rmdir("./3/file1" [pid 5094] close(4 [pid 5090] <... rmdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5090] getdents64(3, [pid 5094] rmdir("./3/file1" [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5151] munmap(0x7f12a0a40000, 4194304 [pid 5149] <... ioctl resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5090] close(3 [pid 5149] close(3 [pid 5094] getdents64(3, [pid 5090] <... close resumed>) = 0 [pid 5149] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] rmdir("./3" [pid 5149] mkdir("./file1", 0777 [pid 5094] close(3 [pid 5090] <... rmdir resumed>) = 0 [pid 5149] <... mkdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5090] mkdir("./4", 0777 [pid 5149] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] rmdir("./3" [pid 5090] <... mkdir resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5151] <... munmap resumed>) = 0 [pid 5094] mkdir("./4", 0777 [pid 5090] <... openat resumed>) = 3 [pid 5094] <... mkdir resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5151] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5151] <... openat resumed>) = 4 [pid 5094] <... openat resumed>) = 3 [pid 5090] close(3 [pid 5151] ioctl(4, LOOP_SET_FD, 3 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5090] <... close resumed>) = 0 [pid 5151] <... ioctl resumed>) = 0 [ 89.420038][ T5149] loop3: detected capacity change from 0 to 8192 [ 89.429594][ T5148] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 89.441653][ T5148] REISERFS (device loop5): using ordered data mode [ 89.450519][ T5148] reiserfs: using flush barriers [ 89.462192][ T5151] loop1: detected capacity change from 0 to 8192 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5151] close(3) = 0 [pid 5151] mkdir("./file1", 0777) = 0 [pid 5151] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] close(3) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5155 ./strace-static-x86_64: Process 5155 attached [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5156 [pid 5155] chdir("./4"./strace-static-x86_64: Process 5156 attached [pid 5156] chdir("./4") = 0 [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5156] setpgid(0, 0) = 0 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 89.470897][ T5148] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.471639][ T5149] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.494496][ T5148] REISERFS (device loop5): checking transaction log (loop5) [pid 5156] write(3, "1000", 4) = 4 [pid 5156] close(3) = 0 [pid 5156] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5156] memfd_create("syzkaller", 0) = 3 [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5155] <... chdir resumed>) = 0 [pid 5156] <... mmap resumed>) = 0x7f12a0a40000 [pid 5155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5155] setpgid(0, 0) = 0 [pid 5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5155] write(3, "1000", 4) = 4 [pid 5155] close(3) = 0 [pid 5155] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5155] memfd_create("syzkaller", 0) = 3 [pid 5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 89.512274][ T5151] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.525660][ T5149] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 89.525754][ T5149] REISERFS (device loop3): using ordered data mode [ 89.578973][ T5149] reiserfs: using flush barriers [pid 5155] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5150] <... write resumed>) = 4194304 [pid 5150] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5150] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 89.622534][ T5151] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 89.631951][ T5149] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.648871][ T5151] REISERFS (device loop1): using ordered data mode [ 89.657151][ T5149] REISERFS (device loop3): checking transaction log (loop3) [ 89.662599][ T5150] loop2: detected capacity change from 0 to 8192 [pid 5150] ioctl(4, LOOP_SET_FD, 3 [pid 5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5150] <... ioctl resumed>) = 0 [pid 5150] close(3) = 0 [pid 5150] mkdir("./file1", 0777) = 0 [ 89.681904][ T5151] reiserfs: using flush barriers [ 89.699118][ T5151] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.727336][ T5150] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.761274][ T5150] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 89.769837][ T5151] REISERFS (device loop1): checking transaction log (loop1) [pid 5150] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5155] <... write resumed>) = 4194304 [pid 5155] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5155] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5155] ioctl(4, LOOP_SET_FD, 3 [pid 5156] <... write resumed>) = 4194304 [pid 5156] munmap(0x7f12a0a40000, 4194304 [pid 5155] <... ioctl resumed>) = 0 [ 89.780419][ T5150] REISERFS (device loop2): using ordered data mode [ 89.787855][ T5150] reiserfs: using flush barriers [ 89.789630][ T5155] loop0: detected capacity change from 0 to 8192 [ 89.801722][ T5150] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5156] <... munmap resumed>) = 0 [pid 5155] close(3 [pid 5156] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5155] <... close resumed>) = 0 [pid 5156] <... openat resumed>) = 4 [pid 5155] mkdir("./file1", 0777 [pid 5156] ioctl(4, LOOP_SET_FD, 3 [pid 5155] <... mkdir resumed>) = 0 [pid 5148] <... mount resumed>) = 0 [pid 5155] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5148] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5148] chdir("./file1") = 0 [pid 5148] ioctl(4, LOOP_CLR_FD) = 0 [pid 5148] close(4) = 0 [pid 5148] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5148] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5148] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5148] exit_group(0) = ? [pid 5148] +++ exited with 0 +++ [ 89.826196][ T5149] REISERFS (device loop3): Using r5 hash to sort names [ 89.834502][ T5148] REISERFS (device loop5): Using r5 hash to sort names [ 89.841898][ T5150] REISERFS (device loop2): checking transaction log (loop2) [ 89.849826][ T5148] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 89.851540][ T5149] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 89.869846][ T5156] loop4: detected capacity change from 0 to 8192 [pid 5156] <... ioctl resumed>) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5156] close(3 [pid 5095] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5156] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5156] mkdir("./file1", 0777 [pid 5095] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5156] <... mkdir resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5156] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./4/binderfs") = 0 [ 89.882646][ T5155] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.914947][ T5155] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5095] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5149] <... mount resumed>) = 0 [pid 5149] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5149] chdir("./file1") = 0 [pid 5149] ioctl(4, LOOP_CLR_FD) = 0 [pid 5149] close(4) = 0 [pid 5149] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5149] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5149] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5149] exit_group(0) = ? [pid 5149] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5149, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 89.929620][ T5156] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.970979][ T5155] REISERFS (device loop0): using ordered data mode [pid 5093] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [ 89.990439][ T5155] reiserfs: using flush barriers [ 89.994109][ T5156] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 90.010507][ T5156] REISERFS (device loop4): using ordered data mode [ 90.011727][ T5151] REISERFS (device loop1): Using r5 hash to sort names [ 90.017180][ T5156] reiserfs: using flush barriers [pid 5093] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./4/binderfs") = 0 [ 90.041106][ T5156] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.057545][ T5155] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.063446][ T5156] REISERFS (device loop4): checking transaction log (loop4) [ 90.079411][ T5151] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5151] <... mount resumed>) = 0 [pid 5151] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5151] chdir("./file1") = 0 [pid 5151] ioctl(4, LOOP_CLR_FD) = 0 [ 90.087313][ T5155] REISERFS (device loop0): checking transaction log (loop0) [pid 5151] close(4) = 0 [pid 5151] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5151] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5151] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5151] exit_group(0) = ? [pid 5151] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5151, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5091] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./4/binderfs") = 0 [ 90.213861][ T5150] REISERFS (device loop2): Using r5 hash to sort names [ 90.224865][ T5150] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5150] <... mount resumed>) = 0 [pid 5150] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5150] chdir("./file1") = 0 [pid 5150] ioctl(4, LOOP_CLR_FD) = 0 [pid 5150] close(4) = 0 [pid 5150] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5150] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5150] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5150] exit_group(0) = ? [pid 5150] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=13 /* 0.13 s */} --- [pid 5092] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./4/binderfs") = 0 [pid 5092] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 90.349102][ T5156] REISERFS (device loop4): Using r5 hash to sort names [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./4/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./4") = 0 [pid 5095] mkdir("./5", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5156] <... mount resumed>) = 0 [pid 5095] close(3 [pid 5156] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5160 [pid 5093] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5156] <... openat resumed>) = 3 [pid 5093] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5160 attached [pid 5156] chdir("./file1" [ 90.397804][ T5156] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] fstat(4, [pid 5160] chdir("./5" [pid 5156] <... chdir resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5160] <... chdir resumed>) = 0 [pid 5156] ioctl(4, LOOP_CLR_FD [pid 5093] getdents64(4, [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5156] <... ioctl resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5160] <... prctl resumed>) = 0 [pid 5156] close(4 [pid 5093] getdents64(4, [pid 5160] setpgid(0, 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5160] <... setpgid resumed>) = 0 [pid 5093] close(4 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] <... close resumed>) = 0 [pid 5160] <... openat resumed>) = 3 [pid 5093] rmdir("./4/file1" [pid 5160] write(3, "1000", 4 [pid 5093] <... rmdir resumed>) = 0 [pid 5160] <... write resumed>) = 4 [pid 5156] <... close resumed>) = 0 [pid 5093] getdents64(3, [pid 5160] close(3 [pid 5156] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5160] <... close resumed>) = 0 [pid 5156] <... openat resumed>) = 4 [pid 5093] close(3 [pid 5160] symlink("/dev/binderfs", "./binderfs" [pid 5156] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... close resumed>) = 0 [pid 5160] <... symlink resumed>) = 0 [pid 5156] <... mmap resumed>) = 0x20000000 [pid 5093] rmdir("./4" [pid 5160] memfd_create("syzkaller", 0 [pid 5156] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... rmdir resumed>) = 0 [pid 5160] <... memfd_create resumed>) = 3 [pid 5156] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] mkdir("./5", 0777 [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5156] exit_group(0 [pid 5093] <... mkdir resumed>) = 0 [pid 5160] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5156] <... exit_group resumed>) = ? [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5156] +++ exited with 0 +++ [pid 5093] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5161 [pid 5094] <... restart_syscall resumed>) = 0 [pid 5094] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5161 attached [pid 5094] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] chdir("./5" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] <... chdir resumed>) = 0 [ 90.465273][ T5155] REISERFS (device loop0): Using r5 hash to sort names [ 90.492097][ T5155] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] lstat("./4/binderfs", [pid 5091] <... umount2 resumed>) = 0 [pid 5161] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5155] <... mount resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] <... prctl resumed>) = 0 [pid 5155] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] unlink("./4/binderfs") = 0 [pid 5155] <... openat resumed>) = 3 [pid 5161] setpgid(0, 0 [pid 5155] chdir("./file1" [pid 5094] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] <... setpgid resumed>) = 0 [pid 5155] <... chdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5155] ioctl(4, LOOP_CLR_FD [pid 5091] lstat("./4/file1", [pid 5155] <... ioctl resumed>) = 0 [pid 5161] <... openat resumed>) = 3 [pid 5155] close(4 [pid 5161] write(3, "1000", 4 [pid 5155] <... close resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5161] <... write resumed>) = 4 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] close(3 [pid 5155] <... openat resumed>) = 4 [pid 5091] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5161] <... close resumed>) = 0 [pid 5155] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] getdents64(4, [pid 5161] symlink("/dev/binderfs", "./binderfs" [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5155] <... mmap resumed>) = 0x20000000 [pid 5161] <... symlink resumed>) = 0 [pid 5155] ioctl(4, FS_IOC_GETVERSION [pid 5161] memfd_create("syzkaller", 0 [pid 5155] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./4/file1" [pid 5161] <... memfd_create resumed>) = 3 [pid 5160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5155] exit_group(0 [pid 5091] <... rmdir resumed>) = 0 [pid 5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5155] <... exit_group resumed>) = ? [pid 5091] getdents64(3, [pid 5161] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5155] +++ exited with 0 +++ [pid 5091] close(3) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5155, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5091] rmdir("./4" [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5091] mkdir("./5", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... openat resumed>) = 3 [pid 5091] close(3 [pid 5090] fstat(3, [pid 5091] <... close resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5162 [pid 5090] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./4/binderfs"./strace-static-x86_64: Process 5162 attached ) = 0 [pid 5162] chdir("./5" [pid 5090] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5162] <... chdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5162] setpgid(0, 0 [pid 5092] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./4/file1", [pid 5162] <... setpgid resumed>) = 0 [pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5162] <... openat resumed>) = 3 [pid 5092] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5162] write(3, "1000", 4 [pid 5092] <... openat resumed>) = 4 [pid 5162] <... write resumed>) = 4 [pid 5162] close(3 [pid 5092] fstat(4, [pid 5162] <... close resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5162] symlink("/dev/binderfs", "./binderfs" [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5162] <... symlink resumed>) = 0 [pid 5092] getdents64(4, [pid 5162] memfd_create("syzkaller", 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5162] <... memfd_create resumed>) = 3 [pid 5092] close(4 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] <... close resumed>) = 0 [pid 5162] <... mmap resumed>) = 0x7f12a0a40000 [pid 5092] rmdir("./4/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./4") = 0 [pid 5092] mkdir("./5", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5163 ./strace-static-x86_64: Process 5163 attached [pid 5163] chdir("./5" [pid 5161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5163] <... chdir resumed>) = 0 [pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5163] setpgid(0, 0) = 0 [pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5163] write(3, "1000", 4) = 4 [pid 5163] close(3) = 0 [pid 5163] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5163] memfd_create("syzkaller", 0) = 3 [pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./4/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./4") = 0 [pid 5090] mkdir("./5", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5160] <... write resumed>) = 4194304 [pid 5160] munmap(0x7f12a0a40000, 4194304 [pid 5090] <... ioctl resumed>) = 0 [pid 5160] <... munmap resumed>) = 0 [pid 5090] close(3 [pid 5160] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5090] <... close resumed>) = 0 [pid 5160] <... openat resumed>) = 4 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5160] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... umount2 resumed>) = 0 [pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5164 ./strace-static-x86_64: Process 5164 attached [pid 5094] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5164] chdir("./5" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5164] <... chdir resumed>) = 0 [pid 5094] lstat("./4/file1", [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5164] <... prctl resumed>) = 0 [pid 5094] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5164] setpgid(0, 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5164] <... setpgid resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... openat resumed>) = 4 [pid 5164] <... openat resumed>) = 3 [pid 5094] fstat(4, [pid 5164] write(3, "1000", 4 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5164] <... write resumed>) = 4 [pid 5094] getdents64(4, [pid 5164] close(3 [pid 5160] <... ioctl resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5164] <... close resumed>) = 0 [pid 5160] close(3 [pid 5094] getdents64(4, [pid 5164] symlink("/dev/binderfs", "./binderfs" [pid 5160] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5164] <... symlink resumed>) = 0 [pid 5160] mkdir("./file1", 0777 [pid 5094] close(4 [pid 5164] memfd_create("syzkaller", 0 [pid 5160] <... mkdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5164] <... memfd_create resumed>) = 3 [pid 5160] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] rmdir("./4/file1" [pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5164] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [ 90.814820][ T5160] loop5: detected capacity change from 0 to 8192 [pid 5094] close(3) = 0 [pid 5094] rmdir("./4") = 0 [pid 5094] mkdir("./5", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 90.864366][ T5160] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] close(3 [pid 5163] <... write resumed>) = 4194304 [pid 5094] <... close resumed>) = 0 [pid 5163] munmap(0x7f12a0a40000, 4194304 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5162] <... write resumed>) = 4194304 [pid 5161] <... write resumed>) = 4194304 [pid 5161] munmap(0x7f12a0a40000, 4194304 [pid 5163] <... munmap resumed>) = 0 [pid 5161] <... munmap resumed>) = 0 [pid 5162] munmap(0x7f12a0a40000, 4194304 [pid 5163] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5166 [pid 5161] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5161] ioctl(4, LOOP_SET_FD, 3 [pid 5163] <... openat resumed>) = 4 [pid 5162] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5166 attached [pid 5163] ioctl(4, LOOP_SET_FD, 3 [pid 5162] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5166] chdir("./5" [pid 5164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5161] <... ioctl resumed>) = 0 [pid 5166] <... chdir resumed>) = 0 [ 90.933082][ T5160] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 90.946479][ T5160] REISERFS (device loop5): using ordered data mode [ 90.953756][ T5161] loop3: detected capacity change from 0 to 8192 [ 90.960892][ T5160] reiserfs: using flush barriers [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5166] setpgid(0, 0) = 0 [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5166] write(3, "1000", 4 [pid 5163] <... ioctl resumed>) = 0 [pid 5162] <... openat resumed>) = 4 [pid 5166] <... write resumed>) = 4 [pid 5166] close(3) = 0 [pid 5166] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5166] memfd_create("syzkaller", 0) = 3 [pid 5161] close(3 [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5161] <... close resumed>) = 0 [pid 5162] ioctl(4, LOOP_SET_FD, 3 [pid 5161] mkdir("./file1", 0777) = 0 [ 90.981943][ T5163] loop2: detected capacity change from 0 to 8192 [ 90.995945][ T5160] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.013514][ T5162] loop1: detected capacity change from 0 to 8192 [pid 5161] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5162] <... ioctl resumed>) = 0 [pid 5163] close(3) = 0 [pid 5163] mkdir("./file1", 0777) = 0 [pid 5162] close(3 [pid 5163] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5162] <... close resumed>) = 0 [pid 5162] mkdir("./file1", 0777) = 0 [ 91.035449][ T5160] REISERFS (device loop5): checking transaction log (loop5) [ 91.054464][ T5161] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.073215][ T5163] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.092389][ T5161] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 91.104982][ T5161] REISERFS (device loop3): using ordered data mode [ 91.111894][ T5162] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.112947][ T5161] reiserfs: using flush barriers [ 91.134265][ T5161] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.154843][ T5161] REISERFS (device loop3): checking transaction log (loop3) [ 91.154890][ T5163] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 91.183079][ T5162] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5162] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5166] <... write resumed>) = 4194304 [pid 5166] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 91.230256][ T5163] REISERFS (device loop2): using ordered data mode [ 91.237116][ T5162] REISERFS (device loop1): using ordered data mode [ 91.237467][ T5163] reiserfs: using flush barriers [ 91.249478][ T5160] REISERFS (device loop5): Using r5 hash to sort names [ 91.258470][ T5160] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 91.260602][ T5166] loop4: detected capacity change from 0 to 8192 [pid 5166] ioctl(4, LOOP_SET_FD, 3 [pid 5164] <... write resumed>) = 4194304 [pid 5164] munmap(0x7f12a0a40000, 4194304 [pid 5160] <... mount resumed>) = 0 [pid 5164] <... munmap resumed>) = 0 [pid 5160] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5164] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5160] <... openat resumed>) = 3 [pid 5164] <... openat resumed>) = 4 [pid 5160] chdir("./file1" [pid 5164] ioctl(4, LOOP_SET_FD, 3 [ 91.268123][ T5163] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.289876][ T5162] reiserfs: using flush barriers [ 91.291460][ T5163] REISERFS (device loop2): checking transaction log (loop2) [pid 5160] <... chdir resumed>) = 0 [pid 5166] <... ioctl resumed>) = 0 [pid 5164] <... ioctl resumed>) = 0 [pid 5160] ioctl(4, LOOP_CLR_FD [pid 5166] close(3 [pid 5160] <... ioctl resumed>) = 0 [pid 5166] <... close resumed>) = 0 [pid 5160] close(4 [pid 5166] mkdir("./file1", 0777 [pid 5160] <... close resumed>) = 0 [pid 5166] <... mkdir resumed>) = 0 [pid 5160] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5166] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5160] <... openat resumed>) = 4 [pid 5160] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5164] close(3) = 0 [pid 5160] <... mmap resumed>) = 0x20000000 [pid 5164] mkdir("./file1", 0777 [pid 5160] ioctl(4, FS_IOC_GETVERSION [pid 5164] <... mkdir resumed>) = 0 [pid 5160] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5164] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5160] exit_group(0) = ? [ 91.321445][ T5164] loop0: detected capacity change from 0 to 8192 [ 91.353765][ T5162] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5160] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5095] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./5/binderfs") = 0 [ 91.383720][ T5166] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.399604][ T5164] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.424693][ T5162] REISERFS (device loop1): checking transaction log (loop1) [ 91.450107][ T5161] REISERFS (device loop3): Using r5 hash to sort names [ 91.452649][ T5164] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.473529][ T5164] REISERFS (device loop0): using ordered data mode [ 91.476753][ T5166] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 91.480357][ T5164] reiserfs: using flush barriers [pid 5095] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5163] <... mount resumed>) = 0 [pid 5163] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 91.494777][ T5163] REISERFS (device loop2): Using r5 hash to sort names [ 91.502475][ T5163] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 91.509374][ T5161] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 91.514473][ T5166] REISERFS (device loop4): using ordered data mode [ 91.528217][ T5164] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.544897][ T5166] reiserfs: using flush barriers [pid 5163] chdir("./file1") = 0 [pid 5163] ioctl(4, LOOP_CLR_FD) = 0 [pid 5163] close(4) = 0 [pid 5163] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5161] <... mount resumed>) = 0 [pid 5163] <... openat resumed>) = 4 [pid 5161] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5163] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5161] <... openat resumed>) = 3 [pid 5163] <... mmap resumed>) = 0x20000000 [pid 5161] chdir("./file1" [pid 5163] ioctl(4, FS_IOC_GETVERSION [pid 5161] <... chdir resumed>) = 0 [pid 5163] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5161] ioctl(4, LOOP_CLR_FD [pid 5163] exit_group(0 [pid 5161] <... ioctl resumed>) = 0 [pid 5163] <... exit_group resumed>) = ? [pid 5161] close(4) = 0 [pid 5163] +++ exited with 0 +++ [pid 5161] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 91.552810][ T5166] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.570866][ T5164] REISERFS (device loop0): checking transaction log (loop0) [ 91.584185][ T5166] REISERFS (device loop4): checking transaction log (loop4) [pid 5161] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} --- [pid 5161] <... mmap resumed>) = 0x20000000 [pid 5092] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5161] exit_group(0 [pid 5092] <... openat resumed>) = 3 [pid 5161] <... exit_group resumed>) = ? [pid 5092] fstat(3, [pid 5161] +++ exited with 0 +++ [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5161, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] lstat("./5/binderfs", [pid 5093] <... openat resumed>) = 3 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] fstat(3, [pid 5092] unlink("./5/binderfs" [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5093] getdents64(3, [pid 5092] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./5/binderfs") = 0 [pid 5093] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./5/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./5/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./5") = 0 [pid 5095] mkdir("./6", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5172 ./strace-static-x86_64: Process 5172 attached [pid 5172] chdir("./6") = 0 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5172] setpgid(0, 0) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5172] write(3, "1000", 4) = 4 [pid 5172] close(3) = 0 [pid 5172] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5172] memfd_create("syzkaller", 0) = 3 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 91.883628][ T5162] REISERFS (device loop1): Using r5 hash to sort names [ 91.921736][ T5162] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] <... umount2 resumed>) = 0 [ 91.928728][ T5164] REISERFS (device loop0): Using r5 hash to sort names [pid 5162] <... mount resumed>) = 0 [pid 5092] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5162] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5162] chdir("./file1") = 0 [pid 5162] ioctl(4, LOOP_CLR_FD) = 0 [pid 5162] close(4) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5162] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5092] lstat("./5/file1", [pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5162] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5162] <... mmap resumed>) = 0x20000000 [pid 5092] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5162] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5162] exit_group(0) = ? [pid 5162] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5091] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, [pid 5093] <... umount2 resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, [pid 5092] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5091] unlink("./5/binderfs" [pid 5092] fstat(4, [pid 5091] <... unlink resumed>) = 0 [pid 5164] <... mount resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] <... mount resumed>) = 0 [pid 5164] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5166] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5164] <... openat resumed>) = 3 [pid 5166] <... openat resumed>) = 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5164] chdir("./file1" [pid 5166] chdir("./file1" [pid 5164] <... chdir resumed>) = 0 [pid 5093] lstat("./5/file1", [pid 5092] getdents64(4, [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5166] <... chdir resumed>) = 0 [pid 5164] ioctl(4, LOOP_CLR_FD [ 91.974302][ T5164] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 91.994570][ T5166] REISERFS (device loop4): Using r5 hash to sort names [ 92.003135][ T5166] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] close(4 [pid 5166] ioctl(4, LOOP_CLR_FD [pid 5164] <... ioctl resumed>) = 0 [pid 5166] <... ioctl resumed>) = 0 [pid 5164] close(4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... close resumed>) = 0 [pid 5166] close(4 [pid 5164] <... close resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] rmdir("./5/file1" [pid 5166] <... close resumed>) = 0 [pid 5164] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... openat resumed>) = 4 [pid 5166] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5164] <... openat resumed>) = 4 [pid 5166] <... openat resumed>) = 4 [pid 5164] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5166] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5164] <... mmap resumed>) = 0x20000000 [pid 5093] getdents64(4, [pid 5166] <... mmap resumed>) = 0x20000000 [pid 5164] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5166] ioctl(4, FS_IOC_GETVERSION [pid 5164] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5166] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5164] exit_group(0 [pid 5093] getdents64(4, [pid 5092] <... rmdir resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5166] exit_group(0 [pid 5164] <... exit_group resumed>) = ? [pid 5093] close(4 [pid 5092] getdents64(3, [pid 5166] <... exit_group resumed>) = ? [pid 5164] +++ exited with 0 +++ [pid 5093] <... close resumed>) = 0 [pid 5093] rmdir("./5/file1" [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=22 /* 0.22 s */} --- [pid 5166] +++ exited with 0 +++ [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5172] <... write resumed>) = 4194304 [pid 5093] getdents64(3, [pid 5092] close(3 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5172] munmap(0x7f12a0a40000, 4194304 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... close resumed>) = 0 [pid 5172] <... munmap resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} --- [pid 5093] close(3 [pid 5092] rmdir("./5" [pid 5172] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... close resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5172] <... openat resumed>) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] rmdir("./5" [pid 5092] mkdir("./6", 0777 [pid 5090] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] ioctl(4, LOOP_SET_FD, 3 [pid 5094] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... openat resumed>) = 3 [pid 5093] mkdir("./6", 0777 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5172] <... ioctl resumed>) = 0 [pid 5094] fstat(3, [pid 5093] <... mkdir resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5172] close(3 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5090] <... openat resumed>) = 3 [pid 5172] <... close resumed>) = 0 [pid 5094] getdents64(3, [pid 5093] <... openat resumed>) = 3 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] fstat(3, [pid 5172] mkdir("./file1", 0777 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5092] close(3 [pid 5172] <... mkdir resumed>) = 0 [pid 5094] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] <... close resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5172] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] close(3 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] getdents64(3, [pid 5094] lstat("./5/binderfs", [pid 5093] <... close resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 92.129110][ T5172] loop5: detected capacity change from 0 to 8192 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5174 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] unlink("./5/binderfs" [pid 5090] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5175 attached [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5175 [pid 5091] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5174 attached [pid 5174] chdir("./6" [pid 5094] <... unlink resumed>) = 0 [pid 5094] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5175] chdir("./6" [pid 5174] <... chdir resumed>) = 0 [pid 5091] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] lstat("./5/binderfs", [pid 5175] <... chdir resumed>) = 0 [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5175] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5174] <... prctl resumed>) = 0 [pid 5091] lstat("./5/file1", [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5175] <... prctl resumed>) = 0 [pid 5174] setpgid(0, 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] unlink("./5/binderfs" [pid 5175] setpgid(0, 0 [pid 5174] <... setpgid resumed>) = 0 [pid 5091] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5175] <... setpgid resumed>) = 0 [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5174] write(3, "1000", 4) = 4 [pid 5174] close(3) = 0 [pid 5174] symlink("/dev/binderfs", "./binderfs" [pid 5175] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5174] <... symlink resumed>) = 0 [ 92.172287][ T5172] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.211496][ T5172] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... unlink resumed>) = 0 [pid 5175] <... openat resumed>) = 3 [pid 5174] memfd_create("syzkaller", 0 [pid 5091] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5175] write(3, "1000", 4 [pid 5174] <... memfd_create resumed>) = 3 [pid 5091] <... openat resumed>) = 4 [pid 5175] <... write resumed>) = 4 [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] fstat(4, [pid 5175] close(3 [pid 5174] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5175] <... close resumed>) = 0 [pid 5091] getdents64(4, [pid 5175] symlink("/dev/binderfs", "./binderfs" [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5175] <... symlink resumed>) = 0 [pid 5091] getdents64(4, [pid 5175] memfd_create("syzkaller", 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5175] <... memfd_create resumed>) = 3 [pid 5091] close(4 [pid 5175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] <... close resumed>) = 0 [pid 5175] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] rmdir("./5/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [ 92.225021][ T5172] REISERFS (device loop5): using ordered data mode [ 92.232112][ T5172] reiserfs: using flush barriers [ 92.241884][ T5172] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.259170][ T5172] REISERFS (device loop5): checking transaction log (loop5) [pid 5091] close(3) = 0 [pid 5091] rmdir("./5") = 0 [pid 5091] mkdir("./6", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5176 ./strace-static-x86_64: Process 5176 attached [pid 5176] chdir("./6") = 0 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5176] setpgid(0, 0) = 0 [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5176] write(3, "1000", 4) = 4 [pid 5176] close(3) = 0 [pid 5176] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5175] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5176] memfd_create("syzkaller", 0) = 3 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5172] <... mount resumed>) = 0 [pid 5094] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5172] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] <... openat resumed>) = 3 [pid 5094] lstat("./5/file1", [pid 5172] chdir("./file1" [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5172] <... chdir resumed>) = 0 [ 92.401345][ T5172] REISERFS (device loop5): Using r5 hash to sort names [ 92.431403][ T5172] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5172] ioctl(4, LOOP_CLR_FD [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] <... ioctl resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5172] close(4 [pid 5094] <... openat resumed>) = 4 [pid 5172] <... close resumed>) = 0 [pid 5094] fstat(4, [pid 5172] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5172] <... openat resumed>) = 4 [pid 5094] getdents64(4, [pid 5172] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5172] <... mmap resumed>) = 0x20000000 [pid 5094] getdents64(4, [pid 5172] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5172] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] close(4 [pid 5172] exit_group(0 [pid 5094] <... close resumed>) = 0 [pid 5172] <... exit_group resumed>) = ? [pid 5094] rmdir("./5/file1" [pid 5172] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5094] <... rmdir resumed>) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(3 [pid 5175] <... write resumed>) = 4194304 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... close resumed>) = 0 [pid 5175] munmap(0x7f12a0a40000, 4194304 [pid 5095] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] rmdir("./5" [pid 5175] <... munmap resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5175] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] fstat(3, [pid 5094] <... rmdir resumed>) = 0 [pid 5175] <... openat resumed>) = 4 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] mkdir("./6", 0777 [pid 5175] ioctl(4, LOOP_SET_FD, 3 [pid 5095] getdents64(3, [pid 5094] <... mkdir resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5174] <... write resumed>) = 4194304 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] unlink("./6/binderfs" [pid 5175] <... ioctl resumed>) = 0 [pid 5174] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... unlink resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5175] close(3 [pid 5174] <... munmap resumed>) = 0 [pid 5095] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5176] <... write resumed>) = 4194304 [pid 5175] <... close resumed>) = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5176] munmap(0x7f12a0a40000, 4194304 [pid 5175] mkdir("./file1", 0777 [pid 5174] <... openat resumed>) = 4 [pid 5094] close(3 [pid 5176] <... munmap resumed>) = 0 [pid 5175] <... mkdir resumed>) = 0 [pid 5174] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... close resumed>) = 0 [ 92.550488][ T5175] loop3: detected capacity change from 0 to 8192 [pid 5174] <... ioctl resumed>) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5175] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5176] <... openat resumed>) = 4 [pid 5176] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5178 [pid 5090] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5178 attached [pid 5174] close(3 [pid 5090] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] chdir("./6" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] <... chdir resumed>) = 0 [pid 5176] <... ioctl resumed>) = 0 [pid 5174] <... close resumed>) = 0 [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5178] setpgid(0, 0) = 0 [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5178] write(3, "1000", 4) = 4 [pid 5178] close(3) = 0 [pid 5178] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5178] memfd_create("syzkaller", 0) = 3 [pid 5176] close(3 [pid 5174] mkdir("./file1", 0777 [pid 5090] lstat("./5/file1", [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5176] <... close resumed>) = 0 [pid 5174] <... mkdir resumed>) = 0 [ 92.591435][ T5174] loop2: detected capacity change from 0 to 8192 [ 92.605805][ T5176] loop1: detected capacity change from 0 to 8192 [ 92.615301][ T5175] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5176] mkdir("./file1", 0777 [pid 5174] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5176] <... mkdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5176] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 92.638675][ T5175] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 92.648678][ T5175] REISERFS (device loop3): using ordered data mode [ 92.660412][ T5175] reiserfs: using flush barriers [ 92.669359][ T5175] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, [pid 5178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [ 92.686548][ T5174] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.701838][ T5176] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.717544][ T5174] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 92.732420][ T5175] REISERFS (device loop3): checking transaction log (loop3) [pid 5090] rmdir("./5/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./5") = 0 [pid 5090] mkdir("./6", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5181 [ 92.758336][ T5176] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 92.788949][ T5174] REISERFS (device loop2): using ordered data mode ./strace-static-x86_64: Process 5181 attached [pid 5181] chdir("./6") = 0 [pid 5181] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5181] setpgid(0, 0) = 0 [pid 5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5181] write(3, "1000", 4 [pid 5095] <... umount2 resumed>) = 0 [pid 5181] <... write resumed>) = 4 [pid 5181] close(3 [pid 5095] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5181] <... close resumed>) = 0 [ 92.808304][ T5174] reiserfs: using flush barriers [ 92.821808][ T5174] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.840360][ T5174] REISERFS (device loop2): checking transaction log (loop2) [ 92.850323][ T5176] REISERFS (device loop1): using ordered data mode [pid 5181] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5181] <... symlink resumed>) = 0 [pid 5178] <... write resumed>) = 4194304 [pid 5095] lstat("./6/file1", [pid 5181] memfd_create("syzkaller", 0 [pid 5178] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5181] <... memfd_create resumed>) = 3 [pid 5178] <... munmap resumed>) = 0 [pid 5095] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5178] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5181] <... mmap resumed>) = 0x7f12a0a40000 [pid 5178] <... openat resumed>) = 4 [pid 5095] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5178] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... openat resumed>) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./6/file1") = 0 [pid 5178] <... ioctl resumed>) = 0 [pid 5178] close(3 [pid 5095] getdents64(3, [pid 5178] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5178] mkdir("./file1", 0777 [pid 5095] close(3 [pid 5178] <... mkdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5178] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] rmdir("./6") = 0 [ 92.904757][ T5176] reiserfs: using flush barriers [ 92.922922][ T5178] loop4: detected capacity change from 0 to 8192 [ 92.935499][ T5175] REISERFS (device loop3): Using r5 hash to sort names [pid 5095] mkdir("./7", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5183 ./strace-static-x86_64: Process 5183 attached [pid 5183] chdir("./7") = 0 [ 92.948944][ T5176] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.949346][ T5178] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5183] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5181] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5183] setpgid(0, 0) = 0 [pid 5183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5183] write(3, "1000", 4) = 4 [pid 5183] close(3) = 0 [pid 5183] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5183] memfd_create("syzkaller", 0) = 3 [pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5174] <... mount resumed>) = 0 [pid 5174] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 93.000196][ T5175] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 93.010909][ T5174] REISERFS (device loop2): Using r5 hash to sort names [ 93.025003][ T5174] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 93.035607][ T5176] REISERFS (device loop1): checking transaction log (loop1) [pid 5175] <... mount resumed>) = 0 [pid 5175] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5174] chdir("./file1" [pid 5175] <... openat resumed>) = 3 [pid 5174] <... chdir resumed>) = 0 [pid 5175] chdir("./file1" [pid 5174] ioctl(4, LOOP_CLR_FD [pid 5175] <... chdir resumed>) = 0 [pid 5174] <... ioctl resumed>) = 0 [pid 5175] ioctl(4, LOOP_CLR_FD [pid 5174] close(4 [pid 5175] <... ioctl resumed>) = 0 [pid 5174] <... close resumed>) = 0 [pid 5175] close(4 [pid 5174] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5175] <... close resumed>) = 0 [pid 5174] <... openat resumed>) = 4 [pid 5175] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 93.061573][ T5178] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 93.070950][ T5178] REISERFS (device loop4): using ordered data mode [ 93.078125][ T5178] reiserfs: using flush barriers [ 93.084839][ T5178] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.101528][ T5178] REISERFS (device loop4): checking transaction log (loop4) [pid 5174] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5175] <... openat resumed>) = 4 [pid 5174] <... mmap resumed>) = 0x20000000 [pid 5175] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5174] ioctl(4, FS_IOC_GETVERSION [pid 5175] <... mmap resumed>) = 0x20000000 [pid 5174] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5175] ioctl(4, FS_IOC_GETVERSION [pid 5174] exit_group(0 [pid 5175] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5174] <... exit_group resumed>) = ? [pid 5175] exit_group(0 [pid 5174] +++ exited with 0 +++ [pid 5175] <... exit_group resumed>) = ? [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5175] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5175, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5092] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... openat resumed>) = 3 [pid 5093] <... openat resumed>) = 3 [ 93.158723][ T5178] REISERFS (device loop4): Using r5 hash to sort names [ 93.171733][ T5178] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] fstat(3, [pid 5093] fstat(3, [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5178] <... mount resumed>) = 0 [pid 5093] getdents64(3, [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5178] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] <... openat resumed>) = 3 [pid 5093] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] chdir("./file1" [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./6/binderfs", [pid 5178] <... chdir resumed>) = 0 [pid 5093] lstat("./6/binderfs", [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5178] ioctl(4, LOOP_CLR_FD [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./6/binderfs" [pid 5178] <... ioctl resumed>) = 0 [pid 5093] unlink("./6/binderfs" [pid 5092] <... unlink resumed>) = 0 [pid 5178] close(4 [pid 5093] <... unlink resumed>) = 0 [pid 5092] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] <... close resumed>) = 0 [pid 5093] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5178] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5178] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5178] exit_group(0) = ? [pid 5178] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5094] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5181] <... write resumed>) = 4194304 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5181] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... openat resumed>) = 3 [pid 5181] <... munmap resumed>) = 0 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5181] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5094] getdents64(3, [pid 5181] <... openat resumed>) = 4 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5181] ioctl(4, LOOP_SET_FD, 3 [pid 5094] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./6/binderfs") = 0 [ 93.300221][ T5181] loop0: detected capacity change from 0 to 8192 [ 93.336716][ T5176] REISERFS (device loop1): Using r5 hash to sort names [pid 5094] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5181] <... ioctl resumed>) = 0 [pid 5181] close(3) = 0 [pid 5176] <... mount resumed>) = 0 [pid 5181] mkdir("./file1", 0777 [pid 5176] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5181] <... mkdir resumed>) = 0 [pid 5176] <... openat resumed>) = 3 [pid 5181] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5176] chdir("./file1") = 0 [pid 5176] ioctl(4, LOOP_CLR_FD) = 0 [pid 5176] close(4) = 0 [pid 5176] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 93.361609][ T5176] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5176] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5176] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5176] exit_group(0) = ? [pid 5176] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [ 93.414307][ T5181] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5183] <... write resumed>) = 4194304 [pid 5093] <... umount2 resumed>) = 0 [pid 5183] munmap(0x7f12a0a40000, 4194304 [pid 5091] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] fstat(3, [pid 5183] <... munmap resumed>) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./6/binderfs" [pid 5183] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... unlink resumed>) = 0 [pid 5183] <... openat resumed>) = 4 [pid 5091] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5183] ioctl(4, LOOP_SET_FD, 3 [pid 5093] lstat("./6/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5183] <... ioctl resumed>) = 0 [pid 5093] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5183] close(3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5183] <... close resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5183] mkdir("./file1", 0777) = 0 [pid 5093] <... openat resumed>) = 4 [pid 5092] <... umount2 resumed>) = 0 [pid 5183] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] fstat(4, [pid 5092] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] getdents64(4, [pid 5092] lstat("./6/file1", [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, [pid 5092] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] close(4 [pid 5092] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... close resumed>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5093] rmdir("./6/file1" [pid 5092] fstat(4, [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, [pid 5092] getdents64(4, [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] close(3 [pid 5092] getdents64(4, [pid 5093] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [ 93.464065][ T5181] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.482284][ T5181] REISERFS (device loop0): using ordered data mode [ 93.490573][ T5181] reiserfs: using flush barriers [ 93.496744][ T5183] loop5: detected capacity change from 0 to 8192 [pid 5093] rmdir("./6" [pid 5092] close(4 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5093] mkdir("./7", 0777 [pid 5092] rmdir("./6/file1" [pid 5093] <... mkdir resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] getdents64(3, [pid 5093] <... openat resumed>) = 3 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5092] close(3 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] <... close resumed>) = 0 [pid 5093] close(3 [pid 5092] rmdir("./6" [pid 5093] <... close resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] mkdir("./7", 0777) = 0 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5186 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5187 ./strace-static-x86_64: Process 5186 attached ./strace-static-x86_64: Process 5187 attached [pid 5186] chdir("./7" [pid 5187] chdir("./7" [pid 5186] <... chdir resumed>) = 0 [pid 5187] <... chdir resumed>) = 0 [pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5186] <... prctl resumed>) = 0 [pid 5187] <... prctl resumed>) = 0 [pid 5186] setpgid(0, 0 [pid 5187] setpgid(0, 0 [pid 5186] <... setpgid resumed>) = 0 [pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5187] <... setpgid resumed>) = 0 [pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5186] <... openat resumed>) = 3 [pid 5187] <... openat resumed>) = 3 [pid 5187] write(3, "1000", 4 [pid 5186] write(3, "1000", 4 [pid 5187] <... write resumed>) = 4 [pid 5186] <... write resumed>) = 4 [pid 5187] close(3 [pid 5186] close(3 [pid 5187] <... close resumed>) = 0 [pid 5186] <... close resumed>) = 0 [pid 5187] symlink("/dev/binderfs", "./binderfs" [pid 5186] symlink("/dev/binderfs", "./binderfs" [pid 5187] <... symlink resumed>) = 0 [pid 5186] <... symlink resumed>) = 0 [ 93.536522][ T5181] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.570087][ T5183] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5187] memfd_create("syzkaller", 0 [pid 5186] memfd_create("syzkaller", 0 [pid 5187] <... memfd_create resumed>) = 3 [pid 5186] <... memfd_create resumed>) = 3 [pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5187] <... mmap resumed>) = 0x7f12a0a40000 [pid 5186] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] <... umount2 resumed>) = 0 [ 93.609036][ T5181] REISERFS (device loop0): checking transaction log (loop0) [ 93.610285][ T5183] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5187] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./6/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 93.674762][ T5183] REISERFS (device loop5): using ordered data mode [ 93.690658][ T5183] reiserfs: using flush barriers [ 93.697283][ T5183] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.714671][ T5183] REISERFS (device loop5): checking transaction log (loop5) [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./6/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./6") = 0 [pid 5094] mkdir("./7", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5091] <... umount2 resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5188 ./strace-static-x86_64: Process 5188 attached [pid 5188] chdir("./7" [pid 5186] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5188] <... chdir resumed>) = 0 [pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5187] <... write resumed>) = 4194304 [pid 5188] setpgid(0, 0 [pid 5187] munmap(0x7f12a0a40000, 4194304 [pid 5091] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./6/file1", [pid 5188] <... setpgid resumed>) = 0 [pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5188] <... openat resumed>) = 3 [pid 5188] write(3, "1000", 4) = 4 [pid 5188] close(3) = 0 [pid 5188] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5188] memfd_create("syzkaller", 0 [pid 5091] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5188] <... memfd_create resumed>) = 3 [pid 5091] <... openat resumed>) = 4 [pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] fstat(4, [pid 5188] <... mmap resumed>) = 0x7f12a0a40000 [pid 5187] <... munmap resumed>) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5187] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5187] <... openat resumed>) = 4 [pid 5091] close(4) = 0 [pid 5187] ioctl(4, LOOP_SET_FD, 3 [pid 5091] rmdir("./6/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./6") = 0 [pid 5091] mkdir("./7", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5189 ./strace-static-x86_64: Process 5189 attached [pid 5187] <... ioctl resumed>) = 0 [pid 5187] close(3) = 0 [pid 5189] chdir("./7" [pid 5187] mkdir("./file1", 0777 [pid 5189] <... chdir resumed>) = 0 [pid 5189] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5189] setpgid(0, 0) = 0 [pid 5189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5187] <... mkdir resumed>) = 0 [pid 5189] write(3, "1000", 4) = 4 [pid 5189] close(3) = 0 [pid 5187] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5189] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5189] memfd_create("syzkaller", 0) = 3 [pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 93.836332][ T5187] loop2: detected capacity change from 0 to 8192 [pid 5186] <... write resumed>) = 4194304 [ 93.905049][ T5187] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5186] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5186] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5186] ioctl(4, LOOP_SET_FD, 3 [pid 5189] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 93.951923][ T5187] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 93.963484][ T5187] REISERFS (device loop2): using ordered data mode [ 93.972303][ T5187] reiserfs: using flush barriers [ 93.978711][ T5186] loop3: detected capacity change from 0 to 8192 [pid 5188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5186] <... ioctl resumed>) = 0 [pid 5186] close(3) = 0 [pid 5186] mkdir("./file1", 0777) = 0 [ 93.986992][ T5187] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5186] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5188] <... write resumed>) = 4194304 [pid 5188] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5188] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 94.049945][ T5187] REISERFS (device loop2): checking transaction log (loop2) [ 94.052441][ T5186] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.086637][ T5181] REISERFS (device loop0): Using r5 hash to sort names [pid 5189] <... write resumed>) = 4194304 [pid 5189] munmap(0x7f12a0a40000, 4194304 [pid 5188] ioctl(4, LOOP_SET_FD, 3 [pid 5189] <... munmap resumed>) = 0 [pid 5181] <... mount resumed>) = 0 [pid 5181] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5181] chdir("./file1" [pid 5189] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5181] <... chdir resumed>) = 0 [pid 5181] ioctl(4, LOOP_CLR_FD) = 0 [pid 5181] close(4 [pid 5189] <... openat resumed>) = 4 [pid 5188] <... ioctl resumed>) = 0 [pid 5183] <... mount resumed>) = 0 [pid 5181] <... close resumed>) = 0 [ 94.097507][ T5183] REISERFS (device loop5): Using r5 hash to sort names [ 94.103376][ T5186] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 94.110057][ T5181] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 94.117637][ T5186] REISERFS (device loop3): using ordered data mode [ 94.125646][ T5183] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 94.132058][ T5188] loop4: detected capacity change from 0 to 8192 [ 94.145044][ T5186] reiserfs: using flush barriers [pid 5189] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5188] close(3) = 0 [pid 5188] mkdir("./file1", 0777) = 0 [pid 5188] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5183] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5181] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5183] chdir("./file1" [pid 5189] close(3 [pid 5183] <... chdir resumed>) = 0 [pid 5189] <... close resumed>) = 0 [pid 5181] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5189] mkdir("./file1", 0777 [pid 5183] ioctl(4, LOOP_CLR_FD [pid 5181] <... mmap resumed>) = 0x20000000 [ 94.159539][ T5189] loop1: detected capacity change from 0 to 8192 [ 94.167629][ T5186] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.194492][ T5186] REISERFS (device loop3): checking transaction log (loop3) [pid 5189] <... mkdir resumed>) = 0 [pid 5183] <... ioctl resumed>) = 0 [pid 5181] ioctl(4, FS_IOC_GETVERSION [pid 5189] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5183] close(4 [pid 5181] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5183] <... close resumed>) = 0 [pid 5181] exit_group(0 [pid 5183] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5181] <... exit_group resumed>) = ? [pid 5183] <... openat resumed>) = 4 [pid 5181] +++ exited with 0 +++ [ 94.210380][ T5188] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.225350][ T5188] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 94.235509][ T5187] REISERFS (device loop2): using ordered data mode [ 94.235510][ T5188] REISERFS (device loop4): using ordered data mode [ 94.235788][ T5187] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5183] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5181, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5183] <... mmap resumed>) = 0x20000000 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5183] ioctl(4, FS_IOC_GETVERSION [pid 5090] <... restart_syscall resumed>) = 0 [pid 5183] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5187] <... mount resumed>) = 0 [pid 5183] exit_group(0 [pid 5187] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5183] <... exit_group resumed>) = ? [pid 5090] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5187] <... openat resumed>) = 3 [pid 5183] +++ exited with 0 +++ [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5187] chdir("./file1" [pid 5090] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5187] <... chdir resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5187] ioctl(4, LOOP_CLR_FD [pid 5090] fstat(3, [pid 5187] <... ioctl resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5187] close(4 [pid 5090] getdents64(3, [pid 5187] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5187] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5187] <... openat resumed>) = 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5187] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] lstat("./6/binderfs", [pid 5187] <... mmap resumed>) = 0x20000000 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5187] ioctl(4, FS_IOC_GETVERSION [pid 5090] unlink("./6/binderfs" [pid 5187] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] <... unlink resumed>) = 0 [pid 5187] exit_group(0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5183, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5090] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5187] <... exit_group resumed>) = ? [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5187] +++ exited with 0 +++ [pid 5095] <... restart_syscall resumed>) = 0 [ 94.242192][ T5188] reiserfs: using flush barriers [ 94.271935][ T5189] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.292627][ T5188] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5095] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5095] fstat(3, [pid 5092] fstat(3, [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, [pid 5092] getdents64(3, [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./7/binderfs", [pid 5092] lstat("./7/binderfs", [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./7/binderfs" [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./7/binderfs" [pid 5095] <... unlink resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5095] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 94.317514][ T5189] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 94.332539][ T5188] REISERFS (device loop4): checking transaction log (loop4) [ 94.356208][ T5189] REISERFS (device loop1): using ordered data mode [ 94.396589][ T5189] reiserfs: using flush barriers [ 94.420942][ T5189] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.461461][ T5188] REISERFS (device loop4): Using r5 hash to sort names [ 94.469439][ T5188] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5188] <... mount resumed>) = 0 [pid 5188] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5188] chdir("./file1") = 0 [pid 5188] ioctl(4, LOOP_CLR_FD) = 0 [pid 5188] close(4) = 0 [pid 5188] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5188] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5188] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5188] exit_group(0) = ? [pid 5188] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5094] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./7/binderfs") = 0 [pid 5094] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./6/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 94.501917][ T5189] REISERFS (device loop1): checking transaction log (loop1) [pid 5090] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./6/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./6") = 0 [pid 5090] mkdir("./7", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5194 ./strace-static-x86_64: Process 5194 attached [pid 5194] chdir("./7") = 0 [pid 5194] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5194] setpgid(0, 0) = 0 [pid 5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5194] write(3, "1000", 4) = 4 [pid 5194] close(3) = 0 [pid 5194] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5194] memfd_create("syzkaller", 0) = 3 [pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./7/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] <... umount2 resumed>) = 0 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./7/file1", [pid 5095] getdents64(4, [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... openat resumed>) = 4 [pid 5186] <... mount resumed>) = 0 [pid 5095] getdents64(4, [pid 5092] fstat(4, [pid 5186] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 94.658141][ T5186] REISERFS (device loop3): Using r5 hash to sort names [ 94.694786][ T5186] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5186] <... openat resumed>) = 3 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] getdents64(4, [pid 5186] chdir("./file1" [pid 5095] close(4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5186] <... chdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5092] getdents64(4, [pid 5186] ioctl(4, LOOP_CLR_FD [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5186] <... ioctl resumed>) = 0 [pid 5095] rmdir("./7/file1" [pid 5092] close(4 [pid 5186] close(4 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5186] <... close resumed>) = 0 [pid 5092] rmdir("./7/file1" [pid 5186] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... rmdir resumed>) = 0 [pid 5186] <... openat resumed>) = 4 [pid 5092] getdents64(3, [pid 5186] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5186] <... mmap resumed>) = 0x20000000 [pid 5092] close(3 [pid 5186] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... close resumed>) = 0 [pid 5194] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5186] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] getdents64(3, [pid 5092] rmdir("./7" [pid 5186] exit_group(0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5186] <... exit_group resumed>) = ? [pid 5095] close(3 [pid 5092] mkdir("./8", 0777 [pid 5186] +++ exited with 0 +++ [pid 5095] <... close resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5095] rmdir("./7" [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5186, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5093] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... rmdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] mkdir("./8", 0777 [pid 5093] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5195 [pid 5093] <... openat resumed>) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5093] getdents64(3, [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR./strace-static-x86_64: Process 5195 attached [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] <... openat resumed>) = 3 [pid 5093] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5195] chdir("./8" [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] lstat("./7/binderfs", [pid 5195] <... chdir resumed>) = 0 [pid 5095] close(3 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5195] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... close resumed>) = 0 [pid 5093] unlink("./7/binderfs" [pid 5195] <... prctl resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5195] setpgid(0, 0 [pid 5093] <... unlink resumed>) = 0 [pid 5195] <... setpgid resumed>) = 0 [pid 5195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5093] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] write(3, "1000", 4 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5196 [pid 5195] <... write resumed>) = 4 [pid 5195] close(3) = 0 [pid 5195] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5195] memfd_create("syzkaller", 0) = 3 [pid 5195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 ./strace-static-x86_64: Process 5196 attached [pid 5196] chdir("./8") = 0 [pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5196] setpgid(0, 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5196] <... setpgid resumed>) = 0 [pid 5094] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./7/file1", [pid 5196] <... openat resumed>) = 3 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5196] write(3, "1000", 4) = 4 [pid 5094] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5196] close(3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5196] <... close resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5196] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... openat resumed>) = 4 [pid 5196] <... symlink resumed>) = 0 [pid 5094] fstat(4, [pid 5196] memfd_create("syzkaller", 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5196] <... memfd_create resumed>) = 3 [pid 5094] getdents64(4, [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5196] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./7/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./7") = 0 [pid 5094] mkdir("./8", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5197 [pid 5195] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304./strace-static-x86_64: Process 5197 attached [pid 5197] chdir("./8") = 0 [pid 5197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5197] setpgid(0, 0) = 0 [pid 5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5197] write(3, "1000", 4) = 4 [pid 5197] close(3) = 0 [pid 5197] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5197] memfd_create("syzkaller", 0) = 3 [pid 5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 94.925368][ T5189] REISERFS (device loop1): Using r5 hash to sort names [pid 5194] <... write resumed>) = 4194304 [pid 5194] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5194] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5194] ioctl(4, LOOP_SET_FD, 3 [pid 5196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5194] <... ioctl resumed>) = 0 [pid 5189] <... mount resumed>) = 0 [pid 5189] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5189] chdir("./file1" [pid 5093] <... umount2 resumed>) = 0 [pid 5189] <... chdir resumed>) = 0 [pid 5189] ioctl(4, LOOP_CLR_FD) = 0 [pid 5189] close(4) = 0 [pid 5194] close(3 [pid 5189] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5194] <... close resumed>) = 0 [ 94.970017][ T5189] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 94.982671][ T5194] loop0: detected capacity change from 0 to 8192 [pid 5189] <... openat resumed>) = 4 [pid 5194] mkdir("./file1", 0777 [pid 5189] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5194] <... mkdir resumed>) = 0 [pid 5189] <... mmap resumed>) = 0x20000000 [pid 5194] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5189] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5189] exit_group(0) = ? [pid 5189] +++ exited with 0 +++ [pid 5093] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5189, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5093] lstat("./7/file1", [pid 5091] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... openat resumed>) = 3 [pid 5197] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5196] <... write resumed>) = 4194304 [pid 5196] munmap(0x7f12a0a40000, 4194304 [pid 5093] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] fstat(3, [pid 5196] <... munmap resumed>) = 0 [pid 5195] <... write resumed>) = 4194304 [pid 5093] <... openat resumed>) = 4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5196] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5093] fstat(4, [pid 5091] getdents64(3, [pid 5196] <... openat resumed>) = 4 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [ 95.044060][ T5194] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5196] ioctl(4, LOOP_SET_FD, 3 [pid 5093] getdents64(4, [pid 5091] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5196] <... ioctl resumed>) = 0 [pid 5093] getdents64(4, [pid 5091] lstat("./7/binderfs", [pid 5196] close(3 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5196] <... close resumed>) = 0 [pid 5093] close(4 [pid 5091] unlink("./7/binderfs" [pid 5196] mkdir("./file1", 0777 [pid 5093] <... close resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5197] <... write resumed>) = 4194304 [pid 5196] <... mkdir resumed>) = 0 [pid 5093] rmdir("./7/file1" [pid 5091] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5196] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./7") = 0 [pid 5093] mkdir("./8", 0777) = 0 [ 95.098580][ T5196] loop5: detected capacity change from 0 to 8192 [ 95.117015][ T5194] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.128153][ T5194] REISERFS (device loop0): using ordered data mode [ 95.134892][ T5194] reiserfs: using flush barriers [pid 5197] munmap(0x7f12a0a40000, 4194304 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5197] <... munmap resumed>) = 0 [pid 5195] munmap(0x7f12a0a40000, 4194304 [pid 5093] <... openat resumed>) = 3 [pid 5197] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5195] <... munmap resumed>) = 0 [pid 5197] <... openat resumed>) = 4 [pid 5195] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5197] ioctl(4, LOOP_SET_FD, 3 [pid 5195] <... openat resumed>) = 4 [pid 5195] ioctl(4, LOOP_SET_FD, 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5195] <... ioctl resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5200 [pid 5195] close(3) = 0 [ 95.143264][ T5196] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.145768][ T5197] loop4: detected capacity change from 0 to 8192 [ 95.156552][ T5194] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.163595][ T5195] loop2: detected capacity change from 0 to 8192 [ 95.185866][ T5196] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5195] mkdir("./file1", 0777./strace-static-x86_64: Process 5200 attached [pid 5197] <... ioctl resumed>) = 0 [pid 5195] <... mkdir resumed>) = 0 [pid 5200] chdir("./8" [pid 5197] close(3 [pid 5195] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5200] <... chdir resumed>) = 0 [pid 5197] <... close resumed>) = 0 [pid 5200] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5197] mkdir("./file1", 0777 [pid 5200] <... prctl resumed>) = 0 [pid 5197] <... mkdir resumed>) = 0 [pid 5200] setpgid(0, 0 [pid 5197] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5200] <... setpgid resumed>) = 0 [pid 5200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5200] write(3, "1000", 4) = 4 [pid 5200] close(3) = 0 [pid 5200] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5200] memfd_create("syzkaller", 0) = 3 [pid 5200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 95.196121][ T5196] REISERFS (device loop5): using ordered data mode [ 95.204245][ T5196] reiserfs: using flush barriers [ 95.210856][ T5194] REISERFS (device loop0): checking transaction log (loop0) [ 95.211245][ T5196] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.260692][ T5195] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.282106][ T5197] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.311126][ T5195] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 95.320702][ T5195] REISERFS (device loop2): using ordered data mode [ 95.328287][ T5195] reiserfs: using flush barriers [ 95.334874][ T5197] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 95.341335][ T5195] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5200] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 95.344512][ T5197] REISERFS (device loop4): using ordered data mode [ 95.367403][ T5197] reiserfs: using flush barriers [ 95.371528][ T5196] REISERFS (device loop5): checking transaction log (loop5) [ 95.391135][ T5197] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5091] lstat("./7/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 95.425585][ T5197] REISERFS (device loop4): checking transaction log (loop4) [ 95.433262][ T5194] REISERFS (device loop0): Using r5 hash to sort names [ 95.438753][ T5195] REISERFS (device loop2): checking transaction log (loop2) [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./7/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./7") = 0 [pid 5091] mkdir("./8", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5194] <... mount resumed>) = 0 [ 95.482056][ T5194] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5194] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5194] chdir("./file1" [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5203 [pid 5194] <... chdir resumed>) = 0 [pid 5194] ioctl(4, LOOP_CLR_FD) = 0 [pid 5194] close(4) = 0 ./strace-static-x86_64: Process 5203 attached [pid 5194] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5203] chdir("./8" [pid 5194] <... openat resumed>) = 4 [pid 5203] <... chdir resumed>) = 0 [pid 5194] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5203] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5194] <... mmap resumed>) = 0x20000000 [pid 5203] <... prctl resumed>) = 0 [pid 5194] ioctl(4, FS_IOC_GETVERSION [pid 5203] setpgid(0, 0 [pid 5200] <... write resumed>) = 4194304 [pid 5194] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5194] exit_group(0) = ? [pid 5194] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=16 /* 0.16 s */} --- [pid 5203] <... setpgid resumed>) = 0 [pid 5200] munmap(0x7f12a0a40000, 4194304 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5203] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5200] <... munmap resumed>) = 0 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5203] <... openat resumed>) = 3 [pid 5200] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5203] write(3, "1000", 4 [pid 5200] <... openat resumed>) = 4 [pid 5200] ioctl(4, LOOP_SET_FD, 3 [pid 5090] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5203] <... write resumed>) = 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5203] close(3 [pid 5090] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5203] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5203] symlink("/dev/binderfs", "./binderfs" [pid 5090] fstat(3, [pid 5203] <... symlink resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5203] memfd_create("syzkaller", 0 [pid 5090] getdents64(3, [pid 5203] <... memfd_create resumed>) = 3 [pid 5197] <... mount resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5203] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5197] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5203] <... mmap resumed>) = 0x7f12a0a40000 [pid 5197] <... openat resumed>) = 3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./7/binderfs", [pid 5200] <... ioctl resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5200] close(3 [pid 5090] unlink("./7/binderfs" [pid 5200] <... close resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5200] mkdir("./file1", 0777 [pid 5090] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5200] <... mkdir resumed>) = 0 [pid 5197] chdir("./file1" [pid 5200] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5197] <... chdir resumed>) = 0 [pid 5197] ioctl(4, LOOP_CLR_FD) = 0 [ 95.592908][ T5197] REISERFS (device loop4): Using r5 hash to sort names [ 95.611453][ T5197] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 95.620779][ T5200] loop3: detected capacity change from 0 to 8192 [pid 5197] close(4) = 0 [pid 5197] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5197] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5197] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5197] exit_group(0) = ? [ 95.685763][ T5200] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.701890][ T5200] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 95.712731][ T5200] REISERFS (device loop3): using ordered data mode [ 95.719293][ T5200] reiserfs: using flush barriers [pid 5197] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5197, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5203] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... restart_syscall resumed>) = 0 [pid 5094] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./8/binderfs") = 0 [ 95.726862][ T5200] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.743760][ T5200] REISERFS (device loop3): checking transaction log (loop3) [ 95.754330][ T5195] REISERFS (device loop2): Using r5 hash to sort names [pid 5094] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] <... mount resumed>) = 0 [pid 5195] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5195] chdir("./file1") = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5195] ioctl(4, LOOP_CLR_FD [pid 5090] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] <... ioctl resumed>) = 0 [pid 5195] close(4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5195] <... close resumed>) = 0 [ 95.791459][ T5195] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] lstat("./7/file1", [pid 5195] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5195] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] <... mmap resumed>) = 0x20000000 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5195] ioctl(4, FS_IOC_GETVERSION [pid 5090] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5195] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5195] exit_group(0 [pid 5090] <... openat resumed>) = 4 [pid 5195] <... exit_group resumed>) = ? [pid 5090] fstat(4, [pid 5195] +++ exited with 0 +++ [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5195, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5090] getdents64(4, [pid 5092] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5203] <... write resumed>) = 4194304 [ 95.844220][ T5196] REISERFS (device loop5): Using r5 hash to sort names [pid 5090] getdents64(4, [pid 5203] munmap(0x7f12a0a40000, 4194304 [pid 5092] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5203] <... munmap resumed>) = 0 [pid 5196] <... mount resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5203] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5196] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] lstat("./8/binderfs", [pid 5090] close(4 [pid 5203] <... openat resumed>) = 4 [pid 5196] <... openat resumed>) = 3 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5203] ioctl(4, LOOP_SET_FD, 3 [pid 5196] chdir("./file1" [pid 5092] unlink("./8/binderfs" [pid 5090] <... close resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5092] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5203] <... ioctl resumed>) = 0 [pid 5196] <... chdir resumed>) = 0 [pid 5090] rmdir("./7/file1" [pid 5203] close(3 [pid 5196] ioctl(4, LOOP_CLR_FD [pid 5090] <... rmdir resumed>) = 0 [pid 5203] <... close resumed>) = 0 [pid 5196] <... ioctl resumed>) = 0 [pid 5090] getdents64(3, [pid 5203] mkdir("./file1", 0777 [pid 5196] close(4 [pid 5203] <... mkdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5196] <... close resumed>) = 0 [pid 5203] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5196] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] close(3 [pid 5196] <... openat resumed>) = 4 [pid 5090] <... close resumed>) = 0 [pid 5196] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] rmdir("./7" [pid 5196] <... mmap resumed>) = 0x20000000 [pid 5196] ioctl(4, FS_IOC_GETVERSION [pid 5090] <... rmdir resumed>) = 0 [pid 5196] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] mkdir("./8", 0777 [ 95.894871][ T5196] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 95.915981][ T5203] loop1: detected capacity change from 0 to 8192 [pid 5196] exit_group(0) = ? [pid 5090] <... mkdir resumed>) = 0 [pid 5196] +++ exited with 0 +++ [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5196, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3 [pid 5095] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... close resumed>) = 0 [ 95.959099][ T5203] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5206 ./strace-static-x86_64: Process 5206 attached [pid 5206] chdir("./8") = 0 [pid 5206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5206] setpgid(0, 0) = 0 [pid 5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5206] write(3, "1000", 4) = 4 [pid 5206] close(3) = 0 [pid 5206] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5206] memfd_create("syzkaller", 0 [pid 5095] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, [pid 5094] <... umount2 resumed>) = 0 [pid 5200] <... mount resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5206] <... memfd_create resumed>) = 3 [pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5200] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] getdents64(3, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5200] <... openat resumed>) = 3 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] lstat("./8/file1", [pid 5200] chdir("./file1") = 0 [pid 5095] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5200] ioctl(4, LOOP_CLR_FD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5200] <... ioctl resumed>) = 0 [pid 5095] lstat("./8/binderfs", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5200] close(4 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 96.013059][ T5200] REISERFS (device loop3): Using r5 hash to sort names [ 96.027699][ T5200] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 96.038379][ T5203] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 96.048686][ T5203] REISERFS (device loop1): using ordered data mode [ 96.058044][ T5203] reiserfs: using flush barriers [pid 5094] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5200] <... close resumed>) = 0 [pid 5095] unlink("./8/binderfs" [pid 5094] <... openat resumed>) = 4 [pid 5200] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] <... unlink resumed>) = 0 [pid 5094] fstat(4, [pid 5200] <... openat resumed>) = 4 [pid 5095] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5200] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, [pid 5200] <... mmap resumed>) = 0x20000000 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4 [pid 5200] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... close resumed>) = 0 [pid 5200] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] rmdir("./8/file1" [pid 5200] exit_group(0 [pid 5094] <... rmdir resumed>) = 0 [pid 5200] <... exit_group resumed>) = ? [pid 5200] +++ exited with 0 +++ [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5200, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5094] close(3) = 0 [pid 5094] rmdir("./8" [ 96.068880][ T5203] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] mkdir("./9", 0777 [pid 5093] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... mkdir resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] fstat(3, [pid 5094] <... openat resumed>) = 3 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5093] getdents64(3, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] lstat("./8/file1", [pid 5094] close(3 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... close resumed>) = 0 [pid 5093] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5207 [pid 5093] lstat("./8/binderfs", [pid 5092] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./8/binderfs" [pid 5092] <... openat resumed>) = 4 [pid 5093] <... unlink resumed>) = 0 [pid 5092] fstat(4, [pid 5093] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5207 attached [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./8/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5207] chdir("./9" [pid 5092] rmdir("./8" [pid 5207] <... chdir resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5207] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] mkdir("./9", 0777 [pid 5207] <... prctl resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5207] setpgid(0, 0 [pid 5206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5207] <... setpgid resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [ 96.146760][ T5203] REISERFS (device loop1): checking transaction log (loop1) [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5207] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5207] <... openat resumed>) = 3 [pid 5092] close(3 [pid 5207] write(3, "1000", 4 [pid 5092] <... close resumed>) = 0 [pid 5207] <... write resumed>) = 4 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5207] close(3) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5208 ./strace-static-x86_64: Process 5208 attached [pid 5207] symlink("/dev/binderfs", "./binderfs" [pid 5208] chdir("./9" [pid 5207] <... symlink resumed>) = 0 [pid 5207] memfd_create("syzkaller", 0 [pid 5208] <... chdir resumed>) = 0 [pid 5207] <... memfd_create resumed>) = 3 [pid 5208] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5207] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5208] <... prctl resumed>) = 0 [pid 5207] <... mmap resumed>) = 0x7f12a0a40000 [pid 5208] setpgid(0, 0) = 0 [pid 5208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5208] write(3, "1000", 4) = 4 [pid 5208] close(3) = 0 [pid 5208] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5208] memfd_create("syzkaller", 0) = 3 [pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = 0 [pid 5206] <... write resumed>) = 4194304 [pid 5206] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5095] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./8/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./8/file1" [pid 5206] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./8") = 0 [pid 5207] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] mkdir("./9", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3 [pid 5206] <... ioctl resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5206] close(3 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5209 ./strace-static-x86_64: Process 5209 attached [pid 5209] chdir("./9") = 0 [pid 5209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5209] setpgid(0, 0) = 0 [pid 5209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5208] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5206] <... close resumed>) = 0 [pid 5209] <... openat resumed>) = 3 [pid 5206] mkdir("./file1", 0777 [pid 5209] write(3, "1000", 4) = 4 [pid 5209] close(3) = 0 [pid 5209] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5209] memfd_create("syzkaller", 0) = 3 [pid 5209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5206] <... mkdir resumed>) = 0 [pid 5206] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5203] <... mount resumed>) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./8/file1", [pid 5203] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 96.384235][ T5203] REISERFS (device loop1): Using r5 hash to sort names [ 96.392833][ T5206] loop0: detected capacity change from 0 to 8192 [ 96.421520][ T5203] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./8/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./8" [pid 5203] <... openat resumed>) = 3 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] mkdir("./9", 0777 [pid 5203] chdir("./file1" [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5203] <... chdir resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5203] ioctl(4, LOOP_CLR_FD [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5203] <... ioctl resumed>) = 0 [pid 5203] close(4 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5211 [pid 5203] <... close resumed>) = 0 ./strace-static-x86_64: Process 5211 attached [pid 5203] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 96.460407][ T5206] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5211] chdir("./9" [pid 5203] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5203] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5211] <... chdir resumed>) = 0 [pid 5203] exit_group(0) = ? [pid 5211] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5203] +++ exited with 0 +++ [pid 5211] <... prctl resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5203, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5211] setpgid(0, 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5211] <... setpgid resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5211] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... openat resumed>) = 3 [pid 5211] <... openat resumed>) = 3 [pid 5091] fstat(3, [pid 5211] write(3, "1000", 4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5211] <... write resumed>) = 4 [pid 5091] getdents64(3, [pid 5211] close(3 [pid 5209] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5211] <... close resumed>) = 0 [pid 5091] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5211] symlink("/dev/binderfs", "./binderfs" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5211] <... symlink resumed>) = 0 [pid 5091] lstat("./8/binderfs", [pid 5211] memfd_create("syzkaller", 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5211] <... memfd_create resumed>) = 3 [pid 5208] <... write resumed>) = 4194304 [pid 5091] unlink("./8/binderfs" [ 96.511238][ T5206] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.520632][ T5206] REISERFS (device loop0): using ordered data mode [ 96.527734][ T5206] reiserfs: using flush barriers [ 96.534379][ T5206] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.551656][ T5206] REISERFS (device loop0): checking transaction log (loop0) [pid 5211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5208] munmap(0x7f12a0a40000, 4194304 [pid 5207] <... write resumed>) = 4194304 [pid 5091] <... unlink resumed>) = 0 [pid 5211] <... mmap resumed>) = 0x7f12a0a40000 [pid 5208] <... munmap resumed>) = 0 [pid 5207] munmap(0x7f12a0a40000, 4194304 [pid 5091] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5208] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5207] <... munmap resumed>) = 0 [pid 5208] <... openat resumed>) = 4 [pid 5207] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5208] ioctl(4, LOOP_SET_FD, 3 [pid 5207] <... openat resumed>) = 4 [pid 5208] <... ioctl resumed>) = 0 [pid 5207] ioctl(4, LOOP_SET_FD, 3 [pid 5208] close(3) = 0 [pid 5208] mkdir("./file1", 0777 [pid 5207] <... ioctl resumed>) = 0 [pid 5208] <... mkdir resumed>) = 0 [pid 5207] close(3 [pid 5208] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5207] <... close resumed>) = 0 [pid 5207] mkdir("./file1", 0777) = 0 [ 96.622426][ T5208] loop2: detected capacity change from 0 to 8192 [ 96.635463][ T5207] loop4: detected capacity change from 0 to 8192 [pid 5207] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5211] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5209] <... write resumed>) = 4194304 [ 96.674609][ T5208] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.681843][ T5206] REISERFS (device loop0): Using r5 hash to sort names [ 96.695185][ T5207] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5209] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5209] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5209] ioctl(4, LOOP_SET_FD, 3 [pid 5206] <... mount resumed>) = 0 [pid 5206] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5206] chdir("./file1") = 0 [pid 5206] ioctl(4, LOOP_CLR_FD) = 0 [ 96.717572][ T5208] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 96.727145][ T5206] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 96.729295][ T5209] loop5: detected capacity change from 0 to 8192 [ 96.737624][ T5207] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 96.753164][ T5207] REISERFS (device loop4): using ordered data mode [ 96.759717][ T5207] reiserfs: using flush barriers [pid 5206] close(4) = 0 [pid 5206] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5211] <... write resumed>) = 4194304 [pid 5209] <... ioctl resumed>) = 0 [pid 5206] <... openat resumed>) = 4 [pid 5211] munmap(0x7f12a0a40000, 4194304 [pid 5209] close(3 [pid 5206] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5211] <... munmap resumed>) = 0 [pid 5209] <... close resumed>) = 0 [pid 5206] <... mmap resumed>) = 0x20000000 [pid 5209] mkdir("./file1", 0777 [pid 5211] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5206] ioctl(4, FS_IOC_GETVERSION [pid 5209] <... mkdir resumed>) = 0 [pid 5211] <... openat resumed>) = 4 [pid 5206] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5209] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5211] ioctl(4, LOOP_SET_FD, 3 [pid 5206] exit_group(0) = ? [pid 5206] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5090] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5211] <... ioctl resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5211] close(3 [ 96.770439][ T5208] REISERFS (device loop2): using ordered data mode [ 96.778629][ T5208] reiserfs: using flush barriers [ 96.778865][ T5207] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.800137][ T5208] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5090] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, [pid 5211] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [ 96.832902][ T5211] loop3: detected capacity change from 0 to 8192 [ 96.847715][ T5209] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.855625][ T5208] REISERFS (device loop2): checking transaction log (loop2) [ 96.865151][ T5209] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5211] mkdir("./file1", 0777 [pid 5091] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5211] <... mkdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./8/binderfs", [pid 5091] lstat("./8/file1", [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] unlink("./8/binderfs" [pid 5211] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... unlink resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./8/file1") = 0 [ 96.869044][ T5207] REISERFS (device loop4): checking transaction log (loop4) [ 96.898385][ T5211] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.903168][ T5209] REISERFS (device loop5): using ordered data mode [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./8") = 0 [pid 5091] mkdir("./9", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 96.930410][ T5209] reiserfs: using flush barriers [ 96.940634][ T5209] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.964714][ T5209] REISERFS (device loop5): checking transaction log (loop5) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5216 ./strace-static-x86_64: Process 5216 attached [ 96.977545][ T5211] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 97.002871][ T5211] REISERFS (device loop3): using ordered data mode [ 97.018708][ T5211] reiserfs: using flush barriers [pid 5216] chdir("./9") = 0 [pid 5216] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5216] setpgid(0, 0) = 0 [pid 5216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5216] write(3, "1000", 4) = 4 [pid 5216] close(3) = 0 [pid 5216] symlink("/dev/binderfs", "./binderfs" [pid 5207] <... mount resumed>) = 0 [pid 5216] <... symlink resumed>) = 0 [pid 5207] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5216] memfd_create("syzkaller", 0 [pid 5207] <... openat resumed>) = 3 [pid 5216] <... memfd_create resumed>) = 3 [pid 5207] chdir("./file1" [pid 5216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5207] <... chdir resumed>) = 0 [pid 5216] <... mmap resumed>) = 0x7f12a0a40000 [pid 5207] ioctl(4, LOOP_CLR_FD) = 0 [ 97.027287][ T5211] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.045857][ T5207] REISERFS (device loop4): Using r5 hash to sort names [ 97.053160][ T5211] REISERFS (device loop3): checking transaction log (loop3) [ 97.061386][ T5207] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5207] close(4) = 0 [pid 5207] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5207] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5207] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5207] exit_group(0) = ? [pid 5207] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5207, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./9/binderfs") = 0 [pid 5094] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5216] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./9/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... umount2 resumed>) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./9/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./9") = 0 [ 97.245325][ T5211] REISERFS (device loop3): Using r5 hash to sort names [ 97.285339][ T5211] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] mkdir("./10", 0777 [pid 5211] <... mount resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5090] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5211] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5211] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5090] lstat("./8/file1", [pid 5211] chdir("./file1" [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5211] <... chdir resumed>) = 0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5211] ioctl(4, LOOP_CLR_FD [pid 5094] close(3 [pid 5090] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5211] <... ioctl resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5211] close(4 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5211] <... close resumed>) = 0 [pid 5211] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5217 [pid 5090] <... openat resumed>) = 4 [pid 5211] <... openat resumed>) = 4 [pid 5090] fstat(4, [pid 5211] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5217 attached [pid 5211] <... mmap resumed>) = 0x20000000 [pid 5090] getdents64(4, [pid 5217] chdir("./10" [pid 5216] <... write resumed>) = 4194304 [ 97.311728][ T5209] REISERFS (device loop5): Using r5 hash to sort names [ 97.318953][ T5209] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5211] ioctl(4, FS_IOC_GETVERSION [pid 5217] <... chdir resumed>) = 0 [pid 5211] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5217] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5211] exit_group(0 [pid 5090] getdents64(4, [pid 5216] munmap(0x7f12a0a40000, 4194304 [pid 5217] <... prctl resumed>) = 0 [pid 5211] <... exit_group resumed>) = ? [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5217] setpgid(0, 0 [pid 5211] +++ exited with 0 +++ [pid 5090] close(4 [pid 5217] <... setpgid resumed>) = 0 [pid 5216] <... munmap resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5216] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5211, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} --- [pid 5090] rmdir("./8/file1" [pid 5093] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5217] <... openat resumed>) = 3 [pid 5216] <... openat resumed>) = 4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... rmdir resumed>) = 0 [pid 5217] write(3, "1000", 4 [pid 5216] ioctl(4, LOOP_SET_FD, 3 [pid 5093] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] getdents64(3, [pid 5093] <... openat resumed>) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./9/binderfs" [pid 5217] <... write resumed>) = 4 [pid 5216] <... ioctl resumed>) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5217] close(3 [pid 5216] close(3 [pid 5209] <... mount resumed>) = 0 [pid 5090] close(3 [pid 5217] <... close resumed>) = 0 [pid 5216] <... close resumed>) = 0 [pid 5209] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] <... close resumed>) = 0 [pid 5217] symlink("/dev/binderfs", "./binderfs" [pid 5216] mkdir("./file1", 0777 [pid 5209] <... openat resumed>) = 3 [pid 5208] <... mount resumed>) = 0 [pid 5093] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] rmdir("./8" [pid 5217] <... symlink resumed>) = 0 [pid 5216] <... mkdir resumed>) = 0 [pid 5209] chdir("./file1" [pid 5208] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] <... rmdir resumed>) = 0 [pid 5217] memfd_create("syzkaller", 0 [pid 5216] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5209] <... chdir resumed>) = 0 [pid 5208] <... openat resumed>) = 3 [pid 5090] mkdir("./9", 0777 [pid 5217] <... memfd_create resumed>) = 3 [pid 5209] ioctl(4, LOOP_CLR_FD [pid 5208] chdir("./file1" [pid 5090] <... mkdir resumed>) = 0 [pid 5217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5209] <... ioctl resumed>) = 0 [ 97.379542][ T5208] REISERFS (device loop2): Using r5 hash to sort names [ 97.403088][ T5216] loop1: detected capacity change from 0 to 8192 [ 97.412282][ T5208] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5208] <... chdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5217] <... mmap resumed>) = 0x7f12a0a40000 [pid 5209] close(4 [pid 5208] ioctl(4, LOOP_CLR_FD [pid 5090] <... openat resumed>) = 3 [pid 5209] <... close resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5209] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5208] <... ioctl resumed>) = 0 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5209] <... openat resumed>) = 4 [pid 5090] close(3 [pid 5208] close(4 [pid 5209] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] <... close resumed>) = 0 [pid 5209] <... mmap resumed>) = 0x20000000 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5209] ioctl(4, FS_IOC_GETVERSION [pid 5208] <... close resumed>) = 0 [pid 5209] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5208] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5219 [pid 5209] exit_group(0 [pid 5208] <... openat resumed>) = 4 [pid 5209] <... exit_group resumed>) = ? [pid 5209] +++ exited with 0 +++ [pid 5208] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5209, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5208] <... mmap resumed>) = 0x20000000 [pid 5095] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5208] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5208] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5219 attached [pid 5208] exit_group(0 [pid 5095] <... openat resumed>) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5208] <... exit_group resumed>) = ? [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5219] chdir("./9" [pid 5208] +++ exited with 0 +++ [pid 5095] lstat("./9/binderfs", [pid 5219] <... chdir resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5219] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] unlink("./9/binderfs" [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5208, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5219] <... prctl resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5092] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 97.448323][ T5216] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5219] setpgid(0, 0) = 0 [pid 5092] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5219] write(3, "1000", 4 [pid 5092] <... openat resumed>) = 3 [pid 5219] <... write resumed>) = 4 [pid 5092] fstat(3, [pid 5219] close(3) = 0 [pid 5219] symlink("/dev/binderfs", "./binderfs") = 0 [ 97.501224][ T5216] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 97.512267][ T5216] REISERFS (device loop1): using ordered data mode [ 97.518837][ T5216] reiserfs: using flush barriers [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5219] memfd_create("syzkaller", 0 [pid 5092] getdents64(3, [pid 5219] <... memfd_create resumed>) = 3 [pid 5219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5219] <... mmap resumed>) = 0x7f12a0a40000 [pid 5217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] lstat("./9/binderfs", [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] lstat("./9/file1", [pid 5092] unlink("./9/binderfs") = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [ 97.541363][ T5216] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] rmdir("./9/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./9") = 0 [pid 5093] mkdir("./10", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5220 ./strace-static-x86_64: Process 5220 attached [pid 5220] chdir("./10") = 0 [pid 5220] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5220] setpgid(0, 0) = 0 [pid 5220] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "1000", 4) = 4 [pid 5220] close(3) = 0 [pid 5219] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5220] symlink("/dev/binderfs", "./binderfs" [pid 5217] <... write resumed>) = 4194304 [ 97.658189][ T5216] REISERFS (device loop1): checking transaction log (loop1) [pid 5220] <... symlink resumed>) = 0 [pid 5217] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5220] memfd_create("syzkaller", 0) = 3 [pid 5220] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5217] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5220] <... mmap resumed>) = 0x7f12a0a40000 [pid 5217] <... openat resumed>) = 4 [pid 5217] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5217] close(3) = 0 [pid 5217] mkdir("./file1", 0777) = 0 [ 97.735384][ T5217] loop4: detected capacity change from 0 to 8192 [pid 5217] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./9/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 97.780637][ T5217] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.812072][ T5217] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5220] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./9/file1" [pid 5092] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5219] <... write resumed>) = 4194304 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] getdents64(3, [pid 5092] lstat("./9/file1", [pid 5219] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] close(3 [pid 5092] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... close resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] rmdir("./9" [pid 5092] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... rmdir resumed>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5095] mkdir("./10", 0777 [pid 5092] fstat(4, [pid 5219] <... munmap resumed>) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] getdents64(4, [ 97.830753][ T5217] REISERFS (device loop4): using ordered data mode [ 97.852639][ T5217] reiserfs: using flush barriers [ 97.859692][ T5217] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5219] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... openat resumed>) = 3 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5219] <... openat resumed>) = 4 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5092] getdents64(4, [pid 5219] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [ 97.878624][ T5217] REISERFS (device loop4): checking transaction log (loop4) [ 97.889982][ T5219] loop0: detected capacity change from 0 to 8192 [pid 5219] <... ioctl resumed>) = 0 [pid 5095] close(3 [pid 5092] close(4 [pid 5219] close(3 [pid 5095] <... close resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./9/file1" [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... rmdir resumed>) = 0 [pid 5220] <... write resumed>) = 4194304 ./strace-static-x86_64: Process 5222 attached [pid 5222] chdir("./10" [pid 5220] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5222] <... chdir resumed>) = 0 [pid 5222] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5222] setpgid(0, 0) = 0 [pid 5222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5220] ioctl(4, LOOP_SET_FD, 3 [pid 5219] <... close resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5222 [pid 5092] getdents64(3, [pid 5219] mkdir("./file1", 0777 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5219] <... mkdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./9" [pid 5219] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./10", 0777) = 0 [pid 5222] write(3, "1000", 4) = 4 [pid 5222] close(3 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5222] <... close resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5222] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5222] <... symlink resumed>) = 0 [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5222] memfd_create("syzkaller", 0) = 3 [pid 5222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 97.948042][ T5220] loop3: detected capacity change from 0 to 8192 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5224 [pid 5220] <... ioctl resumed>) = 0 [pid 5220] close(3) = 0 [pid 5220] mkdir("./file1", 0777) = 0 [pid 5220] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5224 attached [pid 5224] chdir("./10") = 0 [pid 5224] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5224] setpgid(0, 0) = 0 [pid 5224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5224] write(3, "1000", 4) = 4 [pid 5224] close(3) = 0 [pid 5224] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5224] memfd_create("syzkaller", 0) = 3 [pid 5224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 97.985927][ T5219] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.010214][ T5220] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.023993][ T5219] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 98.037964][ T5216] REISERFS (device loop1): Using r5 hash to sort names [pid 5217] <... mount resumed>) = 0 [pid 5216] <... mount resumed>) = 0 [pid 5217] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5216] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5217] <... openat resumed>) = 3 [pid 5216] <... openat resumed>) = 3 [pid 5224] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 98.045763][ T5217] REISERFS (device loop4): Using r5 hash to sort names [ 98.046189][ T5216] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 98.052974][ T5217] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 98.063127][ T5219] REISERFS (device loop0): using ordered data mode [pid 5217] chdir("./file1" [pid 5216] chdir("./file1" [pid 5217] <... chdir resumed>) = 0 [pid 5216] <... chdir resumed>) = 0 [pid 5217] ioctl(4, LOOP_CLR_FD [pid 5216] ioctl(4, LOOP_CLR_FD [pid 5217] <... ioctl resumed>) = 0 [pid 5217] close(4 [ 98.090139][ T5220] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5216] <... ioctl resumed>) = 0 [pid 5217] <... close resumed>) = 0 [pid 5217] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5216] close(4 [pid 5217] <... openat resumed>) = 4 [pid 5216] <... close resumed>) = 0 [pid 5217] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5216] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5224] <... write resumed>) = 4194304 [pid 5217] <... mmap resumed>) = 0x20000000 [pid 5216] <... openat resumed>) = 4 [pid 5224] munmap(0x7f12a0a40000, 4194304 [pid 5217] ioctl(4, FS_IOC_GETVERSION [pid 5216] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5224] <... munmap resumed>) = 0 [pid 5217] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 98.129917][ T5220] REISERFS (device loop3): using ordered data mode [ 98.137085][ T5220] reiserfs: using flush barriers [ 98.153258][ T5220] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.157502][ T5219] reiserfs: using flush barriers [pid 5224] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5222] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5217] exit_group(0 [pid 5216] <... mmap resumed>) = 0x20000000 [pid 5224] <... openat resumed>) = 4 [pid 5217] <... exit_group resumed>) = ? [pid 5216] ioctl(4, FS_IOC_GETVERSION [pid 5224] ioctl(4, LOOP_SET_FD, 3 [pid 5217] +++ exited with 0 +++ [pid 5216] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5217, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} --- [ 98.179586][ T5219] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.181576][ T5220] REISERFS (device loop3): checking transaction log (loop3) [pid 5094] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5216] exit_group(0 [pid 5094] fstat(3, [pid 5224] <... ioctl resumed>) = 0 [pid 5216] <... exit_group resumed>) = ? [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5224] close(3 [pid 5216] +++ exited with 0 +++ [pid 5094] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5224] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5216, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5224] mkdir("./file1", 0777 [pid 5094] lstat("./10/binderfs", [pid 5224] <... mkdir resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5224] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] unlink("./10/binderfs" [pid 5091] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... unlink resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 98.224319][ T5224] loop2: detected capacity change from 0 to 8192 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5222] <... write resumed>) = 4194304 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5222] munmap(0x7f12a0a40000, 4194304 [pid 5091] unlink("./9/binderfs" [pid 5222] <... munmap resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5222] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5222] <... openat resumed>) = 4 [ 98.271815][ T5224] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.282022][ T5219] REISERFS (device loop0): checking transaction log (loop0) [pid 5222] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5222] close(3) = 0 [pid 5222] mkdir("./file1", 0777) = 0 [ 98.329230][ T5222] loop5: detected capacity change from 0 to 8192 [ 98.360450][ T5224] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5222] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./10/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 98.386282][ T5219] REISERFS (device loop0): Using r5 hash to sort names [ 98.406249][ T5224] REISERFS (device loop2): using ordered data mode [ 98.416685][ T5224] reiserfs: using flush barriers [ 98.423429][ T5219] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5219] <... mount resumed>) = 0 [pid 5219] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5219] chdir("./file1") = 0 [pid 5219] ioctl(4, LOOP_CLR_FD) = 0 [pid 5219] close(4 [pid 5094] <... openat resumed>) = 4 [pid 5219] <... close resumed>) = 0 [pid 5219] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5219] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5219] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5219] exit_group(0) = ? [pid 5219] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5219, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=20 /* 0.20 s */} --- [pid 5090] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, [pid 5094] fstat(4, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] getdents64(4, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [ 98.441429][ T5224] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.459849][ T5222] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.484020][ T5220] REISERFS (device loop3): Using r5 hash to sort names [pid 5090] lstat("./9/binderfs", [pid 5094] getdents64(4, [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5220] <... mount resumed>) = 0 [pid 5094] close(4 [pid 5090] unlink("./9/binderfs" [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./10/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3 [pid 5220] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... close resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5220] <... openat resumed>) = 3 [pid 5094] rmdir("./10" [pid 5220] chdir("./file1" [pid 5094] <... rmdir resumed>) = 0 [pid 5090] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5220] <... chdir resumed>) = 0 [pid 5094] mkdir("./11", 0777 [pid 5091] <... umount2 resumed>) = 0 [pid 5220] ioctl(4, LOOP_CLR_FD [pid 5094] <... mkdir resumed>) = 0 [ 98.495764][ T5220] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 98.507298][ T5224] REISERFS (device loop2): checking transaction log (loop2) [ 98.513674][ T5222] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5220] <... ioctl resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5091] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5220] close(4 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5220] <... close resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5220] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5228 [pid 5220] <... openat resumed>) = 4 [pid 5091] lstat("./9/file1", [pid 5220] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 ./strace-static-x86_64: Process 5228 attached [pid 5220] ioctl(4, FS_IOC_GETVERSION [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5228] chdir("./11" [pid 5220] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5228] <... chdir resumed>) = 0 [pid 5220] exit_group(0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5228] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5220] <... exit_group resumed>) = ? [pid 5091] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5228] <... prctl resumed>) = 0 [pid 5220] +++ exited with 0 +++ [pid 5091] <... openat resumed>) = 4 [pid 5228] setpgid(0, 0 [pid 5091] fstat(4, [pid 5228] <... setpgid resumed>) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5220, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [ 98.550231][ T5222] REISERFS (device loop5): using ordered data mode [ 98.558989][ T5222] reiserfs: using flush barriers [ 98.567612][ T5222] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.586957][ T5222] REISERFS (device loop5): checking transaction log (loop5) [pid 5228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5228] <... openat resumed>) = 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] getdents64(4, [pid 5228] write(3, "1000", 4 [pid 5093] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5228] <... write resumed>) = 4 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5228] close(3 [pid 5093] <... openat resumed>) = 3 [pid 5091] getdents64(4, [pid 5228] <... close resumed>) = 0 [pid 5093] fstat(3, [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5228] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] close(4 [pid 5228] <... symlink resumed>) = 0 [pid 5093] getdents64(3, [pid 5228] memfd_create("syzkaller", 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... close resumed>) = 0 [pid 5228] <... memfd_create resumed>) = 3 [pid 5093] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] rmdir("./9/file1" [pid 5228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5228] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] lstat("./10/binderfs", [pid 5091] <... rmdir resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] getdents64(3, [pid 5093] unlink("./10/binderfs" [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5091] close(3 [pid 5093] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... close resumed>) = 0 [pid 5091] rmdir("./9") = 0 [pid 5091] mkdir("./10", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5229 ./strace-static-x86_64: Process 5229 attached [pid 5229] chdir("./10") = 0 [pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5229] setpgid(0, 0) = 0 [pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5229] write(3, "1000", 4) = 4 [pid 5229] close(3) = 0 [pid 5229] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5229] memfd_create("syzkaller", 0) = 3 [pid 5229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5228] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./9/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./9/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [ 98.839571][ T5222] REISERFS (device loop5): Using r5 hash to sort names [ 98.847591][ T5224] REISERFS (device loop2): Using r5 hash to sort names [ 98.878828][ T5224] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] rmdir("./9") = 0 [pid 5090] mkdir("./10", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5230 ./strace-static-x86_64: Process 5230 attached [pid 5230] chdir("./10") = 0 [pid 5229] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5230] setpgid(0, 0) = 0 [pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5222] <... mount resumed>) = 0 [pid 5230] <... openat resumed>) = 3 [pid 5230] write(3, "1000", 4 [pid 5222] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5230] <... write resumed>) = 4 [pid 5222] <... openat resumed>) = 3 [pid 5230] close(3 [pid 5224] <... mount resumed>) = 0 [ 98.884525][ T5222] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5222] chdir("./file1" [pid 5093] <... umount2 resumed>) = 0 [pid 5230] <... close resumed>) = 0 [pid 5224] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5222] <... chdir resumed>) = 0 [pid 5093] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5230] symlink("/dev/binderfs", "./binderfs" [pid 5224] <... openat resumed>) = 3 [pid 5222] ioctl(4, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5230] <... symlink resumed>) = 0 [pid 5224] chdir("./file1" [pid 5222] <... ioctl resumed>) = 0 [pid 5093] lstat("./10/file1", [pid 5230] memfd_create("syzkaller", 0 [pid 5224] <... chdir resumed>) = 0 [pid 5222] close(4 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5230] <... memfd_create resumed>) = 3 [pid 5224] ioctl(4, LOOP_CLR_FD [pid 5222] <... close resumed>) = 0 [pid 5230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5224] <... ioctl resumed>) = 0 [pid 5222] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5230] <... mmap resumed>) = 0x7f12a0a40000 [pid 5224] close(4 [pid 5222] <... openat resumed>) = 4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5224] <... close resumed>) = 0 [pid 5222] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5224] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5222] <... mmap resumed>) = 0x20000000 [pid 5093] <... openat resumed>) = 4 [pid 5224] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5222] ioctl(4, FS_IOC_GETVERSION [pid 5093] fstat(4, [pid 5224] <... mmap resumed>) = 0x20000000 [pid 5222] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5228] <... write resumed>) = 4194304 [pid 5224] ioctl(4, FS_IOC_GETVERSION [pid 5222] exit_group(0 [pid 5229] <... write resumed>) = 4194304 [pid 5093] getdents64(4, [pid 5228] munmap(0x7f12a0a40000, 4194304 [pid 5224] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5222] <... exit_group resumed>) = ? [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5228] <... munmap resumed>) = 0 [pid 5224] exit_group(0 [pid 5228] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5224] <... exit_group resumed>) = ? [pid 5228] <... openat resumed>) = 4 [pid 5224] +++ exited with 0 +++ [pid 5222] +++ exited with 0 +++ [pid 5093] getdents64(4, [pid 5228] ioctl(4, LOOP_SET_FD, 3 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5222, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5224, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5229] munmap(0x7f12a0a40000, 4194304 [pid 5093] close(4 [pid 5228] <... ioctl resumed>) = 0 [pid 5228] close(3 [pid 5093] <... close resumed>) = 0 [pid 5095] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] rmdir("./10/file1" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] getdents64(3, [pid 5095] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] close(3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./10/binderfs", [pid 5093] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5229] <... munmap resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] rmdir("./10" [pid 5095] unlink("./10/binderfs" [pid 5092] <... openat resumed>) = 3 [pid 5229] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... unlink resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] fstat(3, [pid 5095] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] mkdir("./11", 0777 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5229] <... openat resumed>) = 4 [pid 5228] <... close resumed>) = 0 [pid 5228] mkdir("./file1", 0777 [pid 5229] ioctl(4, LOOP_SET_FD, 3 [pid 5228] <... mkdir resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5230] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5228] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... openat resumed>) = 3 [pid 5092] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] lstat("./10/binderfs", [pid 5093] close(3 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] unlink("./10/binderfs") = 0 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5232 [pid 5092] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5232 attached [pid 5232] chdir("./11") = 0 [pid 5232] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5232] setpgid(0, 0) = 0 [pid 5229] <... ioctl resumed>) = 0 [pid 5229] close(3 [pid 5232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5229] <... close resumed>) = 0 [ 99.008040][ T5228] loop4: detected capacity change from 0 to 8192 [ 99.037632][ T5229] loop1: detected capacity change from 0 to 8192 [pid 5229] mkdir("./file1", 0777 [pid 5232] <... openat resumed>) = 3 [pid 5229] <... mkdir resumed>) = 0 [pid 5232] write(3, "1000", 4) = 4 [pid 5232] close(3) = 0 [pid 5232] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5232] memfd_create("syzkaller", 0) = 3 [pid 5232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 99.078505][ T5228] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.107885][ T5228] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 99.118243][ T5228] REISERFS (device loop4): using ordered data mode [ 99.126217][ T5228] reiserfs: using flush barriers [ 99.141871][ T5228] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.159757][ T5229] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5229] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5230] <... write resumed>) = 4194304 [pid 5230] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5230] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5230] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5230] close(3) = 0 [ 99.173367][ T5229] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 99.183905][ T5229] REISERFS (device loop1): using ordered data mode [ 99.202472][ T5229] reiserfs: using flush barriers [ 99.203116][ T5228] REISERFS (device loop4): checking transaction log (loop4) [ 99.217272][ T5230] loop0: detected capacity change from 0 to 8192 [pid 5232] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5230] mkdir("./file1", 0777 [pid 5095] <... umount2 resumed>) = 0 [pid 5230] <... mkdir resumed>) = 0 [pid 5095] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5230] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./10/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 99.240053][ T5229] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.274719][ T5230] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./10/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [ 99.288331][ T5230] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.298395][ T5230] REISERFS (device loop0): using ordered data mode [ 99.306428][ T5230] reiserfs: using flush barriers [ 99.312882][ T5230] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.331976][ T5229] REISERFS (device loop1): checking transaction log (loop1) [pid 5095] rmdir("./10") = 0 [pid 5095] mkdir("./11", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5235 [ 99.351347][ T5230] REISERFS (device loop0): checking transaction log (loop0) ./strace-static-x86_64: Process 5235 attached [pid 5235] chdir("./11") = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5235] setpgid(0, 0) = 0 [pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "1000", 4) = 4 [pid 5235] close(3) = 0 [pid 5235] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5235] memfd_create("syzkaller", 0) = 3 [pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5235] <... mmap resumed>) = 0x7f12a0a40000 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./10/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, [pid 5232] <... write resumed>) = 4194304 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5232] munmap(0x7f12a0a40000, 4194304 [pid 5092] getdents64(4, [pid 5232] <... munmap resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5232] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] getdents64(4, [pid 5232] <... openat resumed>) = 4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5232] ioctl(4, LOOP_SET_FD, 3 [pid 5092] close(4) = 0 [pid 5092] rmdir("./10/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./10") = 0 [pid 5092] mkdir("./11", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5232] <... ioctl resumed>) = 0 [pid 5092] close(3 [pid 5232] close(3 [pid 5092] <... close resumed>) = 0 [pid 5232] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5232] mkdir("./file1", 0777) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5236 [pid 5232] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5236 attached [ 99.491146][ T5232] loop3: detected capacity change from 0 to 8192 [pid 5236] chdir("./11") = 0 [pid 5236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5236] setpgid(0, 0) = 0 [pid 5236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5236] write(3, "1000", 4) = 4 [pid 5236] close(3) = 0 [pid 5236] symlink("/dev/binderfs", "./binderfs") = 0 [ 99.535267][ T5228] REISERFS (device loop4): Using r5 hash to sort names [ 99.552630][ T5232] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.572817][ T5232] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5236] memfd_create("syzkaller", 0) = 3 [pid 5228] <... mount resumed>) = 0 [pid 5236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5228] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5228] chdir("./file1") = 0 [pid 5228] ioctl(4, LOOP_CLR_FD) = 0 [pid 5228] close(4) = 0 [pid 5228] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 99.589879][ T5228] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 99.594478][ T5230] REISERFS (device loop0): Using r5 hash to sort names [ 99.606506][ T5232] REISERFS (device loop3): using ordered data mode [ 99.614370][ T5232] reiserfs: using flush barriers [ 99.623625][ T5230] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5228] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5228] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5228] exit_group(0 [pid 5230] <... mount resumed>) = 0 [pid 5228] <... exit_group resumed>) = ? [ 99.647399][ T5232] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5236] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5230] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5228] +++ exited with 0 +++ [pid 5230] <... openat resumed>) = 3 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5228, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5230] chdir("./file1") = 0 [pid 5230] ioctl(4, LOOP_CLR_FD) = 0 [pid 5094] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5230] close(4) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5230] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5230] <... openat resumed>) = 4 [pid 5094] <... openat resumed>) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5230] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] getdents64(3, [pid 5230] <... mmap resumed>) = 0x20000000 [pid 5230] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [ 99.688964][ T5232] REISERFS (device loop3): checking transaction log (loop3) [ 99.697790][ T5229] REISERFS (device loop1): Using r5 hash to sort names [pid 5230] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5230] exit_group(0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5230] <... exit_group resumed>) = ? [pid 5094] lstat("./11/binderfs", [pid 5230] +++ exited with 0 +++ [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5094] unlink("./11/binderfs" [pid 5090] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] <... unlink resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./10/binderfs", [pid 5235] <... write resumed>) = 4194304 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./10/binderfs") = 0 [pid 5090] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5229] <... mount resumed>) = 0 [pid 5229] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5229] chdir("./file1") = 0 [pid 5229] ioctl(4, LOOP_CLR_FD) = 0 [ 99.735163][ T5229] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5229] close(4) = 0 [pid 5229] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5235] munmap(0x7f12a0a40000, 4194304 [pid 5229] <... openat resumed>) = 4 [pid 5235] <... munmap resumed>) = 0 [pid 5229] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5235] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5229] <... mmap resumed>) = 0x20000000 [pid 5235] <... openat resumed>) = 4 [pid 5229] ioctl(4, FS_IOC_GETVERSION [pid 5235] ioctl(4, LOOP_SET_FD, 3 [pid 5229] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5229] exit_group(0) = ? [pid 5229] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5229, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=13 /* 0.13 s */} --- [pid 5091] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./10/binderfs" [pid 5236] <... write resumed>) = 4194304 [pid 5091] <... unlink resumed>) = 0 [pid 5235] <... ioctl resumed>) = 0 [pid 5091] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5235] close(3) = 0 [pid 5235] mkdir("./file1", 0777) = 0 [ 99.819031][ T5235] loop5: detected capacity change from 0 to 8192 [pid 5235] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5236] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5236] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5236] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5236] close(3) = 0 [ 99.878814][ T5235] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.904651][ T5236] loop2: detected capacity change from 0 to 8192 [pid 5236] mkdir("./file1", 0777) = 0 [pid 5236] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... umount2 resumed>) = 0 [ 99.932621][ T5235] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 99.965966][ T5236] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./11/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./11") = 0 [pid 5094] mkdir("./12", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 99.991181][ T5235] REISERFS (device loop5): using ordered data mode [ 100.011810][ T5235] reiserfs: using flush barriers [ 100.020070][ T5232] REISERFS (device loop3): Using r5 hash to sort names [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5240 ./strace-static-x86_64: Process 5240 attached [pid 5090] <... umount2 resumed>) = 0 [pid 5240] chdir("./12") = 0 [pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5240] <... prctl resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5240] setpgid(0, 0) = 0 [pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... umount2 resumed>) = 0 [pid 5090] lstat("./10/file1", [pid 5240] <... openat resumed>) = 3 [pid 5232] <... mount resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5240] write(3, "1000", 4 [pid 5232] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5232] chdir("./file1" [pid 5240] <... write resumed>) = 4 [pid 5090] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5232] <... chdir resumed>) = 0 [ 100.028429][ T5235] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.045390][ T5236] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 100.072001][ T5232] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5232] ioctl(4, LOOP_CLR_FD [pid 5240] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5232] <... ioctl resumed>) = 0 [pid 5232] close(4) = 0 [pid 5232] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5232] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5232] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5240] <... close resumed>) = 0 [pid 5232] exit_group(0 [pid 5090] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5240] symlink("/dev/binderfs", "./binderfs" [pid 5091] lstat("./10/file1", [pid 5090] <... openat resumed>) = 4 [pid 5232] <... exit_group resumed>) = ? [pid 5240] <... symlink resumed>) = 0 [pid 5090] fstat(4, [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5240] memfd_create("syzkaller", 0 [pid 5232] +++ exited with 0 +++ [pid 5091] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5232, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=29 /* 0.29 s */} --- [pid 5090] getdents64(4, [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] close(4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... close resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5240] <... memfd_create resumed>) = 3 [pid 5090] rmdir("./10/file1" [pid 5093] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 4 [pid 5240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] fstat(3, [pid 5091] fstat(4, [pid 5090] <... rmdir resumed>) = 0 [pid 5240] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] getdents64(4, [pid 5093] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] getdents64(4, [pid 5090] close(3 [pid 5093] lstat("./11/binderfs", [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... close resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] close(4 [pid 5090] rmdir("./10" [pid 5093] unlink("./11/binderfs" [pid 5091] <... close resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5091] rmdir("./10/file1" [pid 5093] <... unlink resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5093] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(3, [pid 5090] mkdir("./11", 0777 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./10" [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5091] <... rmdir resumed>) = 0 [pid 5091] mkdir("./11", 0777 [pid 5090] <... openat resumed>) = 3 [pid 5091] <... mkdir resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 100.086617][ T5235] REISERFS (device loop5): checking transaction log (loop5) [ 100.087098][ T5236] REISERFS (device loop2): using ordered data mode [ 100.108643][ T5236] reiserfs: using flush barriers [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] close(3 [pid 5091] <... openat resumed>) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... close resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5242 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5241 ./strace-static-x86_64: Process 5241 attached [ 100.135788][ T5236] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5241] chdir("./11") = 0 ./strace-static-x86_64: Process 5242 attached [pid 5242] chdir("./11") = 0 [pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5242] setpgid(0, 0) = 0 [pid 5241] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5241] setpgid(0, 0 [pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5241] <... setpgid resumed>) = 0 [pid 5242] <... openat resumed>) = 3 [pid 5241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5242] write(3, "1000", 4 [pid 5241] <... openat resumed>) = 3 [pid 5242] <... write resumed>) = 4 [pid 5241] write(3, "1000", 4 [pid 5242] close(3 [pid 5241] <... write resumed>) = 4 [pid 5242] <... close resumed>) = 0 [pid 5241] close(3 [pid 5242] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5241] <... close resumed>) = 0 [pid 5242] memfd_create("syzkaller", 0 [pid 5241] symlink("/dev/binderfs", "./binderfs" [pid 5242] <... memfd_create resumed>) = 3 [pid 5241] <... symlink resumed>) = 0 [pid 5242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5241] memfd_create("syzkaller", 0) = 3 [ 100.189637][ T5236] REISERFS (device loop2): checking transaction log (loop2) [pid 5241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5241] <... mmap resumed>) = 0x7f12a0a40000 [pid 5241] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5242] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5240] <... write resumed>) = 4194304 [pid 5093] fstat(4, [pid 5240] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, [pid 5240] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 100.384857][ T5235] REISERFS (device loop5): Using r5 hash to sort names [ 100.413758][ T5235] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5240] ioctl(4, LOOP_SET_FD, 3 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./11/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./11") = 0 [pid 5093] mkdir("./12", 0777 [pid 5240] <... ioctl resumed>) = 0 [pid 5240] close(3) = 0 [pid 5240] mkdir("./file1", 0777 [pid 5093] <... mkdir resumed>) = 0 [pid 5240] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5235] <... mount resumed>) = 0 [pid 5240] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5235] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... openat resumed>) = 3 [pid 5235] <... openat resumed>) = 3 [pid 5235] chdir("./file1" [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5235] <... chdir resumed>) = 0 [pid 5235] ioctl(4, LOOP_CLR_FD) = 0 [pid 5235] close(4) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 100.432611][ T5240] loop4: detected capacity change from 0 to 8192 [pid 5241] <... write resumed>) = 4194304 [pid 5235] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] close(3 [pid 5235] <... openat resumed>) = 4 [pid 5235] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... close resumed>) = 0 [pid 5235] <... mmap resumed>) = 0x20000000 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5235] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5235] exit_group(0) = ? [pid 5235] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5235, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=14 /* 0.14 s */} --- [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5244 [pid 5241] munmap(0x7f12a0a40000, 4194304 [pid 5095] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5241] <... munmap resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5244 attached [ 100.476442][ T5240] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.494366][ T5236] REISERFS (device loop2): Using r5 hash to sort names [ 100.515774][ T5240] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal ) = 3 [pid 5242] <... write resumed>) = 4194304 [pid 5241] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] fstat(3, [pid 5244] chdir("./12") = 0 [pid 5242] munmap(0x7f12a0a40000, 4194304 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5241] <... openat resumed>) = 4 [pid 5244] <... prctl resumed>) = 0 [pid 5244] setpgid(0, 0 [pid 5242] <... munmap resumed>) = 0 [pid 5241] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5244] <... setpgid resumed>) = 0 [pid 5095] getdents64(3, [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5244] write(3, "1000", 4) = 4 [pid 5244] close(3) = 0 [pid 5244] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5244] memfd_create("syzkaller", 0) = 3 [pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./11/binderfs", [pid 5242] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5242] <... openat resumed>) = 4 [pid 5095] unlink("./11/binderfs" [pid 5242] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5242] <... ioctl resumed>) = 0 [pid 5242] close(3) = 0 [pid 5242] mkdir("./file1", 0777 [pid 5241] <... ioctl resumed>) = 0 [pid 5242] <... mkdir resumed>) = 0 [ 100.516121][ T5236] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 100.539021][ T5241] loop0: detected capacity change from 0 to 8192 [ 100.551947][ T5242] loop1: detected capacity change from 0 to 8192 [pid 5242] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5241] close(3 [pid 5236] <... mount resumed>) = 0 [pid 5241] <... close resumed>) = 0 [pid 5241] mkdir("./file1", 0777 [pid 5244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5241] <... mkdir resumed>) = 0 [pid 5236] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5241] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5236] <... openat resumed>) = 3 [pid 5236] chdir("./file1") = 0 [pid 5236] ioctl(4, LOOP_CLR_FD) = 0 [pid 5236] close(4) = 0 [pid 5236] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5236] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5236] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5236] exit_group(0) = ? [pid 5236] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5236, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5092] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 100.575803][ T5240] REISERFS (device loop4): using ordered data mode [ 100.584695][ T5240] reiserfs: using flush barriers [ 100.593854][ T5240] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.611751][ T5242] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5092] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./11/binderfs") = 0 [ 100.641803][ T5241] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.643632][ T5240] REISERFS (device loop4): checking transaction log (loop4) [ 100.661091][ T5242] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 100.691113][ T5241] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.720447][ T5241] REISERFS (device loop0): using ordered data mode [pid 5092] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 100.741200][ T5242] REISERFS (device loop1): using ordered data mode [ 100.748048][ T5242] reiserfs: using flush barriers [ 100.754852][ T5241] reiserfs: using flush barriers [ 100.756120][ T5242] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5244] <... write resumed>) = 4194304 [pid 5244] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5244] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 100.777216][ T5241] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5244] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5244] close(3) = 0 [pid 5244] mkdir("./file1", 0777) = 0 [ 100.814059][ T5244] loop3: detected capacity change from 0 to 8192 [ 100.848589][ T5241] REISERFS (device loop0): checking transaction log (loop0) [pid 5244] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4 [pid 5240] <... mount resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5240] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] rmdir("./11/file1" [pid 5240] <... openat resumed>) = 3 [pid 5095] <... rmdir resumed>) = 0 [pid 5240] chdir("./file1" [pid 5095] getdents64(3, [pid 5240] <... chdir resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5240] ioctl(4, LOOP_CLR_FD [pid 5095] close(3 [pid 5240] <... ioctl resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5240] close(4 [ 100.857164][ T5244] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.859809][ T5242] REISERFS (device loop1): checking transaction log (loop1) [ 100.875421][ T5240] REISERFS (device loop4): Using r5 hash to sort names [ 100.893785][ T5244] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 100.896327][ T5240] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] rmdir("./11" [pid 5240] <... close resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5240] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] mkdir("./12", 0777 [pid 5092] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5240] <... openat resumed>) = 4 [pid 5095] <... mkdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5240] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] lstat("./11/file1", [pid 5240] <... mmap resumed>) = 0x20000000 [pid 5095] <... openat resumed>) = 3 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5240] ioctl(4, FS_IOC_GETVERSION [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5092] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5240] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5240] exit_group(0 [pid 5095] close(3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5240] <... exit_group resumed>) = ? [pid 5095] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5240] +++ exited with 0 +++ [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... openat resumed>) = 4 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5240, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 100.955211][ T5244] REISERFS (device loop3): using ordered data mode [ 100.961917][ T5244] reiserfs: using flush barriers [ 100.974471][ T5244] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5092] fstat(4, ./strace-static-x86_64: Process 5248 attached [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5248 [pid 5094] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5248] chdir("./12" [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5248] <... chdir resumed>) = 0 [pid 5094] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5248] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] lstat("./12/binderfs", [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./12/binderfs" [pid 5248] <... prctl resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5092] getdents64(4, [pid 5248] setpgid(0, 0 [pid 5094] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5248] <... setpgid resumed>) = 0 [pid 5092] close(4 [pid 5248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... close resumed>) = 0 [pid 5248] <... openat resumed>) = 3 [pid 5248] write(3, "1000", 4 [pid 5092] rmdir("./11/file1" [pid 5248] <... write resumed>) = 4 [pid 5248] close(3 [pid 5092] <... rmdir resumed>) = 0 [ 101.023165][ T5244] REISERFS (device loop3): checking transaction log (loop3) [pid 5248] <... close resumed>) = 0 [pid 5092] getdents64(3, [pid 5248] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5248] <... symlink resumed>) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./11" [pid 5248] memfd_create("syzkaller", 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5248] <... memfd_create resumed>) = 3 [pid 5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] mkdir("./12", 0777 [pid 5248] <... mmap resumed>) = 0x7f12a0a40000 [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5249 ./strace-static-x86_64: Process 5249 attached [pid 5249] chdir("./12") = 0 [pid 5249] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5249] setpgid(0, 0) = 0 [pid 5249] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5249] write(3, "1000", 4) = 4 [pid 5249] close(3) = 0 [pid 5249] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5249] memfd_create("syzkaller", 0) = 3 [pid 5249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 101.202101][ T5244] REISERFS (device loop3): Using r5 hash to sort names [ 101.226282][ T5241] REISERFS (device loop0): Using r5 hash to sort names [pid 5248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5244] <... mount resumed>) = 0 [ 101.253184][ T5244] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 101.271652][ T5242] REISERFS (device loop1): Using r5 hash to sort names [ 101.288229][ T5241] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5244] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... umount2 resumed>) = 0 [pid 5244] <... openat resumed>) = 3 [pid 5244] chdir("./file1" [pid 5241] <... mount resumed>) = 0 [pid 5241] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5241] chdir("./file1") = 0 [pid 5241] ioctl(4, LOOP_CLR_FD) = 0 [pid 5241] close(4 [pid 5249] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5244] <... chdir resumed>) = 0 [pid 5094] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5241] <... close resumed>) = 0 [pid 5241] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5244] ioctl(4, LOOP_CLR_FD) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5241] <... openat resumed>) = 4 [pid 5244] close(4 [pid 5094] lstat("./12/file1", [pid 5241] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5244] <... close resumed>) = 0 [pid 5241] <... mmap resumed>) = 0x20000000 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5244] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5244] <... openat resumed>) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5244] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5241] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5241] exit_group(0 [pid 5244] <... mmap resumed>) = 0x20000000 [pid 5241] <... exit_group resumed>) = ? [pid 5094] <... openat resumed>) = 4 [pid 5244] ioctl(4, FS_IOC_GETVERSION [ 101.298842][ T5242] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] fstat(4, [pid 5244] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5241] +++ exited with 0 +++ [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5244] exit_group(0 [pid 5094] getdents64(4, [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5241, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5244] <... exit_group resumed>) = ? [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5242] <... mount resumed>) = 0 [pid 5242] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5242] chdir("./file1") = 0 [pid 5242] ioctl(4, LOOP_CLR_FD) = 0 [pid 5244] +++ exited with 0 +++ [pid 5242] close(4 [pid 5094] getdents64(4, [pid 5242] <... close resumed>) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5244, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5242] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5094] close(4 [pid 5090] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5242] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... close resumed>) = 0 [pid 5242] <... mmap resumed>) = 0x20000000 [pid 5094] rmdir("./12/file1" [pid 5093] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5248] <... write resumed>) = 4194304 [pid 5242] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5242] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5242] exit_group(0 [pid 5094] getdents64(3, [pid 5093] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... openat resumed>) = 3 [pid 5242] <... exit_group resumed>) = ? [pid 5248] munmap(0x7f12a0a40000, 4194304 [pid 5242] +++ exited with 0 +++ [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5090] fstat(3, [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5242, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5091] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./11/binderfs") = 0 [pid 5091] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5248] <... munmap resumed>) = 0 [pid 5094] close(3 [pid 5093] fstat(3, [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5248] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... close resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, [pid 5248] <... openat resumed>) = 4 [pid 5094] rmdir("./12" [pid 5093] getdents64(3, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5248] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5249] <... write resumed>) = 4194304 [pid 5248] <... ioctl resumed>) = 0 [pid 5094] mkdir("./13", 0777 [pid 5093] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... mkdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./11/binderfs", [pid 5248] close(3 [pid 5093] lstat("./12/binderfs", [pid 5248] <... close resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5248] mkdir("./file1", 0777 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] unlink("./11/binderfs" [pid 5093] unlink("./12/binderfs" [pid 5090] <... unlink resumed>) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5248] <... mkdir resumed>) = 0 [pid 5093] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 3 [pid 5248] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5249] munmap(0x7f12a0a40000, 4194304 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5251 ./strace-static-x86_64: Process 5251 attached [pid 5251] chdir("./13") = 0 [pid 5251] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5251] setpgid(0, 0) = 0 [pid 5251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5251] write(3, "1000", 4) = 4 [pid 5251] close(3) = 0 [pid 5251] symlink("/dev/binderfs", "./binderfs" [pid 5249] <... munmap resumed>) = 0 [pid 5249] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5251] <... symlink resumed>) = 0 [ 101.402551][ T5248] loop5: detected capacity change from 0 to 8192 [ 101.432135][ T5248] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5249] <... openat resumed>) = 4 [pid 5249] ioctl(4, LOOP_SET_FD, 3 [pid 5251] memfd_create("syzkaller", 0) = 3 [pid 5251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5249] <... ioctl resumed>) = 0 [pid 5249] close(3) = 0 [pid 5249] mkdir("./file1", 0777) = 0 [ 101.461285][ T5249] loop2: detected capacity change from 0 to 8192 [ 101.499983][ T5248] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 101.533018][ T5249] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.549986][ T5248] REISERFS (device loop5): using ordered data mode [pid 5249] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 101.581307][ T5249] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 101.590747][ T5249] REISERFS (device loop2): using ordered data mode [ 101.597970][ T5248] reiserfs: using flush barriers [ 101.606593][ T5249] reiserfs: using flush barriers [pid 5251] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = 0 [pid 5251] <... write resumed>) = 4194304 [pid 5251] munmap(0x7f12a0a40000, 4194304 [pid 5093] <... umount2 resumed>) = 0 [pid 5251] <... munmap resumed>) = 0 [pid 5093] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5251] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5251] <... openat resumed>) = 4 [pid 5093] lstat("./12/file1", [pid 5251] ioctl(4, LOOP_SET_FD, 3 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 101.624127][ T5249] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.658346][ T5248] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5091] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = 0 [pid 5251] <... ioctl resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... openat resumed>) = 4 [pid 5093] <... openat resumed>) = 4 [pid 5251] close(3 [pid 5093] fstat(4, [pid 5091] fstat(4, [pid 5090] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5251] <... close resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5251] mkdir("./file1", 0777 [pid 5093] getdents64(4, [pid 5091] getdents64(4, [pid 5090] lstat("./11/file1", [pid 5251] <... mkdir resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5251] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] getdents64(4, [pid 5091] getdents64(4, [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] close(4 [pid 5091] close(4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] rmdir("./12/file1" [pid 5091] rmdir("./11/file1" [pid 5093] <... rmdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5093] getdents64(3, [pid 5091] getdents64(3, [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5091] close(3 [pid 5093] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5093] rmdir("./12" [pid 5091] rmdir("./11" [pid 5093] <... rmdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5093] mkdir("./13", 0777 [pid 5091] mkdir("./12", 0777 [pid 5093] <... mkdir resumed>) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] fstat(4, [pid 5093] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD [ 101.690463][ T5251] loop4: detected capacity change from 0 to 8192 [ 101.697738][ T5249] REISERFS (device loop2): checking transaction log (loop2) [ 101.724025][ T5251] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] getdents64(4, [pid 5093] close(3 [pid 5091] close(3 [pid 5093] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5254 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5255 ./strace-static-x86_64: Process 5254 attached [pid 5254] chdir("./13") = 0 [pid 5254] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5255 attached ) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5255] chdir("./12") = 0 [pid 5090] getdents64(4, [pid 5255] prctl(PR_SET_PDEATHSIG, SIGKILL [ 101.743180][ T5248] REISERFS (device loop5): checking transaction log (loop5) [ 101.751215][ T5251] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 101.761134][ T5251] REISERFS (device loop4): using ordered data mode [ 101.767777][ T5251] reiserfs: using flush barriers [ 101.774978][ T5251] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5254] setpgid(0, 0 [pid 5255] <... prctl resumed>) = 0 [pid 5254] <... setpgid resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5255] setpgid(0, 0 [pid 5254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] close(4 [pid 5255] <... setpgid resumed>) = 0 [pid 5254] <... openat resumed>) = 3 [pid 5090] <... close resumed>) = 0 [pid 5255] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] rmdir("./11/file1" [pid 5254] write(3, "1000", 4 [pid 5255] <... openat resumed>) = 3 [pid 5090] <... rmdir resumed>) = 0 [pid 5254] <... write resumed>) = 4 [pid 5254] close(3 [pid 5255] write(3, "1000", 4 [pid 5254] <... close resumed>) = 0 [pid 5255] <... write resumed>) = 4 [pid 5090] getdents64(3, [pid 5254] symlink("/dev/binderfs", "./binderfs" [pid 5255] close(3 [pid 5254] <... symlink resumed>) = 0 [pid 5255] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5255] symlink("/dev/binderfs", "./binderfs" [pid 5254] memfd_create("syzkaller", 0 [pid 5255] <... symlink resumed>) = 0 [pid 5090] close(3 [pid 5255] memfd_create("syzkaller", 0 [pid 5090] <... close resumed>) = 0 [pid 5090] rmdir("./11" [pid 5254] <... memfd_create resumed>) = 3 [pid 5090] <... rmdir resumed>) = 0 [pid 5254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5255] <... memfd_create resumed>) = 3 [pid 5254] <... mmap resumed>) = 0x7f12a0a40000 [pid 5255] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 101.792738][ T5251] REISERFS (device loop4): checking transaction log (loop4) [pid 5090] mkdir("./12", 0777 [pid 5255] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] <... mkdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5256 ./strace-static-x86_64: Process 5256 attached [pid 5256] chdir("./12") = 0 [pid 5256] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5256] setpgid(0, 0) = 0 [pid 5256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5256] write(3, "1000", 4) = 4 [pid 5256] close(3) = 0 [pid 5256] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5256] memfd_create("syzkaller", 0) = 3 [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5254] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5255] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5249] <... mount resumed>) = 0 [pid 5249] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5249] chdir("./file1") = 0 [pid 5249] ioctl(4, LOOP_CLR_FD) = 0 [pid 5249] close(4) = 0 [pid 5249] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5249] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 102.008437][ T5249] REISERFS (device loop2): Using r5 hash to sort names [ 102.024692][ T5248] REISERFS (device loop5): Using r5 hash to sort names [ 102.034548][ T5249] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 102.047221][ T5248] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5248] <... mount resumed>) = 0 [pid 5248] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5249] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5249] exit_group(0 [pid 5248] chdir("./file1") = 0 [pid 5248] ioctl(4, LOOP_CLR_FD [pid 5249] <... exit_group resumed>) = ? [pid 5248] <... ioctl resumed>) = 0 [pid 5249] +++ exited with 0 +++ [pid 5256] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5248] close(4) = 0 [pid 5248] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5249, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5248] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5092] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5248] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5092] <... openat resumed>) = 3 [pid 5248] exit_group(0) = ? [pid 5092] fstat(3, [pid 5248] +++ exited with 0 +++ [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5248, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./12/binderfs") = 0 [pid 5092] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./12/binderfs") = 0 [ 102.080950][ T5251] REISERFS (device loop4): Using r5 hash to sort names [ 102.120790][ T5251] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5251] <... mount resumed>) = 0 [pid 5251] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5251] chdir("./file1") = 0 [pid 5251] ioctl(4, LOOP_CLR_FD) = 0 [pid 5251] close(4 [pid 5255] <... write resumed>) = 4194304 [pid 5254] <... write resumed>) = 4194304 [pid 5251] <... close resumed>) = 0 [pid 5255] munmap(0x7f12a0a40000, 4194304 [pid 5254] munmap(0x7f12a0a40000, 4194304 [pid 5251] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5255] <... munmap resumed>) = 0 [pid 5254] <... munmap resumed>) = 0 [pid 5255] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5254] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5251] <... openat resumed>) = 4 [pid 5251] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5254] <... openat resumed>) = 4 [pid 5255] <... openat resumed>) = 4 [pid 5255] ioctl(4, LOOP_SET_FD, 3 [pid 5254] ioctl(4, LOOP_SET_FD, 3 [pid 5251] <... mmap resumed>) = 0x20000000 [pid 5251] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5251] exit_group(0 [pid 5256] <... write resumed>) = 4194304 [pid 5251] <... exit_group resumed>) = ? [pid 5256] munmap(0x7f12a0a40000, 4194304 [pid 5255] <... ioctl resumed>) = 0 [pid 5254] <... ioctl resumed>) = 0 [pid 5251] +++ exited with 0 +++ [pid 5095] <... umount2 resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5251, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5256] <... munmap resumed>) = 0 [pid 5255] close(3 [pid 5254] close(3 [pid 5095] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5256] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5255] <... close resumed>) = 0 [pid 5254] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5256] <... openat resumed>) = 4 [pid 5255] mkdir("./file1", 0777 [pid 5254] mkdir("./file1", 0777 [pid 5095] lstat("./12/file1", [pid 5094] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5256] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5256] <... ioctl resumed>) = 0 [pid 5255] <... mkdir resumed>) = 0 [pid 5254] <... mkdir resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5256] close(3 [pid 5255] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5254] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 3 [pid 5256] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] fstat(3, [pid 5256] mkdir("./file1", 0777 [pid 5095] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5256] <... mkdir resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5094] getdents64(3, [pid 5256] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] fstat(4, [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] getdents64(4, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [ 102.219574][ T5254] loop3: detected capacity change from 0 to 8192 [ 102.226494][ T5255] loop1: detected capacity change from 0 to 8192 [ 102.252180][ T5256] loop0: detected capacity change from 0 to 8192 [pid 5094] lstat("./13/binderfs", [pid 5095] getdents64(4, [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] unlink("./13/binderfs" [pid 5095] close(4 [pid 5094] <... unlink resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] rmdir("./12/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./12") = 0 [pid 5095] mkdir("./13", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5260 [ 102.272771][ T5255] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.290125][ T5254] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 ./strace-static-x86_64: Process 5260 attached [pid 5260] chdir("./13") = 0 [pid 5260] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5260] setpgid(0, 0) = 0 [pid 5260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 102.312249][ T5256] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5260] write(3, "1000", 4) = 4 [pid 5260] close(3) = 0 [pid 5260] symlink("/dev/binderfs", "./binderfs") = 0 [ 102.348391][ T5254] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 102.353024][ T5256] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.358411][ T5255] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 102.367343][ T5256] REISERFS (device loop0): using ordered data mode [ 102.384379][ T5256] reiserfs: using flush barriers [ 102.392449][ T5254] REISERFS (device loop3): using ordered data mode [pid 5260] memfd_create("syzkaller", 0) = 3 [pid 5260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./12/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 102.399794][ T5256] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.400638][ T5254] reiserfs: using flush barriers [ 102.424186][ T5254] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./12/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./12") = 0 [pid 5092] mkdir("./13", 0777 [ 102.452410][ T5255] REISERFS (device loop1): using ordered data mode [ 102.459506][ T5255] reiserfs: using flush barriers [ 102.474520][ T5254] REISERFS (device loop3): checking transaction log (loop3) [ 102.476023][ T5255] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5260] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5261 ./strace-static-x86_64: Process 5261 attached [pid 5261] chdir("./13") = 0 [pid 5261] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5261] setpgid(0, 0) = 0 [pid 5261] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5261] write(3, "1000", 4) = 4 [pid 5261] close(3) = 0 [ 102.521631][ T5256] REISERFS (device loop0): checking transaction log (loop0) [pid 5261] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5261] memfd_create("syzkaller", 0) = 3 [pid 5094] <... umount2 resumed>) = 0 [pid 5261] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5261] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./13/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./13/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [ 102.598670][ T5255] REISERFS (device loop1): checking transaction log (loop1) [pid 5094] close(3) = 0 [pid 5094] rmdir("./13") = 0 [pid 5094] mkdir("./14", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5261] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5260] <... write resumed>) = 4194304 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5262 ./strace-static-x86_64: Process 5262 attached [pid 5260] munmap(0x7f12a0a40000, 4194304 [pid 5262] chdir("./14") = 0 [pid 5260] <... munmap resumed>) = 0 [pid 5262] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5260] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5262] <... prctl resumed>) = 0 [pid 5260] <... openat resumed>) = 4 [pid 5262] setpgid(0, 0 [pid 5260] ioctl(4, LOOP_SET_FD, 3 [pid 5262] <... setpgid resumed>) = 0 [pid 5262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5262] write(3, "1000", 4) = 4 [pid 5262] close(3) = 0 [pid 5262] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5262] memfd_create("syzkaller", 0) = 3 [pid 5260] <... ioctl resumed>) = 0 [pid 5260] close(3 [pid 5262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5260] <... close resumed>) = 0 [pid 5260] mkdir("./file1", 0777) = 0 [ 102.727092][ T5260] loop5: detected capacity change from 0 to 8192 [ 102.774532][ T5260] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.798114][ T5256] REISERFS (device loop0): Using r5 hash to sort names [ 102.816043][ T5254] REISERFS (device loop3): Using r5 hash to sort names [pid 5260] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5262] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5261] <... write resumed>) = 4194304 [pid 5256] <... mount resumed>) = 0 [pid 5256] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5256] chdir("./file1") = 0 [pid 5256] ioctl(4, LOOP_CLR_FD) = 0 [ 102.831946][ T5256] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 102.841456][ T5260] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 102.853219][ T5260] REISERFS (device loop5): using ordered data mode [ 102.860866][ T5254] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5256] close(4 [pid 5261] munmap(0x7f12a0a40000, 4194304 [pid 5256] <... close resumed>) = 0 [pid 5256] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5261] <... munmap resumed>) = 0 [pid 5256] <... openat resumed>) = 4 [pid 5256] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5261] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5256] <... mmap resumed>) = 0x20000000 [pid 5261] <... openat resumed>) = 4 [pid 5256] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5261] ioctl(4, LOOP_SET_FD, 3 [pid 5256] exit_group(0) = ? [pid 5256] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5256, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5090] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5254] <... mount resumed>) = 0 [pid 5254] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5254] <... openat resumed>) = 3 [pid 5254] chdir("./file1" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./12/binderfs", [pid 5254] <... chdir resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5254] ioctl(4, LOOP_CLR_FD [pid 5090] unlink("./12/binderfs" [pid 5254] <... ioctl resumed>) = 0 [ 102.877642][ T5255] REISERFS (device loop1): Using r5 hash to sort names [pid 5254] close(4 [pid 5090] <... unlink resumed>) = 0 [pid 5254] <... close resumed>) = 0 [pid 5254] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5254] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5254] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5254] exit_group(0) = ? [pid 5254] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5254, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5090] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./13/binderfs") = 0 [pid 5093] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5261] <... ioctl resumed>) = 0 [ 102.921839][ T5261] loop2: detected capacity change from 0 to 8192 [ 102.929854][ T5260] reiserfs: using flush barriers [ 102.939967][ T5260] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.958730][ T5260] REISERFS (device loop5): checking transaction log (loop5) [pid 5261] close(3) = 0 [pid 5261] mkdir("./file1", 0777) = 0 [ 102.966586][ T5255] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5261] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5255] <... mount resumed>) = 0 [pid 5255] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5255] chdir("./file1") = 0 [pid 5255] ioctl(4, LOOP_CLR_FD) = 0 [pid 5255] close(4) = 0 [pid 5255] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 102.999280][ T5261] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5255] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5255] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5255] exit_group(0) = ? [pid 5255] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5255, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5091] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./12/binderfs") = 0 [ 103.065690][ T5261] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 103.076568][ T5261] REISERFS (device loop2): using ordered data mode [ 103.084639][ T5261] reiserfs: using flush barriers [pid 5091] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5262] <... write resumed>) = 4194304 [pid 5262] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5262] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5262] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5262] close(3) = 0 [pid 5262] mkdir("./file1", 0777) = 0 [ 103.109379][ T5261] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.134999][ T5262] loop4: detected capacity change from 0 to 8192 [ 103.148891][ T5262] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.161954][ T5261] REISERFS (device loop2): checking transaction log (loop2) [ 103.207626][ T5262] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 103.282254][ T5262] REISERFS (device loop4): using ordered data mode [ 103.292989][ T5262] reiserfs: using flush barriers [pid 5262] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./13/file1", [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./12/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5260] <... mount resumed>) = 0 [pid 5093] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5260] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] <... umount2 resumed>) = 0 [pid 5260] <... openat resumed>) = 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5260] chdir("./file1") = 0 [pid 5093] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 4 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] fstat(4, [pid 5260] ioctl(4, LOOP_CLR_FD [pid 5093] <... openat resumed>) = 4 [pid 5091] lstat("./12/file1", [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5260] <... ioctl resumed>) = 0 [pid 5093] fstat(4, [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, [pid 5260] close(4 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5260] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] getdents64(4, [pid 5091] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5090] close(4 [pid 5091] fstat(4, [pid 5090] <... close resumed>) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] rmdir("./12/file1" [pid 5091] getdents64(4, [pid 5090] <... rmdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(3, [pid 5091] getdents64(4, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(3 [pid 5091] close(4 [pid 5090] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] rmdir("./12" [pid 5260] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] getdents64(4, [pid 5091] rmdir("./12/file1" [pid 5090] <... rmdir resumed>) = 0 [pid 5260] <... openat resumed>) = 4 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... rmdir resumed>) = 0 [ 103.320747][ T5262] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.351866][ T5260] REISERFS (device loop5): Using r5 hash to sort names [ 103.359086][ T5260] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 103.373582][ T5262] REISERFS (device loop4): checking transaction log (loop4) [pid 5090] mkdir("./13", 0777 [pid 5260] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] getdents64(4, [pid 5091] getdents64(3, [pid 5090] <... mkdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5091] close(3 [pid 5260] <... mmap resumed>) = 0x20000000 [pid 5090] <... openat resumed>) = 3 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5260] ioctl(4, FS_IOC_GETVERSION [pid 5093] close(4 [pid 5091] rmdir("./12" [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5260] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... close resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] close(3 [pid 5260] exit_group(0 [pid 5093] rmdir("./13/file1" [pid 5091] mkdir("./13", 0777 [pid 5090] <... close resumed>) = 0 [pid 5260] <... exit_group resumed>) = ? [pid 5093] <... rmdir resumed>) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5260] +++ exited with 0 +++ [pid 5093] getdents64(3, [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5266 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5260, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5093] close(3 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5093] <... close resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] <... restart_syscall resumed>) = 0 [pid 5093] rmdir("./13" [pid 5091] close(3 [pid 5093] <... rmdir resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5093] mkdir("./14", 0777 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5266 attached [pid 5095] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... mkdir resumed>) = 0 [pid 5266] chdir("./13" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5267 [pid 5266] <... chdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... openat resumed>) = 3 [pid 5266] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5266] <... prctl resumed>) = 0 [pid 5095] fstat(3, [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5266] setpgid(0, 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] close(3./strace-static-x86_64: Process 5267 attached [pid 5266] <... setpgid resumed>) = 0 [pid 5095] getdents64(3, [pid 5093] <... close resumed>) = 0 [pid 5267] chdir("./13" [pid 5266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5267] <... chdir resumed>) = 0 [pid 5095] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5267] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5267] setpgid(0, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5268 [pid 5267] <... setpgid resumed>) = 0 [pid 5095] lstat("./13/binderfs", [pid 5267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5266] <... openat resumed>) = 3 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5267] <... openat resumed>) = 3 [pid 5266] write(3, "1000", 4 [pid 5095] unlink("./13/binderfs" [pid 5267] write(3, "1000", 4) = 4 [pid 5266] <... write resumed>) = 4 [pid 5095] <... unlink resumed>) = 0 [pid 5267] close(3) = 0 [pid 5266] close(3 [pid 5095] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5267] symlink("/dev/binderfs", "./binderfs" [pid 5266] <... close resumed>) = 0 [pid 5267] <... symlink resumed>) = 0 [pid 5266] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5268 attached [pid 5267] memfd_create("syzkaller", 0 [pid 5266] <... symlink resumed>) = 0 [pid 5267] <... memfd_create resumed>) = 3 [pid 5267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5268] chdir("./14" [pid 5266] memfd_create("syzkaller", 0 [pid 5268] <... chdir resumed>) = 0 [pid 5266] <... memfd_create resumed>) = 3 [pid 5268] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5266] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5268] <... prctl resumed>) = 0 [pid 5266] <... mmap resumed>) = 0x7f12a0a40000 [pid 5268] setpgid(0, 0) = 0 [pid 5268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5268] write(3, "1000", 4) = 4 [pid 5268] close(3) = 0 [ 103.465116][ T5261] REISERFS (device loop2): Using r5 hash to sort names [pid 5268] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5268] memfd_create("syzkaller", 0) = 3 [pid 5268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5261] <... mount resumed>) = 0 [pid 5261] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5261] chdir("./file1") = 0 [pid 5261] ioctl(4, LOOP_CLR_FD) = 0 [pid 5261] close(4) = 0 [pid 5261] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5267] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5261] <... openat resumed>) = 4 [pid 5261] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5261] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5261] exit_group(0) = ? [pid 5261] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5261, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5092] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [ 103.511558][ T5261] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./13/binderfs") = 0 [pid 5092] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5266] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5268] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5267] <... write resumed>) = 4194304 [pid 5267] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5267] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5267] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... umount2 resumed>) = 0 [pid 5267] <... ioctl resumed>) = 0 [pid 5267] close(3) = 0 [pid 5267] mkdir("./file1", 0777) = 0 [pid 5095] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5267] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./13/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 103.718362][ T5267] loop1: detected capacity change from 0 to 8192 [ 103.743358][ T5262] REISERFS (device loop4): Using r5 hash to sort names [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./13/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./13") = 0 [pid 5095] mkdir("./14", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5262] <... mount resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5092] <... umount2 resumed>) = 0 [pid 5262] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5262] <... openat resumed>) = 3 [ 103.785440][ T5267] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.791255][ T5262] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] close(3 [pid 5266] <... write resumed>) = 4194304 [pid 5262] chdir("./file1" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5266] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... close resumed>) = 0 [pid 5262] <... chdir resumed>) = 0 [pid 5092] lstat("./13/file1", [pid 5266] <... munmap resumed>) = 0 [pid 5262] ioctl(4, LOOP_CLR_FD [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5262] <... ioctl resumed>) = 0 [pid 5262] close(4 [pid 5092] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5266] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5262] <... close resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5270 [pid 5266] <... openat resumed>) = 4 [pid 5262] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5266] ioctl(4, LOOP_SET_FD, 3 [pid 5262] <... openat resumed>) = 4 [pid 5092] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5270 attached [pid 5262] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... openat resumed>) = 4 [pid 5262] <... mmap resumed>) = 0x20000000 [pid 5092] fstat(4, [pid 5262] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5262] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] getdents64(4, [pid 5262] exit_group(0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5262] <... exit_group resumed>) = ? [ 103.836563][ T5267] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 103.846454][ T5267] REISERFS (device loop1): using ordered data mode [ 103.857823][ T5267] reiserfs: using flush barriers [ 103.864999][ T5266] loop0: detected capacity change from 0 to 8192 [pid 5092] getdents64(4, [pid 5262] +++ exited with 0 +++ [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5266] <... ioctl resumed>) = 0 [pid 5092] close(4 [pid 5266] close(3 [pid 5092] <... close resumed>) = 0 [pid 5266] <... close resumed>) = 0 [pid 5092] rmdir("./13/file1" [pid 5266] mkdir("./file1", 0777 [pid 5092] <... rmdir resumed>) = 0 [pid 5266] <... mkdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5266] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5270] chdir("./14" [pid 5268] <... write resumed>) = 4194304 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5262, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5092] close(3 [pid 5270] <... chdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5270] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] rmdir("./13" [pid 5270] <... prctl resumed>) = 0 [pid 5094] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... rmdir resumed>) = 0 [pid 5270] setpgid(0, 0 [pid 5268] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] mkdir("./14", 0777 [pid 5270] <... setpgid resumed>) = 0 [pid 5268] <... munmap resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5268] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5268] <... openat resumed>) = 4 [pid 5092] <... openat resumed>) = 3 [pid 5268] ioctl(4, LOOP_SET_FD, 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5270] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5092] close(3 [pid 5270] write(3, "1000", 4 [pid 5094] fstat(3, [pid 5092] <... close resumed>) = 0 [pid 5270] <... write resumed>) = 4 [pid 5268] <... ioctl resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5270] close(3 [pid 5268] close(3 [pid 5094] getdents64(3, [pid 5270] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5270] symlink("/dev/binderfs", "./binderfs" [pid 5094] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5272 [pid 5270] <... symlink resumed>) = 0 [pid 5268] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 103.871915][ T5267] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.900961][ T5266] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.904802][ T5267] REISERFS (device loop1): checking transaction log (loop1) [ 103.920228][ T5268] loop3: detected capacity change from 0 to 8192 [pid 5270] memfd_create("syzkaller", 0 [pid 5268] mkdir("./file1", 0777 [pid 5094] lstat("./14/binderfs", ./strace-static-x86_64: Process 5272 attached [pid 5270] <... memfd_create resumed>) = 3 [pid 5268] <... mkdir resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5272] chdir("./14" [pid 5270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5268] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] unlink("./14/binderfs" [pid 5272] <... chdir resumed>) = 0 [pid 5270] <... mmap resumed>) = 0x7f12a0a40000 [ 103.961127][ T5266] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.973834][ T5266] REISERFS (device loop0): using ordered data mode [ 103.980416][ T5266] reiserfs: using flush barriers [pid 5094] <... unlink resumed>) = 0 [pid 5272] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5272] <... prctl resumed>) = 0 [pid 5270] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5272] setpgid(0, 0) = 0 [ 104.000625][ T5266] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.020153][ T5268] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5272] write(3, "1000", 4) = 4 [pid 5272] close(3) = 0 [pid 5272] symlink("/dev/binderfs", "./binderfs" [pid 5267] <... mount resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5272] <... symlink resumed>) = 0 [pid 5267] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 104.058803][ T5268] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 104.070786][ T5267] REISERFS (device loop1): Using r5 hash to sort names [ 104.079118][ T5266] REISERFS (device loop0): checking transaction log (loop0) [ 104.089802][ T5267] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 104.095681][ T5268] REISERFS (device loop3): using ordered data mode [pid 5272] memfd_create("syzkaller", 0 [pid 5094] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5272] <... memfd_create resumed>) = 3 [pid 5272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5267] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5267] chdir("./file1" [pid 5094] lstat("./14/file1", [pid 5267] <... chdir resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5267] ioctl(4, LOOP_CLR_FD [pid 5094] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5267] <... ioctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5267] close(4 [pid 5094] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5267] <... close resumed>) = 0 [pid 5267] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... openat resumed>) = 4 [pid 5267] <... openat resumed>) = 4 [pid 5094] fstat(4, [pid 5267] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5267] <... mmap resumed>) = 0x20000000 [pid 5094] getdents64(4, [pid 5267] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, [pid 5267] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5267] exit_group(0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5267] <... exit_group resumed>) = ? [pid 5094] close(4) = 0 [pid 5267] +++ exited with 0 +++ [pid 5094] rmdir("./14/file1" [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5267, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5094] <... rmdir resumed>) = 0 [pid 5091] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] getdents64(3, [pid 5091] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5094] close(3 [pid 5091] fstat(3, [pid 5094] <... close resumed>) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] rmdir("./14" [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] <... rmdir resumed>) = 0 [pid 5094] mkdir("./15", 0777 [pid 5091] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./13/binderfs" [pid 5094] <... mkdir resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5272] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 104.191914][ T5268] reiserfs: using flush barriers [pid 5091] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5270] <... write resumed>) = 4194304 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5274 [pid 5270] munmap(0x7f12a0a40000, 4194304./strace-static-x86_64: Process 5274 attached ) = 0 [pid 5270] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5274] chdir("./15" [pid 5270] <... openat resumed>) = 4 [pid 5274] <... chdir resumed>) = 0 [ 104.230218][ T5266] REISERFS (device loop0): Using r5 hash to sort names [ 104.231088][ T5268] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.251371][ T5266] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5270] ioctl(4, LOOP_SET_FD, 3 [pid 5274] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5274] setpgid(0, 0 [pid 5266] <... mount resumed>) = 0 [pid 5274] <... setpgid resumed>) = 0 [pid 5266] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5266] <... openat resumed>) = 3 [pid 5270] <... ioctl resumed>) = 0 [pid 5270] close(3) = 0 [pid 5274] <... openat resumed>) = 3 [pid 5266] chdir("./file1" [pid 5274] write(3, "1000", 4 [pid 5266] <... chdir resumed>) = 0 [pid 5274] <... write resumed>) = 4 [pid 5266] ioctl(4, LOOP_CLR_FD) = 0 [pid 5274] close(3 [pid 5266] close(4 [pid 5274] <... close resumed>) = 0 [pid 5266] <... close resumed>) = 0 [pid 5270] mkdir("./file1", 0777) = 0 [pid 5270] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5266] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5274] symlink("/dev/binderfs", "./binderfs" [pid 5266] <... openat resumed>) = 4 [pid 5274] <... symlink resumed>) = 0 [pid 5274] memfd_create("syzkaller", 0 [pid 5266] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5274] <... memfd_create resumed>) = 3 [pid 5266] <... mmap resumed>) = 0x20000000 [pid 5274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5266] ioctl(4, FS_IOC_GETVERSION [pid 5274] <... mmap resumed>) = 0x7f12a0a40000 [pid 5266] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 104.279745][ T5270] loop5: detected capacity change from 0 to 8192 [ 104.317844][ T5270] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5266] exit_group(0) = ? [pid 5266] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5266, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5090] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5272] <... write resumed>) = 4194304 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5272] munmap(0x7f12a0a40000, 4194304 [pid 5090] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5272] <... munmap resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./13/binderfs") = 0 [pid 5090] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 104.353637][ T5270] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 104.364837][ T5270] REISERFS (device loop5): using ordered data mode [ 104.370746][ T5268] REISERFS (device loop3): checking transaction log (loop3) [ 104.372270][ T5270] reiserfs: using flush barriers [pid 5272] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 104.391276][ T5270] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.393340][ T5272] loop2: detected capacity change from 0 to 8192 [ 104.408343][ T5270] REISERFS (device loop5): checking transaction log (loop5) [pid 5272] ioctl(4, LOOP_SET_FD, 3 [pid 5091] <... umount2 resumed>) = 0 [pid 5272] <... ioctl resumed>) = 0 [pid 5091] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./13/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5272] close(3 [pid 5091] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5272] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5272] mkdir("./file1", 0777 [pid 5091] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5272] <... mkdir resumed>) = 0 [pid 5272] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [ 104.541649][ T5272] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.565707][ T5270] REISERFS (device loop5): Using r5 hash to sort names [pid 5091] rmdir("./13/file1") = 0 [pid 5091] getdents64(3, [pid 5270] <... mount resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3 [pid 5270] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] <... close resumed>) = 0 [pid 5270] <... openat resumed>) = 3 [pid 5091] rmdir("./13" [pid 5270] chdir("./file1" [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5274] <... write resumed>) = 4194304 [pid 5270] <... chdir resumed>) = 0 [ 104.586077][ T5272] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 104.598286][ T5270] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 104.608344][ T5272] REISERFS (device loop2): using ordered data mode [ 104.615806][ T5272] reiserfs: using flush barriers [ 104.625910][ T5272] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5091] mkdir("./14", 0777 [pid 5274] munmap(0x7f12a0a40000, 4194304 [pid 5270] ioctl(4, LOOP_CLR_FD [pid 5091] <... mkdir resumed>) = 0 [pid 5090] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5270] <... ioctl resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5274] <... munmap resumed>) = 0 [pid 5270] close(4 [pid 5091] <... openat resumed>) = 3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5274] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5270] <... close resumed>) = 0 [pid 5090] lstat("./13/file1", [pid 5274] <... openat resumed>) = 4 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5274] ioctl(4, LOOP_SET_FD, 3 [pid 5090] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5274] <... ioctl resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, [pid 5270] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5274] close(3 [pid 5090] getdents64(4, [pid 5274] <... close resumed>) = 0 [pid 5270] <... openat resumed>) = 4 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5274] mkdir("./file1", 0777 [pid 5090] getdents64(4, [pid 5274] <... mkdir resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5274] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5270] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] close(3 [pid 5090] close(4 [pid 5270] <... mmap resumed>) = 0x20000000 [pid 5091] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5270] ioctl(4, FS_IOC_GETVERSION [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] rmdir("./13/file1" [pid 5270] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] <... rmdir resumed>) = 0 [pid 5270] exit_group(0 [pid 5090] getdents64(3, [pid 5270] <... exit_group resumed>) = ? [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5279 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./13") = 0 [pid 5270] +++ exited with 0 +++ [pid 5090] mkdir("./14", 0777) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5270, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5095] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] <... openat resumed>) = 3 [pid 5090] close(3 [pid 5095] fstat(3, [pid 5090] <... close resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] getdents64(3, [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5280 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./14/binderfs") = 0 [pid 5095] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5279 attached [ 104.653284][ T5272] REISERFS (device loop2): checking transaction log (loop2) [ 104.673214][ T5274] loop4: detected capacity change from 0 to 8192 [pid 5279] chdir("./14") = 0 [pid 5279] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 5280 attached [pid 5279] setpgid(0, 0 [pid 5280] chdir("./14" [pid 5279] <... setpgid resumed>) = 0 [pid 5279] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5280] <... chdir resumed>) = 0 [pid 5280] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5279] <... openat resumed>) = 3 [ 104.733529][ T5274] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.761125][ T5274] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 104.770639][ T5274] REISERFS (device loop4): using ordered data mode [pid 5280] <... prctl resumed>) = 0 [pid 5279] write(3, "1000", 4 [pid 5280] setpgid(0, 0 [pid 5279] <... write resumed>) = 4 [pid 5280] <... setpgid resumed>) = 0 [pid 5279] close(3 [pid 5280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5279] <... close resumed>) = 0 [pid 5279] symlink("/dev/binderfs", "./binderfs" [pid 5280] <... openat resumed>) = 3 [pid 5280] write(3, "1000", 4 [pid 5279] <... symlink resumed>) = 0 [pid 5280] <... write resumed>) = 4 [pid 5279] memfd_create("syzkaller", 0 [pid 5280] close(3 [pid 5279] <... memfd_create resumed>) = 3 [pid 5280] <... close resumed>) = 0 [pid 5279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5280] symlink("/dev/binderfs", "./binderfs" [pid 5279] <... mmap resumed>) = 0x7f12a0a40000 [pid 5280] <... symlink resumed>) = 0 [pid 5280] memfd_create("syzkaller", 0) = 3 [ 104.779429][ T5274] reiserfs: using flush barriers [ 104.787908][ T5274] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.814539][ T5268] REISERFS (device loop3): Using r5 hash to sort names [pid 5280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 104.856100][ T5268] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5280] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5279] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5268] <... mount resumed>) = 0 [pid 5268] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5268] chdir("./file1") = 0 [pid 5268] ioctl(4, LOOP_CLR_FD) = 0 [pid 5268] close(4) = 0 [pid 5268] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5268] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5268] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5268] exit_group(0) = ? [pid 5268] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5268, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [ 104.902786][ T5274] REISERFS (device loop4): checking transaction log (loop4) [pid 5093] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./14/binderfs") = 0 [pid 5093] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5093] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5272] <... mount resumed>) = 0 [pid 5095] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] lstat("./14/file1", [pid 5272] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5272] <... openat resumed>) = 3 [pid 5095] lstat("./14/file1", [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 104.992401][ T5272] REISERFS (device loop2): Using r5 hash to sort names [ 104.999655][ T5272] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5272] chdir("./file1" [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5272] <... chdir resumed>) = 0 [pid 5095] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5272] ioctl(4, LOOP_CLR_FD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5272] <... ioctl resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... openat resumed>) = 4 [pid 5272] close(4) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5093] fstat(4, [pid 5272] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] fstat(4, [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5272] <... openat resumed>) = 4 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, [pid 5272] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] getdents64(4, [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5279] <... write resumed>) = 4194304 [pid 5272] <... mmap resumed>) = 0x20000000 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, [pid 5272] ioctl(4, FS_IOC_GETVERSION [pid 5095] getdents64(4, [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5272] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4 [pid 5272] exit_group(0 [pid 5095] close(4 [pid 5272] <... exit_group resumed>) = ? [pid 5093] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5272] +++ exited with 0 +++ [pid 5095] rmdir("./14/file1" [pid 5093] rmdir("./14/file1" [pid 5095] <... rmdir resumed>) = 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5272, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5280] <... write resumed>) = 4194304 [pid 5095] getdents64(3, [pid 5093] <... rmdir resumed>) = 0 [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... restart_syscall resumed>) = 0 [pid 5092] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5279] munmap(0x7f12a0a40000, 4194304 [pid 5092] <... openat resumed>) = 3 [pid 5279] <... munmap resumed>) = 0 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5279] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5279] <... openat resumed>) = 4 [pid 5092] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5280] munmap(0x7f12a0a40000, 4194304 [pid 5279] ioctl(4, LOOP_SET_FD, 3 [pid 5095] close(3 [pid 5093] getdents64(3, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5280] <... munmap resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] lstat("./14/binderfs", [pid 5280] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5274] <... mount resumed>) = 0 [pid 5095] rmdir("./14" [pid 5093] close(3 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5280] <... openat resumed>) = 4 [pid 5274] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... rmdir resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] unlink("./14/binderfs" [pid 5280] ioctl(4, LOOP_SET_FD, 3 [pid 5274] <... openat resumed>) = 3 [pid 5095] mkdir("./15", 0777 [pid 5093] rmdir("./14" [pid 5092] <... unlink resumed>) = 0 [pid 5274] chdir("./file1" [pid 5095] <... mkdir resumed>) = 0 [pid 5092] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... rmdir resumed>) = 0 [pid 5274] <... chdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5274] ioctl(4, LOOP_CLR_FD [pid 5095] <... openat resumed>) = 3 [pid 5093] mkdir("./15", 0777 [pid 5274] <... ioctl resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5274] close(4) = 0 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5279] <... ioctl resumed>) = 0 [pid 5279] close(3) = 0 [pid 5279] mkdir("./file1", 0777) = 0 [pid 5279] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5280] <... ioctl resumed>) = 0 [pid 5280] close(3) = 0 [pid 5274] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] close(3 [pid 5093] <... mkdir resumed>) = 0 [pid 5280] mkdir("./file1", 0777) = 0 [pid 5274] <... openat resumed>) = 4 [pid 5095] <... close resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5280] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5274] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5274] <... mmap resumed>) = 0x20000000 [pid 5093] <... openat resumed>) = 3 [ 105.117888][ T5274] REISERFS (device loop4): Using r5 hash to sort names [ 105.134427][ T5274] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 105.145311][ T5279] loop1: detected capacity change from 0 to 8192 [ 105.159480][ T5280] loop0: detected capacity change from 0 to 8192 [pid 5274] ioctl(4, FS_IOC_GETVERSION [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5283 [pid 5274] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5274] exit_group(0) = ? [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5274] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5274, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5093] close(3 [pid 5094] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, [pid 5093] <... close resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./15/binderfs") = 0 [pid 5094] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5284 [ 105.188502][ T5279] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 ./strace-static-x86_64: Process 5283 attached [pid 5283] chdir("./15"./strace-static-x86_64: Process 5284 attached ) = 0 [pid 5284] chdir("./15" [pid 5283] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5284] <... chdir resumed>) = 0 [pid 5284] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5283] setpgid(0, 0 [pid 5284] <... prctl resumed>) = 0 [pid 5283] <... setpgid resumed>) = 0 [pid 5284] setpgid(0, 0) = 0 [pid 5283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5283] <... openat resumed>) = 3 [ 105.227048][ T5280] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.251541][ T5279] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 105.265683][ T5279] REISERFS (device loop1): using ordered data mode [ 105.274870][ T5279] reiserfs: using flush barriers [pid 5283] write(3, "1000", 4 [pid 5284] <... openat resumed>) = 3 [pid 5283] <... write resumed>) = 4 [pid 5283] close(3) = 0 [pid 5283] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5284] write(3, "1000", 4) = 4 [pid 5284] close(3) = 0 [pid 5284] symlink("/dev/binderfs", "./binderfs" [pid 5283] memfd_create("syzkaller", 0 [pid 5284] <... symlink resumed>) = 0 [pid 5283] <... memfd_create resumed>) = 3 [pid 5284] memfd_create("syzkaller", 0 [pid 5283] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5284] <... memfd_create resumed>) = 3 [pid 5284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 105.282725][ T5280] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.293170][ T5280] REISERFS (device loop0): using ordered data mode [ 105.300294][ T5280] reiserfs: using flush barriers [ 105.307112][ T5280] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.324696][ T5280] REISERFS (device loop0): checking transaction log (loop0) [ 105.332666][ T5279] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5283] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5283] <... write resumed>) = 4194304 [pid 5283] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5283] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 105.432648][ T5279] REISERFS (device loop1): checking transaction log (loop1) [ 105.451671][ T5280] REISERFS (device loop0): Using r5 hash to sort names [ 105.459242][ T5280] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5283] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5283] close(3) = 0 [pid 5283] mkdir("./file1", 0777) = 0 [pid 5283] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5280] <... mount resumed>) = 0 [pid 5280] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 105.482770][ T5283] loop5: detected capacity change from 0 to 8192 [ 105.515015][ T5283] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5280] chdir("./file1") = 0 [pid 5280] ioctl(4, LOOP_CLR_FD) = 0 [pid 5280] close(4) = 0 [pid 5280] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5280] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5280] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... umount2 resumed>) = 0 [pid 5280] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5280] exit_group(0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5280] <... exit_group resumed>) = ? [pid 5092] lstat("./14/file1", [pid 5280] +++ exited with 0 +++ [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5280, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5092] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5284] <... write resumed>) = 4194304 [pid 5090] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 4 [pid 5090] fstat(3, [pid 5284] munmap(0x7f12a0a40000, 4194304 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] fstat(4, [pid 5090] getdents64(3, [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5284] <... munmap resumed>) = 0 [pid 5092] getdents64(4, [pid 5090] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./14/binderfs", [pid 5092] getdents64(4, [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [ 105.542549][ T5283] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 105.574215][ T5283] REISERFS (device loop5): using ordered data mode [pid 5090] unlink("./14/binderfs" [pid 5092] close(4 [pid 5090] <... unlink resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5090] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] rmdir("./14/file1" [pid 5284] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] <... rmdir resumed>) = 0 [pid 5284] <... openat resumed>) = 4 [pid 5094] <... umount2 resumed>) = 0 [pid 5284] ioctl(4, LOOP_SET_FD, 3 [pid 5094] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5284] <... ioctl resumed>) = 0 [pid 5094] lstat("./15/file1", [pid 5092] close(3 [pid 5284] close(3 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... close resumed>) = 0 [pid 5284] <... close resumed>) = 0 [pid 5094] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5284] mkdir("./file1", 0777 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5284] <... mkdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] rmdir("./14" [pid 5284] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... openat resumed>) = 4 [pid 5094] fstat(4, [pid 5092] <... rmdir resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] mkdir("./15", 0777 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... mkdir resumed>) = 0 [pid 5094] getdents64(4, [ 105.632567][ T5283] reiserfs: using flush barriers [ 105.639514][ T5284] loop3: detected capacity change from 0 to 8192 [ 105.649036][ T5283] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.668000][ T5283] REISERFS (device loop5): checking transaction log (loop5) [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5094] close(4 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5094] <... close resumed>) = 0 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] rmdir("./15/file1" [pid 5092] close(3 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [ 105.712711][ T5284] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] getdents64(3, [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(3 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5289 [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./15") = 0 [pid 5094] mkdir("./16", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5289 attached [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5289] chdir("./15" [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5290 [pid 5289] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5290 attached [pid 5289] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] lstat("./14/file1", [pid 5290] chdir("./16" [pid 5289] <... prctl resumed>) = 0 [pid 5290] <... chdir resumed>) = 0 [pid 5289] setpgid(0, 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5290] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5289] <... setpgid resumed>) = 0 [pid 5290] <... prctl resumed>) = 0 [ 105.771749][ T5284] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 105.792704][ T5284] REISERFS (device loop3): using ordered data mode [ 105.800426][ T5284] reiserfs: using flush barriers [pid 5289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5290] setpgid(0, 0 [pid 5289] <... openat resumed>) = 3 [pid 5290] <... setpgid resumed>) = 0 [pid 5289] write(3, "1000", 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5290] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5289] <... write resumed>) = 4 [pid 5290] <... openat resumed>) = 3 [pid 5289] close(3 [pid 5090] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5290] write(3, "1000", 4 [pid 5289] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5290] <... write resumed>) = 4 [pid 5289] symlink("/dev/binderfs", "./binderfs" [pid 5283] <... mount resumed>) = 0 [pid 5090] fstat(4, [pid 5283] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5283] chdir("./file1" [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5290] close(3 [pid 5289] <... symlink resumed>) = 0 [pid 5283] <... chdir resumed>) = 0 [pid 5090] getdents64(4, [pid 5290] <... close resumed>) = 0 [pid 5289] memfd_create("syzkaller", 0 [pid 5283] ioctl(4, LOOP_CLR_FD [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5290] symlink("/dev/binderfs", "./binderfs" [pid 5289] <... memfd_create resumed>) = 3 [pid 5283] <... ioctl resumed>) = 0 [ 105.811477][ T5284] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.814817][ T5283] REISERFS (device loop5): Using r5 hash to sort names [ 105.829692][ T5284] REISERFS (device loop3): checking transaction log (loop3) [ 105.851548][ T5283] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 105.859628][ T5279] REISERFS (device loop1): Using r5 hash to sort names [pid 5090] getdents64(4, [pid 5290] <... symlink resumed>) = 0 [pid 5289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5283] close(4 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5290] memfd_create("syzkaller", 0 [pid 5289] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] close(4 [pid 5290] <... memfd_create resumed>) = 3 [pid 5283] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5290] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5283] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5279] <... mount resumed>) = 0 [pid 5090] rmdir("./14/file1" [pid 5290] <... mmap resumed>) = 0x7f12a0a40000 [pid 5283] <... openat resumed>) = 4 [pid 5279] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] <... rmdir resumed>) = 0 [pid 5289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 105.881783][ T5279] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5283] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5279] <... openat resumed>) = 3 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./14") = 0 [pid 5090] mkdir("./15", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5283] <... mmap resumed>) = 0x20000000 [pid 5279] chdir("./file1" [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5291 [pid 5283] ioctl(4, FS_IOC_GETVERSION [pid 5279] <... chdir resumed>) = 0 [pid 5283] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5279] ioctl(4, LOOP_CLR_FD [pid 5283] exit_group(0 [pid 5279] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5291 attached [pid 5291] chdir("./15" [pid 5283] <... exit_group resumed>) = ? [pid 5279] close(4 [pid 5291] <... chdir resumed>) = 0 [pid 5291] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5291] setpgid(0, 0) = 0 [pid 5279] <... close resumed>) = 0 [pid 5291] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5283] +++ exited with 0 +++ [pid 5279] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5291] write(3, "1000", 4) = 4 [pid 5279] <... openat resumed>) = 4 [pid 5291] close(3 [pid 5279] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5283, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5291] <... close resumed>) = 0 [pid 5291] symlink("/dev/binderfs", "./binderfs" [pid 5279] <... mmap resumed>) = 0x20000000 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5291] <... symlink resumed>) = 0 [pid 5279] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... restart_syscall resumed>) = 0 [pid 5291] memfd_create("syzkaller", 0) = 3 [pid 5279] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5291] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5279] exit_group(0 [pid 5291] <... mmap resumed>) = 0x7f12a0a40000 [pid 5279] <... exit_group resumed>) = ? [pid 5095] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5279] +++ exited with 0 +++ [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5279, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5284] <... mount resumed>) = 0 [pid 5290] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5289] <... write resumed>) = 4194304 [pid 5095] <... openat resumed>) = 3 [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5289] munmap(0x7f12a0a40000, 4194304 [pid 5284] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] fstat(3, [pid 5091] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5289] <... munmap resumed>) = 0 [pid 5284] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5289] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5284] chdir("./file1" [pid 5095] getdents64(3, [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5289] <... openat resumed>) = 4 [pid 5284] <... chdir resumed>) = 0 [pid 5095] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 105.989028][ T5284] REISERFS (device loop3): Using r5 hash to sort names [ 106.008056][ T5284] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5289] ioctl(4, LOOP_SET_FD, 3 [pid 5284] ioctl(4, LOOP_CLR_FD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5284] <... ioctl resumed>) = 0 [pid 5095] lstat("./15/binderfs", [pid 5091] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./14/binderfs") = 0 [pid 5091] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5289] <... ioctl resumed>) = 0 [pid 5284] close(4 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5289] close(3 [pid 5284] <... close resumed>) = 0 [pid 5095] unlink("./15/binderfs" [pid 5289] <... close resumed>) = 0 [pid 5284] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] <... unlink resumed>) = 0 [pid 5289] mkdir("./file1", 0777 [pid 5284] <... openat resumed>) = 4 [pid 5289] <... mkdir resumed>) = 0 [pid 5284] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5289] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5284] <... mmap resumed>) = 0x20000000 [pid 5284] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5284] exit_group(0) = ? [pid 5284] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5284, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [ 106.045874][ T5289] loop2: detected capacity change from 0 to 8192 [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5291] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] unlink("./15/binderfs") = 0 [ 106.109324][ T5289] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.148230][ T5289] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5093] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5291] <... write resumed>) = 4194304 [pid 5290] <... write resumed>) = 4194304 [pid 5290] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5290] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 106.214515][ T5289] REISERFS (device loop2): using ordered data mode [ 106.229943][ T5289] reiserfs: using flush barriers [ 106.235983][ T5290] loop4: detected capacity change from 0 to 8192 [pid 5290] ioctl(4, LOOP_SET_FD, 3 [pid 5291] munmap(0x7f12a0a40000, 4194304 [pid 5290] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5291] <... munmap resumed>) = 0 [pid 5290] close(3 [pid 5095] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5291] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5290] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5291] <... openat resumed>) = 4 [pid 5290] mkdir("./file1", 0777 [pid 5095] lstat("./15/file1", [pid 5291] ioctl(4, LOOP_SET_FD, 3 [pid 5290] <... mkdir resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 106.251341][ T5289] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5290] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] lstat("./14/file1", [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... openat resumed>) = 4 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5291] <... ioctl resumed>) = 0 [pid 5095] fstat(4, [pid 5091] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5291] close(3 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5291] <... close resumed>) = 0 [pid 5095] getdents64(4, [pid 5091] fstat(4, [pid 5291] mkdir("./file1", 0777 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5291] <... mkdir resumed>) = 0 [pid 5095] getdents64(4, [pid 5091] getdents64(4, [pid 5291] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] close(4 [pid 5091] getdents64(4, [pid 5095] <... close resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] rmdir("./15/file1" [pid 5091] close(4 [pid 5095] <... rmdir resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5095] getdents64(3, [pid 5091] rmdir("./14/file1" [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5095] close(3 [pid 5091] getdents64(3, [pid 5095] <... close resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] rmdir("./15" [pid 5091] close(3 [pid 5095] <... rmdir resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5095] mkdir("./16", 0777 [pid 5091] rmdir("./14" [pid 5095] <... mkdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] mkdir("./15", 0777 [pid 5095] <... openat resumed>) = 3 [pid 5091] <... mkdir resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] <... openat resumed>) = 3 [pid 5095] close(3 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5095] <... close resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] close(3) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5296 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5297 [ 106.291297][ T5291] loop0: detected capacity change from 0 to 8192 [ 106.310181][ T5290] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 ./strace-static-x86_64: Process 5297 attached ./strace-static-x86_64: Process 5296 attached [pid 5297] chdir("./15") = 0 [pid 5296] chdir("./16" [pid 5297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5296] <... chdir resumed>) = 0 [pid 5297] setpgid(0, 0 [pid 5296] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5297] <... setpgid resumed>) = 0 [pid 5296] <... prctl resumed>) = 0 [pid 5297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 106.332426][ T5291] REISERFS warning: read_super_block: reiserng transaction log (recated and scheduled to be removed from the kernel in 2025 [ 106.332445][ T5289] REISERFS (device loop2): checking transaction log (loop2) [pid 5296] setpgid(0, 0) = 0 [pid 5297] <... openat resumed>) = 3 [pid 5296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5297] write(3, "1000", 4) = 4 [pid 5296] <... openat resumed>) = 3 [pid 5297] close(3 [pid 5296] write(3, "1000", 4 [pid 5297] <... close resumed>) = 0 [pid 5297] symlink("/dev/binderfs", "./binderfs" [pid 5296] <... write resumed>) = 4 [pid 5297] <... symlink resumed>) = 0 [pid 5296] close(3 [pid 5297] memfd_create("syzkaller", 0 [pid 5296] <... close resumed>) = 0 [pid 5297] <... memfd_create resumed>) = 3 [pid 5296] symlink("/dev/binderfs", "./binderfs" [pid 5297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5296] <... symlink resumed>) = 0 [pid 5296] memfd_create("syzkaller", 0 [pid 5297] <... mmap resumed>) = 0x7f12a0a40000 [pid 5296] <... memfd_create resumed>) = 3 [pid 5296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 106.399349][ T5290] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5297] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./15/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [ 106.450145][ T5290] REISERFS (device loop4): using ordered data mode [ 106.457404][ T5290] reiserfs: using flush barriers [ 106.465007][ T5290] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.482421][ T5290] REISERFS (device loop4): checking transaction log (loop4) [ 106.484566][ T5291] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5093] close(4) = 0 [pid 5093] rmdir("./15/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./15") = 0 [pid 5093] mkdir("./16", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5297] <... write resumed>) = 4194304 [pid 5093] <... openat resumed>) = 3 [pid 5297] munmap(0x7f12a0a40000, 4194304 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5297] <... munmap resumed>) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] close(3 [pid 5297] <... openat resumed>) = 4 [pid 5296] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... close resumed>) = 0 [pid 5297] ioctl(4, LOOP_SET_FD, 3 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5298 [pid 5297] <... ioctl resumed>) = 0 [pid 5297] close(3./strace-static-x86_64: Process 5298 attached ) = 0 [pid 5298] chdir("./16" [pid 5297] mkdir("./file1", 0777 [pid 5298] <... chdir resumed>) = 0 [pid 5298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5297] <... mkdir resumed>) = 0 [pid 5298] setpgid(0, 0 [pid 5297] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5298] <... setpgid resumed>) = 0 [pid 5298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5298] write(3, "1000", 4) = 4 [pid 5298] close(3) = 0 [pid 5298] symlink("/dev/binderfs", "./binderfs") = 0 [ 106.565148][ T5291] REISERFS (device loop0): using ordered data mode [ 106.581531][ T5297] loop1: detected capacity change from 0 to 8192 [ 106.602123][ T5291] reiserfs: using flush barriers [pid 5298] memfd_create("syzkaller", 0) = 3 [pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 106.621108][ T5291] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.640348][ T5297] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.677027][ T5297] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 106.686729][ T5289] REISERFS (device loop2): Using r5 hash to sort names [ 106.709217][ T5291] REISERFS (device loop0): checking transaction log (loop0) [ 106.724475][ T5289] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 106.737022][ T5297] REISERFS (device loop1): using ordered data mode [ 106.745847][ T5297] reiserfs: using flush barriers [ 106.746693][ T5290] REISERFS (device loop4): Using r5 hash to sort names [ 106.754896][ T5297] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5298] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5296] <... write resumed>) = 4194304 [pid 5289] <... mount resumed>) = 0 [pid 5289] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5296] munmap(0x7f12a0a40000, 4194304 [pid 5289] <... openat resumed>) = 3 [pid 5289] chdir("./file1") = 0 [pid 5289] ioctl(4, LOOP_CLR_FD) = 0 [pid 5289] close(4 [pid 5296] <... munmap resumed>) = 0 [pid 5289] <... close resumed>) = 0 [pid 5296] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5289] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5296] <... openat resumed>) = 4 [pid 5296] ioctl(4, LOOP_SET_FD, 3 [pid 5289] <... openat resumed>) = 4 [ 106.771597][ T5290] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 106.778069][ T5297] REISERFS (device loop1): checking transaction log (loop1) [pid 5289] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5296] <... ioctl resumed>) = 0 [pid 5289] <... mmap resumed>) = 0x20000000 [pid 5296] close(3 [pid 5290] <... mount resumed>) = 0 [pid 5289] ioctl(4, FS_IOC_GETVERSION [pid 5296] <... close resumed>) = 0 [pid 5290] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5289] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5296] mkdir("./file1", 0777 [pid 5290] <... openat resumed>) = 3 [pid 5289] exit_group(0 [pid 5296] <... mkdir resumed>) = 0 [pid 5290] chdir("./file1" [pid 5296] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5289] <... exit_group resumed>) = ? [pid 5290] <... chdir resumed>) = 0 [pid 5290] ioctl(4, LOOP_CLR_FD [pid 5289] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5289, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5290] <... ioctl resumed>) = 0 [ 106.830359][ T5296] loop5: detected capacity change from 0 to 8192 [pid 5290] close(4) = 0 [pid 5290] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5290] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5290] <... mmap resumed>) = 0x20000000 [pid 5092] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, [pid 5290] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5298] <... write resumed>) = 4194304 [pid 5290] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] getdents64(3, [pid 5290] exit_group(0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5290] <... exit_group resumed>) = ? [pid 5092] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5298] munmap(0x7f12a0a40000, 4194304 [pid 5290] +++ exited with 0 +++ [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5298] <... munmap resumed>) = 0 [pid 5092] lstat("./15/binderfs", [pid 5298] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5290, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5298] <... openat resumed>) = 4 [ 106.889900][ T5296] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.926747][ T5296] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5298] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... restart_syscall resumed>) = 0 [pid 5092] unlink("./15/binderfs" [pid 5298] <... ioctl resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5298] close(3 [pid 5092] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5298] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5298] mkdir("./file1", 0777 [pid 5094] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5298] <... mkdir resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5298] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 106.954568][ T5296] REISERFS (device loop5): using ordered data mode [ 106.962079][ T5298] loop3: detected capacity change from 0 to 8192 [ 106.974165][ T5296] reiserfs: using flush barriers [ 106.979249][ T5291] REISERFS (device loop0): Using r5 hash to sort names [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./16/binderfs") = 0 [ 106.999637][ T5296] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.019411][ T5298] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.054058][ T5291] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 107.059143][ T5296] REISERFS (device loop5): checking transaction log (loop5) [ 107.076888][ T5297] REISERFS (device loop1): Using r5 hash to sort names [ 107.091300][ T5297] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5297] <... mount resumed>) = 0 [pid 5297] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5297] chdir("./file1") = 0 [pid 5297] ioctl(4, LOOP_CLR_FD) = 0 [pid 5297] close(4) = 0 [pid 5297] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5297] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5297] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5297] exit_group(0) = ? [pid 5297] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5297, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5091] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./15/binderfs") = 0 [pid 5091] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5291] <... mount resumed>) = 0 [pid 5291] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5291] chdir("./file1") = 0 [pid 5291] ioctl(4, LOOP_CLR_FD) = 0 [ 107.100893][ T5298] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 107.111666][ T5298] REISERFS (device loop3): using ordered data mode [pid 5291] close(4) = 0 [pid 5291] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5291] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5291] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5291] exit_group(0) = ? [pid 5291] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5291, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5090] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... umount2 resumed>) = 0 [pid 5090] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./15/binderfs") = 0 [ 107.145936][ T5298] reiserfs: using flush barriers [ 107.156922][ T5298] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5090] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./15/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./15/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./15") = 0 [pid 5092] mkdir("./16", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5304 [ 107.258273][ T5298] REISERFS (device loop3): checking transaction log (loop3) ./strace-static-x86_64: Process 5304 attached [pid 5304] chdir("./16") = 0 [pid 5304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5304] setpgid(0, 0) = 0 [pid 5304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5304] write(3, "1000", 4) = 4 [pid 5304] close(3) = 0 [pid 5304] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5304] memfd_create("syzkaller", 0) = 3 [pid 5304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./16/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, [pid 5091] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./16/file1") = 0 [pid 5094] getdents64(3, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./16") = 0 [pid 5091] lstat("./15/file1", [pid 5094] mkdir("./17", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5305 ./strace-static-x86_64: Process 5305 attached [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5305] chdir("./17" [pid 5091] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5305] <... chdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5305] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5305] <... prctl resumed>) = 0 [pid 5304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, [pid 5305] setpgid(0, 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5305] <... setpgid resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... close resumed>) = 0 [pid 5305] <... openat resumed>) = 3 [pid 5091] rmdir("./15/file1" [pid 5305] write(3, "1000", 4) = 4 [pid 5091] <... rmdir resumed>) = 0 [pid 5305] close(3 [pid 5091] getdents64(3, [pid 5305] <... close resumed>) = 0 [pid 5305] symlink("/dev/binderfs", "./binderfs" [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3 [pid 5305] <... symlink resumed>) = 0 [pid 5091] <... close resumed>) = 0 [ 107.443290][ T5296] REISERFS (device loop5): Using r5 hash to sort names [ 107.450517][ T5296] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] rmdir("./15" [pid 5305] memfd_create("syzkaller", 0) = 3 [pid 5091] <... rmdir resumed>) = 0 [pid 5305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] mkdir("./16", 0777 [pid 5305] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] <... mkdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5296] <... mount resumed>) = 0 [pid 5296] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5296] chdir("./file1") = 0 [pid 5296] ioctl(4, LOOP_CLR_FD) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5296] close(4) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5296] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5296] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5296] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5296] exit_group(0) = ? [pid 5296] +++ exited with 0 +++ [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] close(3 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5296, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5091] <... close resumed>) = 0 [pid 5095] <... restart_syscall resumed>) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5306 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5306 attached [pid 5095] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] chdir("./16" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5306] <... chdir resumed>) = 0 [pid 5095] lstat("./16/binderfs", [pid 5306] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5306] <... prctl resumed>) = 0 [pid 5095] unlink("./16/binderfs" [pid 5306] setpgid(0, 0 [pid 5095] <... unlink resumed>) = 0 [pid 5306] <... setpgid resumed>) = 0 [pid 5095] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5306] write(3, "1000", 4) = 4 [pid 5306] close(3) = 0 [pid 5306] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5306] memfd_create("syzkaller", 0) = 3 [pid 5306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./15/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, [pid 5305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./15/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./15") = 0 [pid 5090] mkdir("./16", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [ 107.612078][ T5298] REISERFS (device loop3): Using r5 hash to sort names [ 107.619266][ T5298] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5304] <... write resumed>) = 4194304 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5307 [pid 5298] <... mount resumed>) = 0 [pid 5298] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5304] munmap(0x7f12a0a40000, 4194304 [pid 5298] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5307 attached [pid 5306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5304] <... munmap resumed>) = 0 [pid 5298] chdir("./file1" [pid 5307] chdir("./16" [pid 5304] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5298] <... chdir resumed>) = 0 [pid 5307] <... chdir resumed>) = 0 [pid 5304] <... openat resumed>) = 4 [pid 5298] ioctl(4, LOOP_CLR_FD [pid 5307] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5304] ioctl(4, LOOP_SET_FD, 3 [pid 5298] <... ioctl resumed>) = 0 [pid 5307] <... prctl resumed>) = 0 [pid 5304] <... ioctl resumed>) = 0 [pid 5298] close(4 [pid 5307] setpgid(0, 0 [pid 5298] <... close resumed>) = 0 [pid 5307] <... setpgid resumed>) = 0 [pid 5298] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5298] <... openat resumed>) = 4 [pid 5307] <... openat resumed>) = 3 [pid 5298] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5307] write(3, "1000", 4 [pid 5298] <... mmap resumed>) = 0x20000000 [pid 5307] <... write resumed>) = 4 [pid 5298] ioctl(4, FS_IOC_GETVERSION [pid 5307] close(3 [pid 5298] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5307] <... close resumed>) = 0 [pid 5298] exit_group(0 [pid 5307] symlink("/dev/binderfs", "./binderfs" [pid 5298] <... exit_group resumed>) = ? [pid 5307] <... symlink resumed>) = 0 [pid 5298] +++ exited with 0 +++ [pid 5307] memfd_create("syzkaller", 0 [pid 5304] close(3 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5298, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5307] <... memfd_create resumed>) = 3 [pid 5304] <... close resumed>) = 0 [pid 5307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5304] mkdir("./file1", 0777 [pid 5307] <... mmap resumed>) = 0x7f12a0a40000 [pid 5304] <... mkdir resumed>) = 0 [pid 5304] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5305] <... write resumed>) = 4194304 [pid 5093] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 107.722963][ T5304] loop2: detected capacity change from 0 to 8192 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./16/binderfs", [pid 5305] munmap(0x7f12a0a40000, 4194304 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./16/binderfs") = 0 [pid 5305] <... munmap resumed>) = 0 [pid 5093] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5305] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5305] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5305] close(3) = 0 [pid 5305] mkdir("./file1", 0777) = 0 [ 107.777405][ T5304] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.799122][ T5305] loop4: detected capacity change from 0 to 8192 [pid 5305] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [ 107.822827][ T5305] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.838821][ T5305] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 107.843650][ T5304] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 107.848810][ T5305] REISERFS (device loop4): using ordered data mode [ 107.864727][ T5305] reiserfs: using flush barriers [pid 5306] <... write resumed>) = 4194304 [pid 5095] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5306] <... munmap resumed>) = 0 [pid 5095] lstat("./16/file1", [pid 5306] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5306] <... openat resumed>) = 4 [pid 5095] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 107.875006][ T5304] REISERFS (device loop2): using ordered data mode [ 107.878998][ T5305] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.882750][ T5304] reiserfs: using flush barriers [ 107.904648][ T5304] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.911810][ T5306] loop1: detected capacity change from 0 to 8192 [pid 5095] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5307] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./16/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./16") = 0 [pid 5095] mkdir("./17", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5310 ./strace-static-x86_64: Process 5310 attached [ 107.921558][ T5304] REISERFS (device loop2): checking transaction log (loop2) [ 107.967102][ T5305] REISERFS (device loop4): checking transaction log (loop4) [pid 5310] chdir("./17") = 0 [pid 5306] <... ioctl resumed>) = 0 [pid 5310] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5306] close(3 [pid 5310] <... prctl resumed>) = 0 [pid 5306] <... close resumed>) = 0 [pid 5310] setpgid(0, 0 [pid 5306] mkdir("./file1", 0777 [pid 5310] <... setpgid resumed>) = 0 [pid 5306] <... mkdir resumed>) = 0 [pid 5310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5306] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5310] <... openat resumed>) = 3 [pid 5310] write(3, "1000", 4) = 4 [pid 5310] close(3) = 0 [pid 5310] symlink("/dev/binderfs", "./binderfs") = 0 [ 108.032159][ T5306] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.068671][ T5304] REISERFS (device loop2): Using r5 hash to sort names [pid 5310] memfd_create("syzkaller", 0) = 3 [pid 5310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 108.093498][ T5306] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 108.103730][ T5304] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5304] <... mount resumed>) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5304] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5304] chdir("./file1") = 0 [pid 5093] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5304] ioctl(4, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5304] <... ioctl resumed>) = 0 [pid 5093] lstat("./16/file1", [pid 5310] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5307] <... write resumed>) = 4194304 [pid 5304] close(4 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 108.138086][ T5306] REISERFS (device loop1): using ordered data mode [ 108.160163][ T5305] REISERFS (device loop4): Using r5 hash to sort names [ 108.176338][ T5305] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5304] <... close resumed>) = 0 [pid 5093] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5304] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5304] <... openat resumed>) = 4 [pid 5093] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5304] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... openat resumed>) = 4 [pid 5304] <... mmap resumed>) = 0x20000000 [pid 5093] fstat(4, [pid 5304] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5304] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] getdents64(4, [pid 5304] exit_group(0) = ? [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5307] munmap(0x7f12a0a40000, 4194304) = 0 [ 108.180688][ T5306] reiserfs: using flush barriers [pid 5304] +++ exited with 0 +++ [pid 5093] getdents64(4, [pid 5307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5305] <... mount resumed>) = 0 [pid 5307] <... openat resumed>) = 4 [pid 5305] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5307] ioctl(4, LOOP_SET_FD, 3 [pid 5305] <... openat resumed>) = 3 [pid 5093] close(4 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5304, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5307] <... ioctl resumed>) = 0 [pid 5305] chdir("./file1" [pid 5093] <... close resumed>) = 0 [pid 5092] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5305] <... chdir resumed>) = 0 [pid 5093] rmdir("./16/file1" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5305] ioctl(4, LOOP_CLR_FD [pid 5093] <... rmdir resumed>) = 0 [pid 5305] <... ioctl resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] getdents64(3, [pid 5305] close(4 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5305] <... close resumed>) = 0 [pid 5307] close(3) = 0 [pid 5093] close(3 [pid 5092] fstat(3, [pid 5305] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... close resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5307] mkdir("./file1", 0777 [pid 5305] <... openat resumed>) = 4 [pid 5093] rmdir("./16" [pid 5092] getdents64(3, [pid 5310] <... write resumed>) = 4194304 [pid 5307] <... mkdir resumed>) = 0 [pid 5305] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5310] munmap(0x7f12a0a40000, 4194304 [pid 5307] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5305] <... mmap resumed>) = 0x20000000 [pid 5093] mkdir("./17", 0777 [pid 5092] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5310] <... munmap resumed>) = 0 [pid 5305] ioctl(4, FS_IOC_GETVERSION [pid 5310] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5305] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... mkdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5310] <... openat resumed>) = 4 [pid 5305] exit_group(0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5310] ioctl(4, LOOP_SET_FD, 3 [pid 5305] <... exit_group resumed>) = ? [pid 5093] <... openat resumed>) = 3 [pid 5092] lstat("./16/binderfs", [pid 5305] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5305, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 108.215982][ T5306] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.241955][ T5307] loop0: detected capacity change from 0 to 8192 [pid 5310] <... ioctl resumed>) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] unlink("./16/binderfs" [pid 5093] close(3 [pid 5092] <... unlink resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5313 [pid 5094] <... openat resumed>) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./17/binderfs") = 0 [pid 5094] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5310] close(3) = 0 [pid 5310] mkdir("./file1", 0777) = 0 [ 108.279804][ T5310] loop5: detected capacity change from 0 to 8192 [ 108.282932][ T5306] REISERFS (device loop1): checking transaction log (loop1) [ 108.295741][ T5307] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5310] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5313 attached [pid 5313] chdir("./17") = 0 [pid 5313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5313] setpgid(0, 0) = 0 [pid 5313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5313] write(3, "1000", 4) = 4 [pid 5313] close(3) = 0 [pid 5313] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5313] memfd_create("syzkaller", 0) = 3 [pid 5313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 108.345357][ T5307] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 108.355010][ T5307] REISERFS (device loop0): using ordered data mode [ 108.362301][ T5307] reiserfs: using flush barriers [ 108.385833][ T5307] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.406458][ T5310] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5313] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [ 108.475285][ T5307] REISERFS (device loop0): checking transaction log (loop0) [ 108.491156][ T5310] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5313] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5313] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5313] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5313] close(3) = 0 [pid 5313] mkdir("./file1", 0777) = 0 [ 108.541422][ T5313] loop3: detected capacity change from 0 to 8192 [ 108.542101][ T5310] REISERFS (device loop5): using ordered data mode [ 108.577886][ T5313] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5313] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] <... umount2 resumed>) = 0 [ 108.612651][ T5306] REISERFS (device loop1): Using r5 hash to sort names [ 108.629189][ T5310] reiserfs: using flush barriers [ 108.630892][ T5313] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 108.644527][ T5313] REISERFS (device loop3): using ordered data mode [pid 5092] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5306] <... mount resumed>) = 0 [pid 5092] lstat("./16/file1", [pid 5306] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5306] <... openat resumed>) = 3 [pid 5092] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] chdir("./file1" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5306] <... chdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5306] ioctl(4, LOOP_CLR_FD) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5306] close(4 [pid 5092] fstat(4, [pid 5306] <... close resumed>) = 0 [ 108.661427][ T5306] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 108.670428][ T5313] reiserfs: using flush barriers [ 108.696025][ T5310] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5306] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... umount2 resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5306] <... openat resumed>) = 4 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, [pid 5306] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4 [pid 5306] <... mmap resumed>) = 0x20000000 [pid 5092] <... close resumed>) = 0 [pid 5306] ioctl(4, FS_IOC_GETVERSION [pid 5092] rmdir("./16/file1" [pid 5306] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] <... rmdir resumed>) = 0 [pid 5306] exit_group(0 [pid 5092] getdents64(3, [pid 5306] <... exit_group resumed>) = ? [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5306] +++ exited with 0 +++ [pid 5092] <... close resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5306, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5091] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 108.716455][ T5310] REISERFS (device loop5): checking transaction log (loop5) [ 108.719430][ T5313] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.752662][ T5307] REISERFS (device loop0): Using r5 hash to sort names [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] rmdir("./16" [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./16/binderfs", [pid 5094] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] unlink("./16/binderfs" [pid 5094] lstat("./17/file1", [pid 5091] <... unlink resumed>) = 0 [pid 5307] <... mount resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5307] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] mkdir("./17", 0777 [pid 5307] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, [pid 5307] chdir("./file1" [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5307] <... chdir resumed>) = 0 [pid 5094] getdents64(4, [pid 5307] ioctl(4, LOOP_CLR_FD [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] getdents64(4, [pid 5307] <... ioctl resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5094] close(4) = 0 [pid 5094] rmdir("./17/file1" [pid 5307] close(4 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5307] <... close resumed>) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./17" [ 108.760699][ T5307] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 108.777930][ T5313] REISERFS (device loop3): checking transaction log (loop3) [pid 5307] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5307] <... openat resumed>) = 4 [pid 5094] mkdir("./18", 0777 [pid 5092] close(3 [pid 5307] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5307] <... mmap resumed>) = 0x20000000 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5307] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5317 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5316 [pid 5307] exit_group(0) = ? [pid 5307] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5307, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 ./strace-static-x86_64: Process 5317 attached ./strace-static-x86_64: Process 5316 attached [pid 5317] chdir("./18") = 0 [pid 5090] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5317] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5316] chdir("./17" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5317] <... prctl resumed>) = 0 [pid 5316] <... chdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5317] setpgid(0, 0 [pid 5316] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] <... openat resumed>) = 3 [pid 5317] <... setpgid resumed>) = 0 [pid 5090] fstat(3, [pid 5317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5317] <... openat resumed>) = 3 [pid 5090] getdents64(3, [pid 5317] write(3, "1000", 4 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5317] <... write resumed>) = 4 [pid 5090] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5317] close(3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5317] <... close resumed>) = 0 [pid 5090] lstat("./16/binderfs", [pid 5317] symlink("/dev/binderfs", "./binderfs" [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5317] <... symlink resumed>) = 0 [pid 5090] unlink("./16/binderfs" [pid 5317] memfd_create("syzkaller", 0 [pid 5090] <... unlink resumed>) = 0 [pid 5317] <... memfd_create resumed>) = 3 [pid 5090] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5316] <... prctl resumed>) = 0 [pid 5316] setpgid(0, 0) = 0 [pid 5316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5316] write(3, "1000", 4) = 4 [pid 5316] close(3) = 0 [pid 5316] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5316] memfd_create("syzkaller", 0) = 3 [pid 5316] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... umount2 resumed>) = 0 [pid 5317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5316] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./16/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./16/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [ 109.027689][ T5313] REISERFS (device loop3): Using r5 hash to sort names [ 109.050981][ T5310] REISERFS (device loop5): Using r5 hash to sort names [pid 5091] rmdir("./16") = 0 [pid 5091] mkdir("./17", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5318 ./strace-static-x86_64: Process 5318 attached [pid 5318] chdir("./17") = 0 [pid 5318] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5318] setpgid(0, 0) = 0 [pid 5318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5318] write(3, "1000", 4) = 4 [pid 5318] close(3) = 0 [pid 5318] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5318] memfd_create("syzkaller", 0) = 3 [pid 5318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5313] <... mount resumed>) = 0 [pid 5313] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5313] chdir("./file1") = 0 [pid 5313] ioctl(4, LOOP_CLR_FD [pid 5310] <... mount resumed>) = 0 [pid 5313] <... ioctl resumed>) = 0 [pid 5313] close(4 [ 109.076036][ T5313] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 109.092216][ T5310] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5310] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5313] <... close resumed>) = 0 [pid 5310] <... openat resumed>) = 3 [pid 5310] chdir("./file1") = 0 [pid 5310] ioctl(4, LOOP_CLR_FD [pid 5313] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5310] <... ioctl resumed>) = 0 [pid 5310] close(4 [pid 5313] <... openat resumed>) = 4 [pid 5310] <... close resumed>) = 0 [pid 5313] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5310] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5313] <... mmap resumed>) = 0x20000000 [pid 5310] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5313] ioctl(4, FS_IOC_GETVERSION [pid 5310] <... mmap resumed>) = 0x20000000 [pid 5313] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5310] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5313] exit_group(0 [pid 5310] exit_group(0) = ? [pid 5313] <... exit_group resumed>) = ? [pid 5310] +++ exited with 0 +++ [pid 5313] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5310, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=14 /* 0.14 s */} --- [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5313, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5090] <... umount2 resumed>) = 0 [pid 5095] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... openat resumed>) = 3 [pid 5093] <... openat resumed>) = 3 [pid 5095] fstat(3, [pid 5093] fstat(3, [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, [pid 5093] getdents64(3, [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./17/binderfs", [pid 5093] lstat("./17/binderfs", [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./17/binderfs" [pid 5093] unlink("./17/binderfs" [pid 5095] <... unlink resumed>) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5095] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./16/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./16/file1") = 0 [pid 5090] getdents64(3, [pid 5317] <... write resumed>) = 4194304 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./16") = 0 [pid 5090] mkdir("./17", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5317] munmap(0x7f12a0a40000, 4194304 [pid 5318] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5317] <... munmap resumed>) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5319 [pid 5317] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5317] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5319 attached [pid 5319] chdir("./17") = 0 [pid 5319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5319] setpgid(0, 0) = 0 [pid 5319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5319] write(3, "1000", 4) = 4 [pid 5319] close(3) = 0 [pid 5319] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5319] memfd_create("syzkaller", 0) = 3 [pid 5319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5316] <... write resumed>) = 4194304 [pid 5317] <... ioctl resumed>) = 0 [pid 5316] munmap(0x7f12a0a40000, 4194304 [pid 5317] close(3 [pid 5316] <... munmap resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5317] <... close resumed>) = 0 [pid 5316] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5317] mkdir("./file1", 0777 [pid 5316] <... openat resumed>) = 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5317] <... mkdir resumed>) = 0 [pid 5095] lstat("./17/file1", [ 109.273629][ T5317] loop4: detected capacity change from 0 to 8192 [pid 5316] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5317] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./17/file1" [pid 5318] <... write resumed>) = 4194304 [pid 5316] <... ioctl resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [ 109.325630][ T5316] loop2: detected capacity change from 0 to 8192 [ 109.359729][ T5317] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5318] munmap(0x7f12a0a40000, 4194304 [pid 5316] close(3 [pid 5095] getdents64(3, [pid 5318] <... munmap resumed>) = 0 [pid 5316] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5316] mkdir("./file1", 0777 [pid 5095] close(3 [pid 5316] <... mkdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5318] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5316] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] rmdir("./17" [pid 5318] <... openat resumed>) = 4 [pid 5095] <... rmdir resumed>) = 0 [pid 5318] ioctl(4, LOOP_SET_FD, 3 [pid 5095] mkdir("./18", 0777 [pid 5318] <... ioctl resumed>) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5318] close(3 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [ 109.375801][ T5317] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 109.394423][ T5318] loop1: detected capacity change from 0 to 8192 [ 109.403629][ T5316] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.417792][ T5317] REISERFS (device loop4): using ordered data mode [pid 5319] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... openat resumed>) = 3 [pid 5318] <... close resumed>) = 0 [pid 5318] mkdir("./file1", 0777 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5318] <... mkdir resumed>) = 0 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5318] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] close(3) = 0 [ 109.426039][ T5316] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 109.436653][ T5317] reiserfs: using flush barriers [ 109.446001][ T5317] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.464825][ T5316] REISERFS (device loop2): using ordered data mode [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5323 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./17/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5323 attached ) = 4 [pid 5323] chdir("./18" [pid 5093] fstat(4, [pid 5323] <... chdir resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5323] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5319] <... write resumed>) = 4194304 [ 109.475318][ T5316] reiserfs: using flush barriers [ 109.482244][ T5318] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.505138][ T5316] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] getdents64(4, [pid 5323] <... prctl resumed>) = 0 [pid 5319] munmap(0x7f12a0a40000, 4194304 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5323] setpgid(0, 0) = 0 [pid 5319] <... munmap resumed>) = 0 [pid 5093] getdents64(4, [pid 5323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5319] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5323] <... openat resumed>) = 3 [pid 5319] <... openat resumed>) = 4 [pid 5093] close(4 [pid 5323] write(3, "1000", 4 [pid 5319] ioctl(4, LOOP_SET_FD, 3 [pid 5093] <... close resumed>) = 0 [pid 5323] <... write resumed>) = 4 [pid 5093] rmdir("./17/file1" [pid 5323] close(3) = 0 [pid 5319] <... ioctl resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [ 109.515751][ T5318] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 109.530449][ T5317] REISERFS (device loop4): checking transaction log (loop4) [ 109.531723][ T5318] REISERFS (device loop1): using ordered data mode [ 109.546230][ T5318] reiserfs: using flush barriers [ 109.552976][ T5316] REISERFS (device loop2): checking transaction log (loop2) [ 109.560664][ T5319] loop0: detected capacity change from 0 to 8192 [pid 5323] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5323] memfd_create("syzkaller", 0) = 3 [pid 5323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5319] close(3 [pid 5093] <... close resumed>) = 0 [pid 5093] rmdir("./17" [pid 5319] <... close resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] mkdir("./18", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5319] mkdir("./file1", 0777 [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5319] <... mkdir resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5319] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5324 attached [pid 5324] chdir("./18" [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5324 [pid 5324] <... chdir resumed>) = 0 [pid 5324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 109.581608][ T5318] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5324] setpgid(0, 0) = 0 [pid 5323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5324] write(3, "1000", 4) = 4 [pid 5324] close(3) = 0 [pid 5324] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5324] memfd_create("syzkaller", 0) = 3 [pid 5324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 109.648253][ T5319] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5323] <... write resumed>) = 4194304 [pid 5323] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5323] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 109.702227][ T5319] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 109.712088][ T5319] REISERFS (device loop0): using ordered data mode [ 109.719837][ T5319] reiserfs: using flush barriers [ 109.730383][ T5319] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5323] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5323] close(3) = 0 [pid 5323] mkdir("./file1", 0777) = 0 [pid 5323] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 109.775428][ T5318] REISERFS (device loop1): checking transaction log (loop1) [ 109.775511][ T5323] loop5: detected capacity change from 0 to 8192 [ 109.798606][ T5319] REISERFS (device loop0): checking transaction log (loop0) [ 109.806832][ T5323] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.856061][ T5317] REISERFS (device loop4): Using r5 hash to sort names [ 109.882279][ T5323] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 109.883810][ T5317] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5324] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5317] <... mount resumed>) = 0 [pid 5316] <... mount resumed>) = 0 [pid 5317] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 109.913157][ T5323] REISERFS (device loop5): using ordered data mode [ 109.917596][ T5316] REISERFS (device loop2): Using r5 hash to sort names [ 109.926952][ T5323] reiserfs: using flush barriers [ 109.927896][ T5316] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5316] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5324] <... write resumed>) = 4194304 [pid 5317] <... openat resumed>) = 3 [pid 5317] chdir("./file1" [pid 5316] <... openat resumed>) = 3 [pid 5324] munmap(0x7f12a0a40000, 4194304 [pid 5317] <... chdir resumed>) = 0 [pid 5316] chdir("./file1" [pid 5317] ioctl(4, LOOP_CLR_FD [pid 5316] <... chdir resumed>) = 0 [pid 5324] <... munmap resumed>) = 0 [pid 5317] <... ioctl resumed>) = 0 [pid 5316] ioctl(4, LOOP_CLR_FD [pid 5317] close(4 [pid 5324] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5316] <... ioctl resumed>) = 0 [pid 5317] <... close resumed>) = 0 [pid 5317] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5316] close(4 [pid 5324] <... openat resumed>) = 4 [pid 5317] <... openat resumed>) = 4 [pid 5316] <... close resumed>) = 0 [pid 5324] ioctl(4, LOOP_SET_FD, 3 [pid 5317] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5316] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5317] <... mmap resumed>) = 0x20000000 [pid 5316] <... openat resumed>) = 4 [pid 5317] ioctl(4, FS_IOC_GETVERSION [pid 5316] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5317] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5316] <... mmap resumed>) = 0x20000000 [pid 5317] exit_group(0) = ? [pid 5316] ioctl(4, FS_IOC_GETVERSION [pid 5317] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5317, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5316] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5316] exit_group(0) = ? [pid 5316] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5316, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5094] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] fstat(3, [pid 5092] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5094] getdents64(3, [pid 5092] fstat(3, [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./18/binderfs", [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] unlink("./18/binderfs" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... unlink resumed>) = 0 [pid 5092] lstat("./17/binderfs", [pid 5094] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 109.952706][ T5323] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.988971][ T5324] loop3: detected capacity change from 0 to 8192 [pid 5092] unlink("./17/binderfs") = 0 [pid 5324] <... ioctl resumed>) = 0 [pid 5092] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5324] close(3) = 0 [pid 5324] mkdir("./file1", 0777) = 0 [pid 5324] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5319] <... mount resumed>) = 0 [ 110.025205][ T5319] REISERFS (device loop0): Using r5 hash to sort names [ 110.042837][ T5323] REISERFS (device loop5): checking transaction log (loop5) [ 110.059111][ T5319] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5319] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5319] chdir("./file1") = 0 [pid 5319] ioctl(4, LOOP_CLR_FD) = 0 [pid 5319] close(4) = 0 [pid 5319] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5319] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5319] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5319] exit_group(0) = ? [pid 5319] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5319, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5090] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./17/binderfs") = 0 [pid 5090] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./17/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 110.072234][ T5324] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.089486][ T5318] REISERFS (device loop1): Using r5 hash to sort names [ 110.105819][ T5318] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 110.113324][ T5324] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5318] <... mount resumed>) = 0 [pid 5318] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5318] chdir("./file1" [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./17/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./17" [pid 5318] <... chdir resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./18", 0777 [pid 5318] ioctl(4, LOOP_CLR_FD) = 0 [pid 5318] close(4 [pid 5092] <... mkdir resumed>) = 0 [pid 5318] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5318] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5318] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5318] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5318] exit_group(0) = ? [pid 5318] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5318, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} --- [pid 5091] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./17/binderfs") = 0 [pid 5091] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./18/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./18/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./18") = 0 [ 110.210188][ T5324] REISERFS (device loop3): using ordered data mode [ 110.249822][ T5324] reiserfs: using flush barriers [pid 5094] mkdir("./19", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5328 ./strace-static-x86_64: Process 5328 attached [pid 5092] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5328] chdir("./19") = 0 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5328] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5328] <... prctl resumed>) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5329 [pid 5328] setpgid(0, 0) = 0 [pid 5328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5328] write(3, "1000", 4) = 4 [pid 5328] close(3) = 0 [ 110.293051][ T5324] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5328] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5329 attached ) = 0 [pid 5329] chdir("./18" [pid 5328] memfd_create("syzkaller", 0) = 3 [pid 5329] <... chdir resumed>) = 0 [pid 5328] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5328] <... mmap resumed>) = 0x7f12a0a40000 [pid 5329] setpgid(0, 0) = 0 [pid 5329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5329] write(3, "1000", 4) = 4 [pid 5329] close(3) = 0 [pid 5329] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5329] memfd_create("syzkaller", 0) = 3 [pid 5329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./17/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 110.396139][ T5323] REISERFS (device loop5): Using r5 hash to sort names [ 110.404343][ T5324] REISERFS (device loop3): checking transaction log (loop3) [pid 5090] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./17/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3 [pid 5329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... close resumed>) = 0 [pid 5090] rmdir("./17") = 0 [pid 5090] mkdir("./18", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 110.451988][ T5323] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5330 [pid 5328] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5323] <... mount resumed>) = 0 [pid 5323] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 5330 attached [pid 5330] chdir("./18") = 0 [pid 5330] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5330] setpgid(0, 0) = 0 [pid 5330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5330] write(3, "1000", 4) = 4 [pid 5330] close(3) = 0 [pid 5323] chdir("./file1" [pid 5330] symlink("/dev/binderfs", "./binderfs" [pid 5323] <... chdir resumed>) = 0 [pid 5330] <... symlink resumed>) = 0 [pid 5323] ioctl(4, LOOP_CLR_FD) = 0 [pid 5323] close(4 [pid 5330] memfd_create("syzkaller", 0 [pid 5323] <... close resumed>) = 0 [pid 5323] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5330] <... memfd_create resumed>) = 3 [pid 5330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5323] <... openat resumed>) = 4 [pid 5323] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5091] <... umount2 resumed>) = 0 [pid 5323] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5323] exit_group(0) = ? [pid 5091] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./17/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5323] +++ exited with 0 +++ [pid 5091] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5323, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] close(4) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5091] rmdir("./17/file1" [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./17") = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] mkdir("./18", 0777 [pid 5095] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... mkdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5095] unlink("./18/binderfs" [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... unlink resumed>) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5331 ./strace-static-x86_64: Process 5331 attached [pid 5331] chdir("./18") = 0 [pid 5331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5331] setpgid(0, 0 [pid 5095] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5331] <... setpgid resumed>) = 0 [pid 5331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5331] write(3, "1000", 4) = 4 [pid 5331] close(3) = 0 [pid 5331] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5331] memfd_create("syzkaller", 0) = 3 [pid 5331] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5328] <... write resumed>) = 4194304 [pid 5329] <... write resumed>) = 4194304 [pid 5329] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5329] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5329] ioctl(4, LOOP_SET_FD, 3 [pid 5328] munmap(0x7f12a0a40000, 4194304 [pid 5329] <... ioctl resumed>) = 0 [pid 5329] close(3 [pid 5328] <... munmap resumed>) = 0 [pid 5328] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5329] <... close resumed>) = 0 [pid 5328] <... openat resumed>) = 4 [pid 5328] ioctl(4, LOOP_SET_FD, 3 [pid 5329] mkdir("./file1", 0777) = 0 [ 110.719954][ T5329] loop2: detected capacity change from 0 to 8192 [ 110.740418][ T5328] loop4: detected capacity change from 0 to 8192 [pid 5329] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5328] <... ioctl resumed>) = 0 [pid 5328] close(3) = 0 [pid 5328] mkdir("./file1", 0777) = 0 [pid 5328] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5331] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 110.774088][ T5324] REISERFS (device loop3): Using r5 hash to sort names [ 110.777590][ T5329] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.795893][ T5324] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 110.810443][ T5328] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5330] <... write resumed>) = 4194304 [pid 5324] <... mount resumed>) = 0 [pid 5095] lstat("./18/file1", [pid 5330] munmap(0x7f12a0a40000, 4194304 [pid 5324] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5330] <... munmap resumed>) = 0 [pid 5324] <... openat resumed>) = 3 [pid 5324] chdir("./file1" [pid 5095] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5324] <... chdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5330] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5324] ioctl(4, LOOP_CLR_FD [pid 5330] <... openat resumed>) = 4 [pid 5324] <... ioctl resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5330] ioctl(4, LOOP_SET_FD, 3 [pid 5324] close(4 [ 110.827065][ T5329] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 110.832005][ T5328] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 110.851427][ T5328] REISERFS (device loop4): using ordered data mode [ 110.858774][ T5328] reiserfs: using flush barriers [ 110.859625][ T5329] REISERFS (device loop2): using ordered data mode [pid 5095] fstat(4, [pid 5324] <... close resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5324] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] getdents64(4, [pid 5324] <... openat resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5324] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] getdents64(4, [pid 5324] <... mmap resumed>) = 0x20000000 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./18/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5324] ioctl(4, FS_IOC_GETVERSION [pid 5095] close(3 [pid 5324] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] <... close resumed>) = 0 [pid 5324] exit_group(0 [pid 5095] rmdir("./18" [pid 5324] <... exit_group resumed>) = ? [pid 5095] <... rmdir resumed>) = 0 [pid 5324] +++ exited with 0 +++ [pid 5095] mkdir("./19", 0777) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5324, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [ 110.865390][ T5328] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.872618][ T5330] loop0: detected capacity change from 0 to 8192 [ 110.887336][ T5328] REISERFS (device loop4): checking transaction log (loop4) [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5093] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5334 attached [pid 5331] <... write resumed>) = 4194304 [pid 5093] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5334] chdir("./19" [pid 5331] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5334 [pid 5093] <... openat resumed>) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5334] <... chdir resumed>) = 0 [pid 5331] <... munmap resumed>) = 0 [pid 5093] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5334] prctl(PR_SET_PDEATHSIG, SIGKILL [ 110.941077][ T5329] reiserfs: using flush barriers [ 110.954949][ T5329] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.983950][ T5329] REISERFS (device loop2): checking transaction log (loop2) [pid 5331] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5334] <... prctl resumed>) = 0 [pid 5093] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5331] <... openat resumed>) = 4 [pid 5334] setpgid(0, 0 [pid 5093] unlink("./18/binderfs" [pid 5334] <... setpgid resumed>) = 0 [pid 5331] ioctl(4, LOOP_SET_FD, 3 [pid 5093] <... unlink resumed>) = 0 [pid 5334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5334] <... openat resumed>) = 3 [pid 5334] write(3, "1000", 4) = 4 [pid 5334] close(3 [pid 5331] <... ioctl resumed>) = 0 [pid 5330] <... ioctl resumed>) = 0 [pid 5334] <... close resumed>) = 0 [pid 5331] close(3 [pid 5330] close(3 [pid 5334] symlink("/dev/binderfs", "./binderfs" [pid 5331] <... close resumed>) = 0 [pid 5330] <... close resumed>) = 0 [pid 5334] <... symlink resumed>) = 0 [pid 5331] mkdir("./file1", 0777 [pid 5330] mkdir("./file1", 0777 [pid 5334] memfd_create("syzkaller", 0 [pid 5331] <... mkdir resumed>) = 0 [pid 5334] <... memfd_create resumed>) = 3 [pid 5331] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5330] <... mkdir resumed>) = 0 [pid 5334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5330] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5328] <... mount resumed>) = 0 [pid 5334] <... mmap resumed>) = 0x7f12a0a40000 [pid 5328] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 111.004565][ T5328] REISERFS (device loop4): Using r5 hash to sort names [ 111.015287][ T5328] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 111.028053][ T5331] loop1: detected capacity change from 0 to 8192 [pid 5328] chdir("./file1") = 0 [ 111.067806][ T5331] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.082441][ T5330] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.104618][ T5331] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5328] ioctl(4, LOOP_CLR_FD) = 0 [pid 5328] close(4) = 0 [pid 5328] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5328] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5328] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5328] exit_group(0) = ? [pid 5328] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5328, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5094] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./19/binderfs") = 0 [ 111.114719][ T5330] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 111.121203][ T5331] REISERFS (device loop1): using ordered data mode [pid 5094] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5334] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 111.165177][ T5331] reiserfs: using flush barriers [ 111.180364][ T5330] REISERFS (device loop0): using ordered data mode [ 111.188045][ T5330] reiserfs: using flush barriers [pid 5093] lstat("./18/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 111.209678][ T5331] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.226063][ T5330] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.226449][ T5330] REISERFS (device loop0): checking transaction log (loop0) [pid 5093] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./18/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./18") = 0 [pid 5093] mkdir("./19", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5337 attached , child_tidptr=0x555556fb25d0) = 5337 [ 111.269414][ T5329] REISERFS (device loop2): Using r5 hash to sort names [pid 5337] chdir("./19") = 0 [pid 5337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5337] setpgid(0, 0) = 0 [pid 5337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5337] write(3, "1000", 4) = 4 [pid 5337] close(3) = 0 [pid 5337] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5337] memfd_create("syzkaller", 0) = 3 [pid 5337] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5329] <... mount resumed>) = 0 [pid 5329] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5329] chdir("./file1") = 0 [pid 5329] ioctl(4, LOOP_CLR_FD) = 0 [pid 5329] close(4) = 0 [pid 5329] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5329] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 111.312332][ T5329] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5329] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5329] exit_group(0) = ? [pid 5329] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5329, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5092] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5334] <... write resumed>) = 4194304 [pid 5092] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./18/binderfs") = 0 [ 111.381376][ T5331] REISERFS (device loop1): checking transaction log (loop1) [pid 5092] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./19/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5334] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5094] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5337] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5334] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5334] ioctl(4, LOOP_SET_FD, 3 [pid 5094] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./19/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./19") = 0 [pid 5094] mkdir("./20", 0777 [pid 5334] <... ioctl resumed>) = 0 [pid 5334] close(3 [pid 5094] <... mkdir resumed>) = 0 [pid 5334] <... close resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5334] mkdir("./file1", 0777) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5334] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [ 111.479231][ T5334] loop5: detected capacity change from 0 to 8192 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5339 [ 111.532044][ T5334] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 ./strace-static-x86_64: Process 5339 attached [pid 5339] chdir("./20") = 0 [pid 5339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5339] setpgid(0, 0) = 0 [pid 5339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 111.583655][ T5330] REISERFS (device loop0): Using r5 hash to sort names [ 111.586768][ T5334] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 111.613835][ T5330] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 111.614283][ T5334] REISERFS (device loop5): using ordered data mode [pid 5339] write(3, "1000", 4) = 4 [pid 5339] close(3) = 0 [pid 5339] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5339] memfd_create("syzkaller", 0) = 3 [pid 5339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5331] <... mount resumed>) = 0 [pid 5330] <... mount resumed>) = 0 [pid 5331] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5330] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5331] chdir("./file1") = 0 [pid 5330] <... openat resumed>) = 3 [pid 5331] ioctl(4, LOOP_CLR_FD [pid 5330] chdir("./file1" [pid 5331] <... ioctl resumed>) = 0 [pid 5330] <... chdir resumed>) = 0 [pid 5331] close(4 [ 111.630350][ T5334] reiserfs: using flush barriers [ 111.637370][ T5331] REISERFS (device loop1): Using r5 hash to sort names [ 111.645557][ T5331] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 111.657001][ T5334] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5330] ioctl(4, LOOP_CLR_FD [pid 5339] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5337] <... write resumed>) = 4194304 [pid 5331] <... close resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5330] <... ioctl resumed>) = 0 [pid 5337] munmap(0x7f12a0a40000, 4194304 [pid 5330] close(4 [pid 5337] <... munmap resumed>) = 0 [pid 5331] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5330] <... close resumed>) = 0 [pid 5092] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5337] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5331] <... openat resumed>) = 4 [pid 5330] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5337] <... openat resumed>) = 4 [pid 5331] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5337] ioctl(4, LOOP_SET_FD, 3 [pid 5330] <... openat resumed>) = 4 [pid 5092] lstat("./18/file1", [pid 5331] <... mmap resumed>) = 0x20000000 [pid 5330] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5337] <... ioctl resumed>) = 0 [pid 5331] ioctl(4, FS_IOC_GETVERSION [pid 5330] <... mmap resumed>) = 0x20000000 [pid 5092] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5337] close(3 [pid 5331] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5330] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5337] <... close resumed>) = 0 [pid 5331] exit_group(0 [pid 5330] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5339] <... write resumed>) = 4194304 [pid 5337] mkdir("./file1", 0777 [pid 5331] <... exit_group resumed>) = ? [pid 5330] exit_group(0 [pid 5092] <... openat resumed>) = 4 [pid 5339] munmap(0x7f12a0a40000, 4194304 [pid 5337] <... mkdir resumed>) = 0 [pid 5331] +++ exited with 0 +++ [pid 5330] <... exit_group resumed>) = ? [pid 5092] fstat(4, [pid 5339] <... munmap resumed>) = 0 [pid 5337] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5330] +++ exited with 0 +++ [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5331, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5339] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] getdents64(4, [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5330, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [ 111.694711][ T5334] REISERFS (device loop5): checking transaction log (loop5) [ 111.728462][ T5337] loop3: detected capacity change from 0 to 8192 [pid 5339] <... openat resumed>) = 4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5339] ioctl(4, LOOP_SET_FD, 3 [pid 5092] getdents64(4, [pid 5090] <... restart_syscall resumed>) = 0 [pid 5339] <... ioctl resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5091] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] rmdir("./18/file1" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... rmdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, [pid 5091] <... openat resumed>) = 3 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] fstat(3, [pid 5092] close(3 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... close resumed>) = 0 [pid 5091] getdents64(3, [pid 5092] rmdir("./18" [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] mkdir("./19", 0777 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... mkdir resumed>) = 0 [pid 5091] lstat("./18/binderfs", [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5339] close(3 [pid 5092] <... openat resumed>) = 3 [pid 5091] unlink("./18/binderfs" [pid 5339] <... close resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] <... unlink resumed>) = 0 [pid 5339] mkdir("./file1", 0777 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5339] <... mkdir resumed>) = 0 [pid 5092] close(3 [pid 5339] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5342 ./strace-static-x86_64: Process 5342 attached [pid 5342] chdir("./19") = 0 [pid 5342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5342] setpgid(0, 0 [pid 5090] <... openat resumed>) = 3 [pid 5342] <... setpgid resumed>) = 0 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 111.763541][ T5339] loop4: detected capacity change from 0 to 8192 [ 111.774352][ T5337] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5090] getdents64(3, [pid 5342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5342] <... openat resumed>) = 3 [pid 5342] write(3, "1000", 4) = 4 [pid 5342] close(3) = 0 [pid 5342] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5342] memfd_create("syzkaller", 0) = 3 [pid 5342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./18/binderfs") = 0 [ 111.805822][ T5339] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.811138][ T5337] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 111.858054][ T5339] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 111.872320][ T5337] REISERFS (device loop3): using ordered data mode [ 111.880054][ T5337] reiserfs: using flush barriers [ 111.886874][ T5337] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.904674][ T5337] REISERFS (device loop3): checking transaction log (loop3) [pid 5090] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = 0 [ 111.944024][ T5339] REISERFS (device loop4): using ordered data mode [pid 5342] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./18/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 111.998818][ T5339] reiserfs: using flush barriers [ 112.013300][ T5337] REISERFS (device loop3): Using r5 hash to sort names [ 112.027992][ T5339] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5337] <... mount resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5337] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] fstat(4, [pid 5337] <... openat resumed>) = 3 [pid 5337] chdir("./file1" [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5337] <... chdir resumed>) = 0 [pid 5337] ioctl(4, LOOP_CLR_FD [pid 5091] getdents64(4, [pid 5337] <... ioctl resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5337] close(4 [pid 5091] getdents64(4, [pid 5337] <... close resumed>) = 0 [pid 5337] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5337] <... openat resumed>) = 4 [pid 5091] close(4 [pid 5337] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] <... close resumed>) = 0 [pid 5337] <... mmap resumed>) = 0x20000000 [pid 5091] rmdir("./18/file1" [pid 5337] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5091] <... rmdir resumed>) = 0 [pid 5337] exit_group(0) = ? [pid 5091] getdents64(3, [pid 5337] +++ exited with 0 +++ [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5337, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5091] close(3 [pid 5093] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... close resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] rmdir("./18" [ 112.053034][ T5337] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 112.063355][ T5339] REISERFS (device loop4): checking transaction log (loop4) [ 112.078018][ T5334] REISERFS (device loop5): Using r5 hash to sort names [pid 5093] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] <... rmdir resumed>) = 0 [pid 5342] <... write resumed>) = 4194304 [pid 5093] fstat(3, [pid 5091] mkdir("./19", 0777 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5093] getdents64(3, [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... openat resumed>) = 3 [pid 5093] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] lstat("./19/binderfs", [pid 5091] close(3 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... close resumed>) = 0 [pid 5093] unlink("./19/binderfs" [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... unlink resumed>) = 0 [pid 5093] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5343 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./18/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5342] munmap(0x7f12a0a40000, 4194304./strace-static-x86_64: Process 5343 attached [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5343] chdir("./19") = 0 [pid 5090] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5343] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5342] <... munmap resumed>) = 0 [pid 5334] <... mount resumed>) = 0 [pid 5343] <... prctl resumed>) = 0 [pid 5334] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] <... openat resumed>) = 4 [pid 5343] setpgid(0, 0 [pid 5342] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5334] <... openat resumed>) = 3 [pid 5343] <... setpgid resumed>) = 0 [pid 5334] chdir("./file1" [pid 5090] fstat(4, [pid 5343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5334] <... chdir resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5343] <... openat resumed>) = 3 [pid 5342] <... openat resumed>) = 4 [pid 5334] ioctl(4, LOOP_CLR_FD [pid 5090] getdents64(4, [pid 5343] write(3, "1000", 4 [pid 5342] ioctl(4, LOOP_SET_FD, 3 [pid 5334] <... ioctl resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5343] <... write resumed>) = 4 [ 112.141584][ T5334] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5334] close(4 [pid 5090] getdents64(4, [pid 5343] close(3 [pid 5334] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5343] <... close resumed>) = 0 [pid 5334] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] close(4 [pid 5343] symlink("/dev/binderfs", "./binderfs" [pid 5334] <... openat resumed>) = 4 [pid 5090] <... close resumed>) = 0 [pid 5343] <... symlink resumed>) = 0 [pid 5334] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] rmdir("./18/file1" [pid 5343] memfd_create("syzkaller", 0 [pid 5334] <... mmap resumed>) = 0x20000000 [pid 5090] <... rmdir resumed>) = 0 [pid 5343] <... memfd_create resumed>) = 3 [pid 5334] ioctl(4, FS_IOC_GETVERSION [pid 5090] getdents64(3, [pid 5343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5334] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5343] <... mmap resumed>) = 0x7f12a0a40000 [pid 5334] exit_group(0 [pid 5090] close(3 [pid 5334] <... exit_group resumed>) = ? [pid 5090] <... close resumed>) = 0 [pid 5334] +++ exited with 0 +++ [pid 5090] rmdir("./18" [pid 5342] <... ioctl resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5342] close(3 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5334, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5090] mkdir("./19", 0777 [pid 5342] <... close resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5342] mkdir("./file1", 0777 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5342] <... mkdir resumed>) = 0 [pid 5095] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 3 [pid 5342] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5095] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] <... openat resumed>) = 3 [pid 5090] close(3 [pid 5095] fstat(3, [pid 5090] <... close resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] getdents64(3, [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5345 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 112.188183][ T5342] loop2: detected capacity change from 0 to 8192 [pid 5095] lstat("./19/binderfs", ./strace-static-x86_64: Process 5345 attached {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5345] chdir("./19" [pid 5095] unlink("./19/binderfs" [pid 5345] <... chdir resumed>) = 0 [pid 5345] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5345] setpgid(0, 0) = 0 [pid 5345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5345] write(3, "1000", 4) = 4 [pid 5345] close(3) = 0 [pid 5345] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5345] memfd_create("syzkaller", 0) = 3 [pid 5345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5343] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./19/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./19/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [ 112.272110][ T5342] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.310600][ T5339] REISERFS (device loop4): Using r5 hash to sort names [pid 5095] close(3) = 0 [pid 5095] rmdir("./19") = 0 [pid 5095] mkdir("./20", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = 0 [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5346 [pid 5339] <... mount resumed>) = 0 [pid 5345] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5339] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5339] chdir("./file1") = 0 [ 112.341226][ T5342] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 112.351542][ T5339] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5339] ioctl(4, LOOP_CLR_FD [pid 5343] <... write resumed>) = 4194304 [pid 5339] <... ioctl resumed>) = 0 [pid 5343] munmap(0x7f12a0a40000, 4194304 [pid 5339] close(4./strace-static-x86_64: Process 5346 attached [pid 5343] <... munmap resumed>) = 0 [pid 5339] <... close resumed>) = 0 [pid 5343] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5339] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5343] <... openat resumed>) = 4 [pid 5339] <... openat resumed>) = 4 [pid 5343] ioctl(4, LOOP_SET_FD, 3 [pid 5339] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5346] chdir("./20" [pid 5339] <... mmap resumed>) = 0x20000000 [pid 5346] <... chdir resumed>) = 0 [ 112.397905][ T5342] REISERFS (device loop2): using ordered data mode [ 112.405480][ T5342] reiserfs: using flush barriers [ 112.412825][ T5342] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.425417][ T5343] loop1: detected capacity change from 0 to 8192 [pid 5339] ioctl(4, FS_IOC_GETVERSION [pid 5346] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5339] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5339] exit_group(0) = ? [pid 5346] <... prctl resumed>) = 0 [pid 5339] +++ exited with 0 +++ [pid 5346] setpgid(0, 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5339, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5346] <... setpgid resumed>) = 0 [pid 5346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5346] write(3, "1000", 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5346] <... write resumed>) = 4 [pid 5094] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5346] close(3 [pid 5343] <... ioctl resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5346] <... close resumed>) = 0 [pid 5343] close(3 [pid 5094] fstat(3, [pid 5346] symlink("/dev/binderfs", "./binderfs" [pid 5343] <... close resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5346] <... symlink resumed>) = 0 [pid 5343] mkdir("./file1", 0777 [pid 5094] getdents64(3, [pid 5346] memfd_create("syzkaller", 0 [pid 5343] <... mkdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5346] <... memfd_create resumed>) = 3 [pid 5343] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [ 112.450313][ T5342] REISERFS (device loop2): checking transaction log (loop2) [pid 5346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5346] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./20/binderfs") = 0 [ 112.508489][ T5343] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5345] <... write resumed>) = 4194304 [pid 5093] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5345] munmap(0x7f12a0a40000, 4194304 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./19/file1", [pid 5345] <... munmap resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5345] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5093] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5345] <... openat resumed>) = 4 [pid 5345] ioctl(4, LOOP_SET_FD, 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5345] <... ioctl resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5345] close(3) = 0 [pid 5093] <... openat resumed>) = 4 [pid 5345] mkdir("./file1", 0777 [pid 5094] <... umount2 resumed>) = 0 [pid 5093] fstat(4, [pid 5345] <... mkdir resumed>) = 0 [pid 5094] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5345] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] getdents64(4, [pid 5094] lstat("./20/file1", [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 112.564251][ T5343] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 112.601735][ T5345] loop0: detected capacity change from 0 to 8192 [pid 5346] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] getdents64(4, [pid 5094] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] close(4 [pid 5094] <... openat resumed>) = 4 [pid 5093] <... close resumed>) = 0 [pid 5094] fstat(4, [pid 5093] rmdir("./19/file1" [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, [pid 5093] <... rmdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(3, [pid 5094] getdents64(4, [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5094] close(4) = 0 [pid 5093] <... close resumed>) = 0 [pid 5094] rmdir("./20/file1" [pid 5093] rmdir("./19" [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5094] getdents64(3, [pid 5093] mkdir("./20", 0777 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [ 112.639370][ T5343] REISERFS (device loop1): using ordered data mode [ 112.639730][ T5342] REISERFS (device loop2): Using r5 hash to sort names [ 112.650533][ T5343] reiserfs: using flush barriers [ 112.660315][ T5345] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] <... mkdir resumed>) = 0 [pid 5342] <... mount resumed>) = 0 [pid 5094] close(3 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] <... close resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5094] rmdir("./20" [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5342] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5342] <... openat resumed>) = 3 [pid 5094] mkdir("./21", 0777 [pid 5093] close(3 [pid 5342] chdir("./file1" [pid 5094] <... mkdir resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5342] <... chdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5342] ioctl(4, LOOP_CLR_FD) = 0 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5349 [pid 5342] close(4 [pid 5346] <... write resumed>) = 4194304 [pid 5342] <... close resumed>) = 0 [ 112.681401][ T5342] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 112.691284][ T5343] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.691518][ T5345] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 112.716942][ T5345] REISERFS (device loop0): using ordered data mode [ 112.723707][ T5345] reiserfs: using flush barriers ./strace-static-x86_64: Process 5349 attached [pid 5346] munmap(0x7f12a0a40000, 4194304 [pid 5342] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5349] chdir("./20" [pid 5342] <... openat resumed>) = 4 [pid 5349] <... chdir resumed>) = 0 [pid 5342] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5349] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5342] <... mmap resumed>) = 0x20000000 [pid 5349] <... prctl resumed>) = 0 [pid 5346] <... munmap resumed>) = 0 [pid 5342] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... openat resumed>) = 3 [pid 5349] setpgid(0, 0 [pid 5346] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5342] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5349] <... setpgid resumed>) = 0 [pid 5346] <... openat resumed>) = 4 [pid 5342] exit_group(0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 112.750165][ T5345] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.752008][ T5343] REISERFS (device loop1): checking transaction log (loop1) [ 112.766751][ T5345] REISERFS (device loop0): checking transaction log (loop0) [pid 5349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5346] ioctl(4, LOOP_SET_FD, 3 [pid 5342] <... exit_group resumed>) = ? [pid 5094] close(3 [pid 5349] <... openat resumed>) = 3 [pid 5346] <... ioctl resumed>) = 0 [pid 5342] +++ exited with 0 +++ [pid 5094] <... close resumed>) = 0 [pid 5349] write(3, "1000", 4 [pid 5346] close(3 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5349] <... write resumed>) = 4 [pid 5346] <... close resumed>) = 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5342, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=20 /* 0.20 s */} --- ./strace-static-x86_64: Process 5350 attached [pid 5349] close(3 [pid 5346] mkdir("./file1", 0777 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5350 [pid 5092] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5350] chdir("./21" [pid 5349] <... close resumed>) = 0 [pid 5346] <... mkdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5350] <... chdir resumed>) = 0 [pid 5349] symlink("/dev/binderfs", "./binderfs" [pid 5346] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5350] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5349] <... symlink resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5350] <... prctl resumed>) = 0 [pid 5349] memfd_create("syzkaller", 0 [pid 5092] fstat(3, [pid 5350] setpgid(0, 0 [pid 5349] <... memfd_create resumed>) = 3 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5350] <... setpgid resumed>) = 0 [pid 5349] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 112.810628][ T5346] loop5: detected capacity change from 0 to 8192 [pid 5092] getdents64(3, [pid 5350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5349] <... mmap resumed>) = 0x7f12a0a40000 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5350] <... openat resumed>) = 3 [pid 5092] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5350] write(3, "1000", 4) = 4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5350] close(3 [pid 5092] lstat("./19/binderfs", [pid 5350] <... close resumed>) = 0 [pid 5350] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5350] <... symlink resumed>) = 0 [pid 5092] unlink("./19/binderfs" [pid 5350] memfd_create("syzkaller", 0) = 3 [pid 5092] <... unlink resumed>) = 0 [pid 5350] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5350] <... mmap resumed>) = 0x7f12a0a40000 [ 112.866805][ T5346] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.897071][ T5346] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 112.907238][ T5346] REISERFS (device loop5): using ordered data mode [ 112.914538][ T5346] reiserfs: using flush barriers [ 112.922329][ T5346] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.965041][ T5345] REISERFS (device loop0): Using r5 hash to sort names [pid 5349] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 113.011908][ T5346] REISERFS (device loop5): checking transaction log (loop5) [ 113.032756][ T5345] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 113.048773][ T5343] REISERFS (device loop1): Using r5 hash to sort names [pid 5350] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5343] <... mount resumed>) = 0 [pid 5343] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5343] chdir("./file1") = 0 [pid 5343] ioctl(4, LOOP_CLR_FD) = 0 [pid 5345] <... mount resumed>) = 0 [pid 5343] close(4) = 0 [ 113.056592][ T5343] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5343] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5345] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5343] <... openat resumed>) = 4 [pid 5345] <... openat resumed>) = 3 [pid 5343] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5345] chdir("./file1") = 0 [pid 5345] ioctl(4, LOOP_CLR_FD) = 0 [pid 5345] close(4) = 0 [pid 5345] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5343] <... mmap resumed>) = 0x20000000 [pid 5343] ioctl(4, FS_IOC_GETVERSION [pid 5345] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5343] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5345] <... mmap resumed>) = 0x20000000 [pid 5343] exit_group(0) = ? [pid 5345] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5345] exit_group(0 [pid 5343] +++ exited with 0 +++ [pid 5345] <... exit_group resumed>) = ? [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5343, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5345] +++ exited with 0 +++ [pid 5091] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5345, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5091] <... openat resumed>) = 3 [pid 5091] fstat(3, [pid 5090] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] getdents64(3, [pid 5090] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 3 [pid 5349] <... write resumed>) = 4194304 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5349] munmap(0x7f12a0a40000, 4194304 [pid 5090] fstat(3, [pid 5091] lstat("./19/binderfs", [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5349] <... munmap resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] getdents64(3, [pid 5349] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] unlink("./19/binderfs" [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5349] <... openat resumed>) = 4 [pid 5091] <... unlink resumed>) = 0 [pid 5090] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5349] ioctl(4, LOOP_SET_FD, 3 [pid 5091] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5349] <... ioctl resumed>) = 0 [pid 5090] unlink("./19/binderfs" [pid 5349] close(3) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5090] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5349] mkdir("./file1", 0777) = 0 [ 113.164914][ T5349] loop3: detected capacity change from 0 to 8192 [ 113.195714][ T5349] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5349] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./19/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 113.208791][ T5349] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 113.218460][ T5349] REISERFS (device loop3): using ordered data mode [ 113.225410][ T5349] reiserfs: using flush barriers [ 113.233811][ T5349] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.250912][ T5349] REISERFS (device loop3): checking transaction log (loop3) [pid 5092] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... umount2 resumed>) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4 [pid 5350] <... write resumed>) = 4194304 [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./19/file1" [pid 5090] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5350] munmap(0x7f12a0a40000, 4194304 [pid 5092] <... rmdir resumed>) = 0 [pid 5350] <... munmap resumed>) = 0 [pid 5092] getdents64(3, [pid 5350] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5350] <... openat resumed>) = 4 [pid 5349] <... mount resumed>) = 0 [pid 5092] close(3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5350] ioctl(4, LOOP_SET_FD, 3 [pid 5349] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] <... close resumed>) = 0 [pid 5349] <... openat resumed>) = 3 [pid 5092] rmdir("./19" [pid 5091] <... umount2 resumed>) = 0 [pid 5090] lstat("./19/file1", [pid 5349] chdir("./file1" [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./20", 0777 [pid 5091] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5349] <... chdir resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5349] ioctl(4, LOOP_CLR_FD [pid 5092] <... openat resumed>) = 3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5349] <... ioctl resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5349] close(4 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] lstat("./19/file1", [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5349] <... close resumed>) = 0 [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 113.313899][ T5349] REISERFS (device loop3): Using r5 hash to sort names [ 113.331388][ T5349] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 113.346014][ T5350] loop4: detected capacity change from 0 to 8192 [pid 5349] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5349] <... openat resumed>) = 4 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5353 [pid 5349] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5353 attached [pid 5350] <... ioctl resumed>) = 0 [pid 5349] <... mmap resumed>) = 0x20000000 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] fstat(4, [pid 5349] ioctl(4, FS_IOC_GETVERSION [pid 5350] close(3 [pid 5349] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5350] <... close resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5349] exit_group(0 [pid 5091] <... openat resumed>) = 4 [pid 5090] getdents64(4, [pid 5350] mkdir("./file1", 0777 [pid 5349] <... exit_group resumed>) = ? [pid 5091] fstat(4, [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5349] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5349, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5090] getdents64(4, [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5091] getdents64(4, [pid 5090] close(4 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... close resumed>) = 0 [pid 5353] chdir("./20" [pid 5350] <... mkdir resumed>) = 0 [pid 5093] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(4, [pid 5353] <... chdir resumed>) = 0 [pid 5350] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] rmdir("./19/file1" [pid 5353] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] close(4 [pid 5353] <... prctl resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5090] <... rmdir resumed>) = 0 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./20/binderfs") = 0 [pid 5093] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5353] setpgid(0, 0 [pid 5091] <... close resumed>) = 0 [pid 5090] getdents64(3, [pid 5353] <... setpgid resumed>) = 0 [pid 5091] rmdir("./19/file1" [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 113.431300][ T5350] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.449945][ T5350] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 113.459902][ T5350] REISERFS (device loop4): using ordered data mode [ 113.467775][ T5350] reiserfs: using flush barriers [ 113.474812][ T5346] REISERFS (device loop5): Using r5 hash to sort names [pid 5091] <... rmdir resumed>) = 0 [pid 5090] close(3 [pid 5353] write(3, "1000", 4 [pid 5091] getdents64(3, [pid 5090] <... close resumed>) = 0 [pid 5353] <... write resumed>) = 4 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] rmdir("./19" [pid 5353] close(3 [pid 5091] close(3 [pid 5090] <... rmdir resumed>) = 0 [pid 5353] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] mkdir("./20", 0777 [pid 5353] symlink("/dev/binderfs", "./binderfs" [pid 5091] rmdir("./19" [pid 5090] <... mkdir resumed>) = 0 [pid 5353] <... symlink resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5353] memfd_create("syzkaller", 0 [pid 5346] <... mount resumed>) = 0 [pid 5091] mkdir("./20", 0777 [pid 5090] <... openat resumed>) = 3 [pid 5353] <... memfd_create resumed>) = 3 [pid 5346] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] <... mkdir resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5346] <... openat resumed>) = 3 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5353] <... mmap resumed>) = 0x7f12a0a40000 [pid 5346] chdir("./file1" [pid 5091] <... openat resumed>) = 3 [pid 5090] close(3 [pid 5346] <... chdir resumed>) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5346] ioctl(4, LOOP_CLR_FD [pid 5090] <... close resumed>) = 0 [pid 5346] <... ioctl resumed>) = 0 [pid 5346] close(4) = 0 [pid 5346] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5346] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5346] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5346] exit_group(0) = ? [pid 5346] +++ exited with 0 +++ [ 113.481390][ T5350] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.502218][ T5346] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 113.512982][ T5350] REISERFS (device loop4): checking transaction log (loop4) [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5346, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5091] close(3) = 0 ./strace-static-x86_64: Process 5355 attached [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5355 [pid 5095] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5356 attached [pid 5355] chdir("./20" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5355] <... chdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5356 [pid 5355] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... openat resumed>) = 3 [pid 5095] fstat(3, [pid 5355] <... prctl resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5356] chdir("./20" [pid 5355] setpgid(0, 0 [pid 5356] <... chdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5355] <... setpgid resumed>) = 0 [pid 5356] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5356] <... prctl resumed>) = 0 [pid 5355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5356] setpgid(0, 0 [pid 5355] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5356] <... setpgid resumed>) = 0 [pid 5355] write(3, "1000", 4 [pid 5095] lstat("./20/binderfs", [pid 5356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5355] <... write resumed>) = 4 [pid 5356] <... openat resumed>) = 3 [pid 5355] close(3 [pid 5095] unlink("./20/binderfs" [pid 5356] write(3, "1000", 4 [pid 5355] <... close resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5356] <... write resumed>) = 4 [pid 5355] symlink("/dev/binderfs", "./binderfs" [pid 5356] close(3 [pid 5095] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5355] <... symlink resumed>) = 0 [pid 5356] <... close resumed>) = 0 [pid 5355] memfd_create("syzkaller", 0 [pid 5356] symlink("/dev/binderfs", "./binderfs" [pid 5355] <... memfd_create resumed>) = 3 [pid 5356] <... symlink resumed>) = 0 [pid 5355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5356] memfd_create("syzkaller", 0 [pid 5355] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./20/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5356] <... memfd_create resumed>) = 3 [pid 5356] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5356] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] <... openat resumed>) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./20/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./20") = 0 [pid 5093] mkdir("./21", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5353] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5357 ./strace-static-x86_64: Process 5357 attached [pid 5357] chdir("./21") = 0 [pid 5357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5357] setpgid(0, 0) = 0 [pid 5357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5357] write(3, "1000", 4) = 4 [pid 5357] close(3) = 0 [pid 5357] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5357] memfd_create("syzkaller", 0) = 3 [pid 5357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5356] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5355] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5350] <... mount resumed>) = 0 [ 113.757825][ T5350] REISERFS (device loop4): Using r5 hash to sort names [ 113.795252][ T5350] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5350] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5350] chdir("./file1") = 0 [pid 5350] ioctl(4, LOOP_CLR_FD) = 0 [pid 5350] close(4) = 0 [pid 5350] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5350] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5350] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5350] exit_group(0) = ? [pid 5350] +++ exited with 0 +++ [pid 5353] <... write resumed>) = 4194304 [pid 5095] <... umount2 resumed>) = 0 [pid 5353] munmap(0x7f12a0a40000, 4194304 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5350, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5353] <... munmap resumed>) = 0 [pid 5094] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5353] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5353] <... openat resumed>) = 4 [pid 5094] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5353] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... openat resumed>) = 3 [pid 5095] lstat("./20/file1", [pid 5094] fstat(3, [pid 5353] <... ioctl resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5353] close(3 [pid 5095] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5353] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] getdents64(3, [pid 5355] <... write resumed>) = 4194304 [pid 5353] mkdir("./file1", 0777 [pid 5095] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5353] <... mkdir resumed>) = 0 [pid 5357] <... write resumed>) = 4194304 [pid 5095] <... openat resumed>) = 4 [pid 5094] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5357] munmap(0x7f12a0a40000, 4194304 [pid 5353] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] fstat(4, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5357] <... munmap resumed>) = 0 [pid 5356] <... write resumed>) = 4194304 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] lstat("./21/binderfs", [pid 5355] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5355] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5357] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] getdents64(4, [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 113.900036][ T5353] loop2: detected capacity change from 0 to 8192 [ 113.933849][ T5353] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5355] ioctl(4, LOOP_SET_FD, 3 [pid 5357] <... openat resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] unlink("./21/binderfs" [pid 5356] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5356] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5357] ioctl(4, LOOP_SET_FD, 3 [pid 5095] getdents64(4, [pid 5357] <... ioctl resumed>) = 0 [pid 5356] <... openat resumed>) = 4 [pid 5355] <... ioctl resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5095] close(4 [pid 5094] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./20/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./20") = 0 [pid 5095] mkdir("./21", 0777 [pid 5357] close(3 [ 113.947803][ T5353] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 113.950834][ T5355] loop0: detected capacity change from 0 to 8192 [ 113.958334][ T5353] REISERFS (device loop2): using ordered data mode [ 113.971854][ T5357] loop3: detected capacity change from 0 to 8192 [ 113.972039][ T5353] reiserfs: using flush barriers [ 113.987622][ T5356] loop1: detected capacity change from 0 to 8192 [pid 5356] ioctl(4, LOOP_SET_FD, 3 [pid 5355] close(3 [pid 5095] <... mkdir resumed>) = 0 [pid 5357] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5357] mkdir("./file1", 0777 [pid 5095] <... openat resumed>) = 3 [pid 5357] <... mkdir resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5357] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] close(3 [pid 5355] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5355] mkdir("./file1", 0777 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5356] <... ioctl resumed>) = 0 [pid 5355] <... mkdir resumed>) = 0 [pid 5356] close(3 [pid 5355] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5356] <... close resumed>) = 0 [pid 5356] mkdir("./file1", 0777 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5360 [pid 5356] <... mkdir resumed>) = 0 [pid 5356] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5360 attached [pid 5360] chdir("./21") = 0 [ 113.994515][ T5353] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.024221][ T5357] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.026209][ T5353] REISERFS (device loop2): checking transaction log (loop2) [pid 5360] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5360] setpgid(0, 0) = 0 [pid 5360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5360] write(3, "1000", 4) = 4 [pid 5360] close(3) = 0 [pid 5360] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5360] memfd_create("syzkaller", 0) = 3 [pid 5360] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 114.045283][ T5355] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.063664][ T5356] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.096700][ T5357] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 114.109890][ T5355] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 114.128128][ T5356] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 114.152864][ T5357] REISERFS (device loop3): using ordered data mode [ 114.161203][ T5357] reiserfs: using flush barriers [ 114.173299][ T5357] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.189450][ T5356] REISERFS (device loop1): using ordered data mode [ 114.189468][ T5356] reiserfs: using flush barriers [pid 5360] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./21/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 114.196569][ T5357] REISERFS (device loop3): checking transaction log (loop3) [pid 5094] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./21/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./21") = 0 [pid 5094] mkdir("./22", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 114.224784][ T5355] REISERFS (device loop0): using ordered data mode [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5363 ./strace-static-x86_64: Process 5363 attached [pid 5363] chdir("./22") = 0 [pid 5360] <... write resumed>) = 4194304 [pid 5363] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5360] munmap(0x7f12a0a40000, 4194304 [pid 5363] <... prctl resumed>) = 0 [pid 5363] setpgid(0, 0 [pid 5360] <... munmap resumed>) = 0 [pid 5363] <... setpgid resumed>) = 0 [pid 5363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5360] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5363] <... openat resumed>) = 3 [pid 5360] <... openat resumed>) = 4 [pid 5363] write(3, "1000", 4 [pid 5360] ioctl(4, LOOP_SET_FD, 3 [pid 5363] <... write resumed>) = 4 [ 114.301442][ T5355] reiserfs: using flush barriers [ 114.309597][ T5356] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5363] close(3) = 0 [pid 5363] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5363] memfd_create("syzkaller", 0 [pid 5360] <... ioctl resumed>) = 0 [pid 5363] <... memfd_create resumed>) = 3 [pid 5360] close(3 [pid 5363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5360] <... close resumed>) = 0 [pid 5363] <... mmap resumed>) = 0x7f12a0a40000 [ 114.345065][ T5360] loop5: detected capacity change from 0 to 8192 [ 114.347085][ T5355] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.380696][ T5356] REISERFS (device loop1): checking transaction log (loop1) [pid 5360] mkdir("./file1", 0777) = 0 [ 114.397114][ T5357] REISERFS (device loop3): Using r5 hash to sort names [ 114.417667][ T5357] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 114.421680][ T5355] REISERFS (device loop0): checking transaction log (loop0) [pid 5360] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5357] <... mount resumed>) = 0 [pid 5357] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5357] chdir("./file1") = 0 [pid 5357] ioctl(4, LOOP_CLR_FD) = 0 [pid 5363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5357] close(4 [pid 5353] <... mount resumed>) = 0 [pid 5353] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5353] chdir("./file1") = 0 [pid 5353] ioctl(4, LOOP_CLR_FD) = 0 [pid 5353] close(4) = 0 [pid 5353] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5353] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5353] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5353] exit_group(0) = ? [pid 5353] +++ exited with 0 +++ [pid 5357] <... close resumed>) = 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5353, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5357] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5357] <... openat resumed>) = 4 [pid 5092] <... openat resumed>) = 3 [pid 5092] fstat(3, [pid 5357] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 114.435569][ T5360] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.451581][ T5353] REISERFS (device loop2): Using r5 hash to sort names [ 114.465242][ T5360] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 114.471725][ T5353] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] getdents64(3, [pid 5357] <... mmap resumed>) = 0x20000000 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5357] ioctl(4, FS_IOC_GETVERSION [pid 5092] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5357] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5357] exit_group(0 [pid 5092] lstat("./20/binderfs", [pid 5357] <... exit_group resumed>) = ? [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5357] +++ exited with 0 +++ [ 114.519862][ T5360] REISERFS (device loop5): using ordered data mode [ 114.533279][ T5360] reiserfs: using flush barriers [ 114.540653][ T5360] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5092] unlink("./20/binderfs" [pid 5363] <... write resumed>) = 4194304 [pid 5092] <... unlink resumed>) = 0 [pid 5363] munmap(0x7f12a0a40000, 4194304 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5357, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5092] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5363] <... munmap resumed>) = 0 [pid 5093] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5363] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5363] <... openat resumed>) = 4 [pid 5093] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5363] ioctl(4, LOOP_SET_FD, 3 [pid 5093] <... openat resumed>) = 3 [ 114.570592][ T5360] REISERFS (device loop5): checking transaction log (loop5) [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5363] <... ioctl resumed>) = 0 [pid 5363] close(3 [pid 5093] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5363] <... close resumed>) = 0 [pid 5093] lstat("./21/binderfs", [pid 5363] mkdir("./file1", 0777 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./21/binderfs" [pid 5363] <... mkdir resumed>) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5363] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 114.616296][ T5363] loop4: detected capacity change from 0 to 8192 [ 114.667220][ T5363] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.701964][ T5363] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5093] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [ 114.733883][ T5356] REISERFS (device loop1): Using r5 hash to sort names [ 114.761809][ T5355] REISERFS (device loop0): Using r5 hash to sort names [ 114.769891][ T5355] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5355] <... mount resumed>) = 0 [pid 5092] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5355] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5355] <... openat resumed>) = 3 [pid 5092] lstat("./20/file1", [pid 5355] chdir("./file1" [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5355] <... chdir resumed>) = 0 [pid 5092] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5355] ioctl(4, LOOP_CLR_FD [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5355] <... ioctl resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5355] close(4 [pid 5356] <... mount resumed>) = 0 [pid 5355] <... close resumed>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5355] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] fstat(4, [pid 5355] <... openat resumed>) = 4 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5356] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5355] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] getdents64(4, [pid 5355] <... mmap resumed>) = 0x20000000 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5355] ioctl(4, FS_IOC_GETVERSION [pid 5092] getdents64(4, [pid 5355] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5356] <... openat resumed>) = 3 [pid 5355] exit_group(0 [pid 5092] close(4 [pid 5356] chdir("./file1" [pid 5355] <... exit_group resumed>) = ? [pid 5092] <... close resumed>) = 0 [pid 5356] <... chdir resumed>) = 0 [pid 5355] +++ exited with 0 +++ [pid 5092] rmdir("./20/file1" [pid 5356] ioctl(4, LOOP_CLR_FD [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5355, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5092] <... rmdir resumed>) = 0 [pid 5090] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5356] <... ioctl resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5356] close(4 [pid 5092] getdents64(3, [pid 5090] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5356] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5356] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] close(3 [pid 5090] fstat(3, [pid 5356] <... openat resumed>) = 4 [pid 5092] <... close resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 114.776890][ T5356] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 114.780751][ T5363] REISERFS (device loop4): using ordered data mode [ 114.795723][ T5363] reiserfs: using flush barriers [ 114.811373][ T5363] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5356] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] rmdir("./20" [pid 5090] getdents64(3, [pid 5092] <... rmdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5356] <... mmap resumed>) = 0x20000000 [pid 5090] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] mkdir("./21", 0777 [pid 5356] ioctl(4, FS_IOC_GETVERSION [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./20/binderfs", [pid 5092] <... mkdir resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5356] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] unlink("./20/binderfs" [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5356] exit_group(0 [pid 5090] <... unlink resumed>) = 0 [pid 5356] <... exit_group resumed>) = ? [pid 5092] <... openat resumed>) = 3 [pid 5090] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5356] +++ exited with 0 +++ [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5356, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5366 [pid 5091] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5366 attached [pid 5360] <... mount resumed>) = 0 [pid 5360] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5360] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5366] chdir("./21" [pid 5360] chdir("./file1" [pid 5091] fstat(3, [pid 5366] <... chdir resumed>) = 0 [pid 5360] <... chdir resumed>) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5366] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5360] ioctl(4, LOOP_CLR_FD [pid 5091] getdents64(3, [pid 5366] <... prctl resumed>) = 0 [pid 5360] <... ioctl resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5360] close(4 [pid 5091] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5366] setpgid(0, 0 [pid 5360] <... close resumed>) = 0 [pid 5366] <... setpgid resumed>) = 0 [pid 5360] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5360] <... openat resumed>) = 4 [pid 5091] lstat("./20/binderfs", [pid 5366] <... openat resumed>) = 3 [pid 5360] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5366] write(3, "1000", 4 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5366] <... write resumed>) = 4 [pid 5360] <... mmap resumed>) = 0x20000000 [pid 5091] unlink("./20/binderfs" [pid 5366] close(3 [pid 5360] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5091] <... unlink resumed>) = 0 [pid 5366] <... close resumed>) = 0 [pid 5366] symlink("/dev/binderfs", "./binderfs" [pid 5360] exit_group(0 [pid 5091] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5366] <... symlink resumed>) = 0 [pid 5360] <... exit_group resumed>) = ? [ 114.845069][ T5360] REISERFS (device loop5): Using r5 hash to sort names [ 114.855926][ T5363] REISERFS (device loop4): checking transaction log (loop4) [ 114.873372][ T5360] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5366] memfd_create("syzkaller", 0 [pid 5360] +++ exited with 0 +++ [pid 5366] <... memfd_create resumed>) = 3 [pid 5366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5360, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5366] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./21/binderfs") = 0 [pid 5095] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./21/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./21/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5366] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] rmdir("./21") = 0 [pid 5093] mkdir("./22", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5367 ./strace-static-x86_64: Process 5367 attached [pid 5367] chdir("./22") = 0 [pid 5367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5367] setpgid(0, 0) = 0 [pid 5367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5367] write(3, "1000", 4) = 4 [pid 5367] close(3) = 0 [pid 5367] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5367] memfd_create("syzkaller", 0) = 3 [pid 5367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./20/file1", [pid 5090] lstat("./20/file1", [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... openat resumed>) = 4 [pid 5090] <... openat resumed>) = 4 [pid 5091] fstat(4, [pid 5090] fstat(4, [pid 5367] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, [pid 5090] getdents64(4, [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5366] <... write resumed>) = 4194304 [pid 5090] getdents64(4, [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5366] munmap(0x7f12a0a40000, 4194304 [pid 5091] close(4 [pid 5090] close(4 [pid 5366] <... munmap resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5366] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] rmdir("./20/file1" [pid 5090] rmdir("./20/file1" [pid 5366] <... openat resumed>) = 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5366] ioctl(4, LOOP_SET_FD, 3 [pid 5095] lstat("./21/file1", [pid 5091] getdents64(3, [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] <... close resumed>) = 0 [pid 5366] <... ioctl resumed>) = 0 [pid 5095] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] close(3 [pid 5090] rmdir("./20" [pid 5366] close(3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5366] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] rmdir("./20" [pid 5090] mkdir("./21", 0777 [pid 5366] mkdir("./file1", 0777 [pid 5095] <... openat resumed>) = 4 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5366] <... mkdir resumed>) = 0 [pid 5095] fstat(4, [pid 5091] mkdir("./21", 0777 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5366] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5095] getdents64(4, [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... openat resumed>) = 3 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] getdents64(4, [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5369 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 115.228305][ T5366] loop2: detected capacity change from 0 to 8192 [ 115.262117][ T5366] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5095] close(4 [pid 5091] close(3./strace-static-x86_64: Process 5369 attached [pid 5367] <... write resumed>) = 4194304 [pid 5095] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [ 115.277855][ T5363] REISERFS (device loop4): Using r5 hash to sort names [ 115.284925][ T5366] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 115.285018][ T5366] REISERFS (device loop2): using ordered data mode [ 115.285031][ T5366] reiserfs: using flush barriers [ 115.306650][ T5366] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5369] chdir("./21" [pid 5367] munmap(0x7f12a0a40000, 4194304 [pid 5095] rmdir("./21/file1" [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... rmdir resumed>) = 0 [pid 5369] <... chdir resumed>) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5367] <... munmap resumed>) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./21" [pid 5369] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... rmdir resumed>) = 0 [pid 5095] mkdir("./22", 0777 [pid 5369] <... prctl resumed>) = 0 [pid 5367] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] <... mkdir resumed>) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5370 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5369] setpgid(0, 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5367] <... openat resumed>) = 4 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5369] <... setpgid resumed>) = 0 [pid 5367] ioctl(4, LOOP_SET_FD, 3 [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5371 [pid 5369] <... openat resumed>) = 3 [pid 5369] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 5370 attached [pid 5369] close(3 [pid 5370] chdir("./21" [pid 5369] <... close resumed>) = 0 [pid 5367] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5371 attached [pid 5369] symlink("/dev/binderfs", "./binderfs" [pid 5371] chdir("./22") = 0 [pid 5371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5369] <... symlink resumed>) = 0 [pid 5371] setpgid(0, 0) = 0 [pid 5371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5369] memfd_create("syzkaller", 0 [pid 5371] <... openat resumed>) = 3 [pid 5370] <... chdir resumed>) = 0 [pid 5369] <... memfd_create resumed>) = 3 [pid 5367] close(3 [pid 5371] write(3, "1000", 4 [pid 5370] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5367] <... close resumed>) = 0 [pid 5371] <... write resumed>) = 4 [pid 5371] close(3) = 0 [pid 5371] symlink("/dev/binderfs", "./binderfs" [pid 5370] <... prctl resumed>) = 0 [pid 5369] <... mmap resumed>) = 0x7f12a0a40000 [pid 5367] mkdir("./file1", 0777 [pid 5371] <... symlink resumed>) = 0 [pid 5371] memfd_create("syzkaller", 0 [pid 5370] setpgid(0, 0 [pid 5371] <... memfd_create resumed>) = 3 [pid 5370] <... setpgid resumed>) = 0 [pid 5367] <... mkdir resumed>) = 0 [pid 5371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5371] <... mmap resumed>) = 0x7f12a0a40000 [pid 5367] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5370] <... openat resumed>) = 3 [pid 5370] write(3, "1000", 4 [pid 5363] <... mount resumed>) = 0 [pid 5370] <... write resumed>) = 4 [pid 5363] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5370] close(3 [pid 5363] <... openat resumed>) = 3 [pid 5370] <... close resumed>) = 0 [pid 5370] symlink("/dev/binderfs", "./binderfs" [pid 5363] chdir("./file1" [pid 5370] <... symlink resumed>) = 0 [pid 5363] <... chdir resumed>) = 0 [pid 5363] ioctl(4, LOOP_CLR_FD [pid 5370] memfd_create("syzkaller", 0 [pid 5363] <... ioctl resumed>) = 0 [pid 5370] <... memfd_create resumed>) = 3 [ 115.307887][ T5363] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 115.327743][ T5366] REISERFS (device loop2): checking transaction log (loop2) [ 115.347707][ T5367] loop3: detected capacity change from 0 to 8192 [pid 5363] close(4 [pid 5370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5363] <... close resumed>) = 0 [pid 5363] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5363] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5363] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5363] exit_group(0 [pid 5370] <... mmap resumed>) = 0x7f12a0a40000 [pid 5363] <... exit_group resumed>) = ? [pid 5363] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5363, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./22/binderfs") = 0 [ 115.410315][ T5367] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 115.458636][ T5367] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5369] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5369] munmap(0x7f12a0a40000, 4194304 [pid 5371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5369] <... munmap resumed>) = 0 [pid 5369] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5369] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5369] close(3) = 0 [ 115.525957][ T5367] REISERFS (device loop3): using ordered data mode [ 115.533523][ T5367] reiserfs: using flush barriers [ 115.543240][ T5367] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.559879][ T5369] loop0: detected capacity change from 0 to 8192 [pid 5369] mkdir("./file1", 0777 [pid 5370] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5369] <... mkdir resumed>) = 0 [ 115.577597][ T5367] REISERFS (device loop3): checking transaction log (loop3) [ 115.599032][ T5369] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.622489][ T5369] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5369] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5367] <... mount resumed>) = 0 [pid 5371] <... write resumed>) = 4194304 [pid 5370] <... write resumed>) = 4194304 [pid 5367] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... umount2 resumed>) = 0 [pid 5371] munmap(0x7f12a0a40000, 4194304 [pid 5367] <... openat resumed>) = 3 [pid 5094] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5371] <... munmap resumed>) = 0 [pid 5367] chdir("./file1" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5371] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5367] <... chdir resumed>) = 0 [ 115.691650][ T5367] REISERFS (device loop3): Using r5 hash to sort names [ 115.698879][ T5367] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 115.708619][ T5369] REISERFS (device loop0): using ordered data mode [ 115.725667][ T5369] reiserfs: using flush barriers [pid 5094] lstat("./22/file1", [pid 5371] <... openat resumed>) = 4 [pid 5367] ioctl(4, LOOP_CLR_FD [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5371] ioctl(4, LOOP_SET_FD, 3 [pid 5367] <... ioctl resumed>) = 0 [pid 5094] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5371] <... ioctl resumed>) = 0 [pid 5367] close(4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5371] close(3 [pid 5367] <... close resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5371] <... close resumed>) = 0 [pid 5367] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... openat resumed>) = 4 [pid 5371] mkdir("./file1", 0777 [pid 5367] <... openat resumed>) = 4 [pid 5094] fstat(4, [pid 5371] <... mkdir resumed>) = 0 [pid 5367] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5371] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5367] <... mmap resumed>) = 0x20000000 [pid 5094] getdents64(4, [pid 5367] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5367] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] getdents64(4, [pid 5367] exit_group(0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5367] <... exit_group resumed>) = ? [pid 5094] close(4 [pid 5367] +++ exited with 0 +++ [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./22/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./22") = 0 [pid 5094] mkdir("./23", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5375 ./strace-static-x86_64: Process 5375 attached [pid 5375] chdir("./23") = 0 [pid 5375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5375] setpgid(0, 0) = 0 [pid 5375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5375] write(3, "1000", 4) = 4 [pid 5375] close(3) = 0 [pid 5375] symlink("/dev/binderfs", "./binderfs") = 0 [ 115.738923][ T5369] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.756287][ T5371] loop5: detected capacity change from 0 to 8192 [ 115.759983][ T5366] REISERFS (device loop2): Using r5 hash to sort names [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5367, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5370] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5375] memfd_create("syzkaller", 0) = 3 [pid 5375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5370] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] <... restart_syscall resumed>) = 0 [pid 5370] <... openat resumed>) = 4 [ 115.791875][ T5371] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.797345][ T5366] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 115.816332][ T5369] REISERFS (device loop0): checking transaction log (loop0) [ 115.826330][ T5370] loop1: detected capacity change from 0 to 8192 [ 115.829594][ T5371] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5370] ioctl(4, LOOP_SET_FD, 3 [pid 5093] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5370] <... ioctl resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5370] close(3 [pid 5093] <... openat resumed>) = 3 [pid 5370] <... close resumed>) = 0 [pid 5093] fstat(3, [pid 5370] mkdir("./file1", 0777 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5370] <... mkdir resumed>) = 0 [pid 5093] getdents64(3, [pid 5370] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 115.842576][ T5371] REISERFS (device loop5): using ordered data mode [ 115.849131][ T5371] reiserfs: using flush barriers [ 115.856244][ T5371] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.873247][ T5371] REISERFS (device loop5): checking transaction log (loop5) [pid 5093] lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5366] <... mount resumed>) = 0 [pid 5093] unlink("./22/binderfs" [pid 5366] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... unlink resumed>) = 0 [pid 5366] <... openat resumed>) = 3 [ 115.882001][ T5370] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5375] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5366] chdir("./file1") = 0 [pid 5366] ioctl(4, LOOP_CLR_FD) = 0 [pid 5366] close(4) = 0 [pid 5366] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 115.916549][ T5370] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 115.938007][ T5370] REISERFS (device loop1): using ordered data mode [ 115.956157][ T5370] reiserfs: using flush barriers [pid 5366] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5366] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 115.965831][ T5370] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5375] <... write resumed>) = 4194304 [pid 5366] exit_group(0 [pid 5375] munmap(0x7f12a0a40000, 4194304 [pid 5366] <... exit_group resumed>) = ? [pid 5375] <... munmap resumed>) = 0 [pid 5366] +++ exited with 0 +++ [pid 5375] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5366, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5375] <... openat resumed>) = 4 [pid 5375] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5375] close(3) = 0 [ 116.009359][ T5370] REISERFS (device loop1): checking transaction log (loop1) [ 116.037417][ T5369] REISERFS (device loop0): Using r5 hash to sort names [ 116.043725][ T5375] loop4: detected capacity change from 0 to 8192 [pid 5375] mkdir("./file1", 0777 [pid 5092] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5375] <... mkdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5375] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./21/binderfs") = 0 [ 116.056440][ T5369] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 116.088785][ T5375] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.117269][ T5375] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 116.136665][ T5375] REISERFS (device loop4): using ordered data mode [ 116.143828][ T5375] reiserfs: using flush barriers [ 116.144270][ T5370] REISERFS (device loop1): Using r5 hash to sort names [pid 5092] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5369] <... mount resumed>) = 0 [pid 5369] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5369] chdir("./file1") = 0 [pid 5369] ioctl(4, LOOP_CLR_FD) = 0 [pid 5369] close(4 [pid 5093] <... umount2 resumed>) = 0 [pid 5369] <... close resumed>) = 0 [pid 5369] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5093] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5369] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5369] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./22/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 116.156575][ T5375] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.182285][ T5375] REISERFS (device loop4): checking transaction log (loop4) [ 116.200194][ T5370] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5369] exit_group(0 [pid 5093] getdents64(4, [pid 5369] <... exit_group resumed>) = ? [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5369] +++ exited with 0 +++ [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5369, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5093] <... close resumed>) = 0 [pid 5093] rmdir("./22/file1" [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5093] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, [pid 5090] <... restart_syscall resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./22") = 0 [pid 5090] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] mkdir("./23", 0777) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5090] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5370] <... mount resumed>) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... openat resumed>) = 3 [pid 5370] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] close(3 [pid 5090] fstat(3, [pid 5370] <... openat resumed>) = 3 [pid 5093] <... close resumed>) = 0 [pid 5370] chdir("./file1" [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5370] <... chdir resumed>) = 0 [pid 5370] ioctl(4, LOOP_CLR_FD [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5378 [pid 5090] getdents64(3, [pid 5370] <... ioctl resumed>) = 0 [pid 5370] close(4 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5370] <... close resumed>) = 0 [pid 5090] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5370] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 5378 attached ) = 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5378] chdir("./23" [pid 5370] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] lstat("./21/binderfs", [pid 5378] <... chdir resumed>) = 0 [pid 5370] <... mmap resumed>) = 0x20000000 [pid 5378] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5370] ioctl(4, FS_IOC_GETVERSION [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5378] <... prctl resumed>) = 0 [pid 5370] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] unlink("./21/binderfs" [pid 5378] setpgid(0, 0 [pid 5370] exit_group(0 [pid 5378] <... setpgid resumed>) = 0 [pid 5370] <... exit_group resumed>) = ? [pid 5090] <... unlink resumed>) = 0 [pid 5378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5370] +++ exited with 0 +++ [pid 5090] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5378] <... openat resumed>) = 3 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5370, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5378] write(3, "1000", 4) = 4 [pid 5378] close(3) = 0 [pid 5378] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5378] memfd_create("syzkaller", 0 [pid 5091] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5378] <... memfd_create resumed>) = 3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5378] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] <... openat resumed>) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./21/binderfs") = 0 [ 116.327467][ T5371] REISERFS (device loop5): Using r5 hash to sort names [pid 5091] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./21/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5092] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] lstat("./21/file1", [pid 5092] <... openat resumed>) = 4 [pid 5092] fstat(4, [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] getdents64(4, [pid 5091] <... openat resumed>) = 4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] fstat(4, [pid 5092] close(4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... close resumed>) = 0 [pid 5091] getdents64(4, [pid 5092] rmdir("./21/file1" [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5371] <... mount resumed>) = 0 [pid 5091] getdents64(4, [pid 5092] <... rmdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5371] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] getdents64(3, [pid 5091] close(4 [pid 5371] <... openat resumed>) = 3 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... close resumed>) = 0 [pid 5371] chdir("./file1" [pid 5092] close(3 [pid 5091] rmdir("./21/file1" [pid 5371] <... chdir resumed>) = 0 [ 116.375844][ T5371] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 116.391550][ T5375] REISERFS (device loop4): Using r5 hash to sort names [ 116.399004][ T5375] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] <... close resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5375] <... mount resumed>) = 0 [pid 5371] ioctl(4, LOOP_CLR_FD [pid 5092] rmdir("./21" [pid 5091] getdents64(3, [pid 5375] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5371] <... ioctl resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5375] <... openat resumed>) = 3 [pid 5371] close(4 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] close(3 [pid 5378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5375] chdir("./file1" [pid 5371] <... close resumed>) = 0 [pid 5092] mkdir("./22", 0777 [pid 5091] <... close resumed>) = 0 [pid 5375] <... chdir resumed>) = 0 [pid 5371] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] rmdir("./21" [pid 5375] ioctl(4, LOOP_CLR_FD [pid 5371] <... openat resumed>) = 4 [pid 5092] <... mkdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5375] <... ioctl resumed>) = 0 [pid 5371] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] mkdir("./22", 0777 [pid 5375] close(4 [pid 5371] <... mmap resumed>) = 0x20000000 [pid 5091] <... mkdir resumed>) = 0 [pid 5375] <... close resumed>) = 0 [pid 5371] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... openat resumed>) = 3 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5375] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5371] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5371] exit_group(0 [pid 5375] <... openat resumed>) = 4 [pid 5371] <... exit_group resumed>) = ? [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5375] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5371] +++ exited with 0 +++ [pid 5092] close(3 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5371, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5375] <... mmap resumed>) = 0x20000000 [pid 5092] <... close resumed>) = 0 [pid 5375] ioctl(4, FS_IOC_GETVERSION [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5375] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5379 attached [pid 5375] exit_group(0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = 0 [pid 5379] chdir("./22" [pid 5375] <... exit_group resumed>) = ? [pid 5095] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5379 [pid 5090] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5379] <... chdir resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5379] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5375] +++ exited with 0 +++ [pid 5095] fstat(3, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5379] <... prctl resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5090] lstat("./21/file1", [pid 5379] setpgid(0, 0 [pid 5378] <... write resumed>) = 4194304 [pid 5095] getdents64(3, [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5375, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5379] <... setpgid resumed>) = 0 [pid 5378] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5378] <... munmap resumed>) = 0 [pid 5095] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... restart_syscall resumed>) = 0 [pid 5091] close(3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5379] <... openat resumed>) = 3 [pid 5378] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5379] write(3, "1000", 4 [pid 5378] <... openat resumed>) = 4 [pid 5095] lstat("./22/binderfs", [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5379] <... write resumed>) = 4 [pid 5378] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 4 [pid 5379] close(3 [pid 5095] unlink("./22/binderfs" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5380 [pid 5095] <... unlink resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5379] <... close resumed>) = 0 [pid 5094] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] fstat(4, ./strace-static-x86_64: Process 5380 attached [pid 5379] symlink("/dev/binderfs", "./binderfs" [pid 5378] <... ioctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5380] chdir("./22" [pid 5379] <... symlink resumed>) = 0 [pid 5378] close(3 [pid 5094] lstat("./23/binderfs", [pid 5090] getdents64(4, [pid 5380] <... chdir resumed>) = 0 [pid 5379] memfd_create("syzkaller", 0 [pid 5378] <... close resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5380] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5379] <... memfd_create resumed>) = 3 [pid 5378] mkdir("./file1", 0777 [pid 5094] unlink("./23/binderfs" [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5380] <... prctl resumed>) = 0 [pid 5379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5378] <... mkdir resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5090] getdents64(4, [pid 5380] setpgid(0, 0 [pid 5379] <... mmap resumed>) = 0x7f12a0a40000 [pid 5378] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5380] <... setpgid resumed>) = 0 [pid 5090] close(4 [pid 5380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] <... close resumed>) = 0 [ 116.554055][ T5378] loop3: detected capacity change from 0 to 8192 [pid 5380] write(3, "1000", 4 [pid 5090] rmdir("./21/file1" [pid 5380] <... write resumed>) = 4 [pid 5380] close(3 [pid 5090] <... rmdir resumed>) = 0 [pid 5380] <... close resumed>) = 0 [pid 5380] symlink("/dev/binderfs", "./binderfs" [pid 5090] getdents64(3, [pid 5380] <... symlink resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5380] memfd_create("syzkaller", 0 [pid 5090] close(3 [pid 5380] <... memfd_create resumed>) = 3 [pid 5380] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] <... close resumed>) = 0 [pid 5380] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] rmdir("./21") = 0 [pid 5090] mkdir("./22", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [ 116.621750][ T5378] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5382 ./strace-static-x86_64: Process 5382 attached [pid 5379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5382] chdir("./22" [pid 5094] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5382] <... chdir resumed>) = 0 [pid 5094] lstat("./23/file1", [pid 5382] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5382] <... prctl resumed>) = 0 [pid 5094] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5382] setpgid(0, 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5382] <... setpgid resumed>) = 0 [ 116.669942][ T5378] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5094] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] <... openat resumed>) = 4 [pid 5382] <... openat resumed>) = 3 [pid 5094] fstat(4, [pid 5382] write(3, "1000", 4 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5382] <... write resumed>) = 4 [pid 5094] getdents64(4, [pid 5382] close(3 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5382] <... close resumed>) = 0 [pid 5094] getdents64(4, [pid 5382] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5382] <... symlink resumed>) = 0 [pid 5094] close(4) = 0 [pid 5382] memfd_create("syzkaller", 0 [pid 5094] rmdir("./23/file1" [pid 5382] <... memfd_create resumed>) = 3 [pid 5379] <... write resumed>) = 4194304 [pid 5094] <... rmdir resumed>) = 0 [pid 5382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5379] munmap(0x7f12a0a40000, 4194304 [pid 5094] getdents64(3, [pid 5382] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5380] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5379] <... munmap resumed>) = 0 [pid 5094] rmdir("./23" [pid 5379] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] <... rmdir resumed>) = 0 [pid 5379] <... openat resumed>) = 4 [pid 5094] mkdir("./24", 0777 [pid 5379] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... mkdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 116.760639][ T5378] REISERFS (device loop3): using ordered data mode [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5379] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5379] close(3) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5383 ./strace-static-x86_64: Process 5383 attached [pid 5382] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5379] mkdir("./file1", 0777 [pid 5095] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5383] chdir("./24" [pid 5379] <... mkdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5383] <... chdir resumed>) = 0 [pid 5379] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] lstat("./22/file1", [pid 5383] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5383] <... prctl resumed>) = 0 [pid 5095] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5383] setpgid(0, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5383] <... setpgid resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... openat resumed>) = 4 [pid 5383] <... openat resumed>) = 3 [ 116.808957][ T5379] loop2: detected capacity change from 0 to 8192 [ 116.825867][ T5378] reiserfs: using flush barriers [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5383] write(3, "1000", 4 [pid 5095] getdents64(4, [pid 5383] <... write resumed>) = 4 [pid 5383] close(3 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5383] <... close resumed>) = 0 [pid 5095] getdents64(4, [pid 5383] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5383] <... symlink resumed>) = 0 [pid 5095] close(4 [pid 5383] memfd_create("syzkaller", 0 [pid 5095] <... close resumed>) = 0 [pid 5383] <... memfd_create resumed>) = 3 [ 116.855882][ T5379] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.869827][ T5378] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5095] rmdir("./22/file1" [pid 5383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5383] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./22") = 0 [pid 5095] mkdir("./23", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [ 116.905733][ T5379] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 116.916301][ T5379] REISERFS (device loop2): using ordered data mode [ 116.924392][ T5379] reiserfs: using flush barriers [ 116.932093][ T5378] REISERFS (device loop3): checking transaction log (loop3) [pid 5382] <... write resumed>) = 4194304 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5385 attached [ 116.942625][ T5379] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5382] munmap(0x7f12a0a40000, 4194304 [pid 5385] chdir("./23" [pid 5382] <... munmap resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5385 [pid 5385] <... chdir resumed>) = 0 [pid 5382] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5385] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5382] <... openat resumed>) = 4 [pid 5385] <... prctl resumed>) = 0 [pid 5382] ioctl(4, LOOP_SET_FD, 3 [pid 5385] setpgid(0, 0 [pid 5382] <... ioctl resumed>) = 0 [pid 5385] <... setpgid resumed>) = 0 [pid 5382] close(3 [pid 5385] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5382] <... close resumed>) = 0 [pid 5385] <... openat resumed>) = 3 [pid 5382] mkdir("./file1", 0777 [pid 5385] write(3, "1000", 4) = 4 [pid 5385] close(3) = 0 [pid 5382] <... mkdir resumed>) = 0 [pid 5385] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5385] memfd_create("syzkaller", 0 [pid 5382] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5380] <... write resumed>) = 4194304 [ 116.985424][ T5379] REISERFS (device loop2): checking transaction log (loop2) [ 117.000954][ T5382] loop0: detected capacity change from 0 to 8192 [pid 5385] <... memfd_create resumed>) = 3 [pid 5383] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5380] munmap(0x7f12a0a40000, 4194304 [pid 5385] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5380] <... munmap resumed>) = 0 [pid 5385] <... mmap resumed>) = 0x7f12a0a40000 [pid 5380] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 117.028578][ T5382] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.058393][ T5382] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5380] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5380] close(3) = 0 [pid 5380] mkdir("./file1", 0777) = 0 [ 117.074111][ T5380] loop1: detected capacity change from 0 to 8192 [ 117.084633][ T5382] REISERFS (device loop0): using ordered data mode [ 117.105183][ T5380] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.105723][ T5382] reiserfs: using flush barriers [pid 5380] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 117.133139][ T5380] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 117.142057][ T5382] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.142499][ T5378] REISERFS (device loop3): Using r5 hash to sort names [ 117.159839][ T5380] REISERFS (device loop1): using ordered data mode [pid 5385] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5385] munmap(0x7f12a0a40000, 4194304 [pid 5383] <... write resumed>) = 4194304 [pid 5378] <... mount resumed>) = 0 [pid 5385] <... munmap resumed>) = 0 [pid 5383] munmap(0x7f12a0a40000, 4194304 [pid 5385] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5383] <... munmap resumed>) = 0 [pid 5385] <... openat resumed>) = 4 [pid 5383] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 117.215078][ T5380] reiserfs: using flush barriers [ 117.215108][ T5382] REISERFS (device loop0): checking transaction log (loop0) [ 117.228008][ T5378] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 117.245479][ T5385] loop5: detected capacity change from 0 to 8192 [pid 5385] ioctl(4, LOOP_SET_FD, 3 [pid 5383] <... openat resumed>) = 4 [pid 5378] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5383] ioctl(4, LOOP_SET_FD, 3 [pid 5378] <... openat resumed>) = 3 [pid 5378] chdir("./file1" [pid 5385] <... ioctl resumed>) = 0 [pid 5378] <... chdir resumed>) = 0 [pid 5385] close(3 [pid 5378] ioctl(4, LOOP_CLR_FD [pid 5385] <... close resumed>) = 0 [pid 5378] <... ioctl resumed>) = 0 [pid 5385] mkdir("./file1", 0777 [pid 5378] close(4 [pid 5385] <... mkdir resumed>) = 0 [pid 5378] <... close resumed>) = 0 [pid 5385] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5378] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5378] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5378] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5378] exit_group(0) = ? [pid 5378] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5378, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5093] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 117.246049][ T5380] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.252992][ T5383] loop4: detected capacity change from 0 to 8192 [ 117.293765][ T5385] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 117.311643][ T5380] REISERFS (device loop1): checking transaction log (loop1) [pid 5093] unlink("./23/binderfs") = 0 [pid 5093] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5383] <... ioctl resumed>) = 0 [pid 5383] close(3) = 0 [ 117.363715][ T5379] REISERFS (device loop2): Using r5 hash to sort names [ 117.366645][ T5385] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 117.382329][ T5385] REISERFS (device loop5): using ordered data mode [ 117.388901][ T5385] reiserfs: using flush barriers [ 117.397887][ T5385] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5383] mkdir("./file1", 0777) = 0 [ 117.406767][ T5380] REISERFS (device loop1): Using r5 hash to sort names [ 117.415467][ T5385] REISERFS (device loop5): checking transaction log (loop5) [ 117.444382][ T5379] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5383] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5379] <... mount resumed>) = 0 [pid 5379] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5379] chdir("./file1") = 0 [pid 5379] ioctl(4, LOOP_CLR_FD) = 0 [pid 5379] close(4) = 0 [ 117.454492][ T5383] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.458076][ T5380] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 117.471413][ T5383] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 117.486105][ T5383] REISERFS (device loop4): using ordered data mode [ 117.500463][ T5383] reiserfs: using flush barriers [pid 5379] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5379] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5379] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5379] exit_group(0) = ? [pid 5379] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5379, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5092] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./22/binderfs") = 0 [pid 5092] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5380] <... mount resumed>) = 0 [pid 5380] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 117.516528][ T5383] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.539141][ T5383] REISERFS (device loop4): checking transaction log (loop4) [pid 5380] chdir("./file1" [pid 5093] <... umount2 resumed>) = 0 [pid 5380] <... chdir resumed>) = 0 [pid 5380] ioctl(4, LOOP_CLR_FD [pid 5093] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5380] <... ioctl resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5380] close(4) = 0 [pid 5093] lstat("./23/file1", [pid 5380] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5380] <... openat resumed>) = 4 [pid 5380] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5380] <... mmap resumed>) = 0x20000000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5380] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5093] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5380] exit_group(0) = ? [pid 5093] <... openat resumed>) = 4 [pid 5380] +++ exited with 0 +++ [pid 5093] fstat(4, [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5380, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, [pid 5093] getdents64(4, [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] getdents64(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] lstat("./22/binderfs", [pid 5093] close(4 [pid 5092] <... umount2 resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] unlink("./22/binderfs" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... unlink resumed>) = 0 [pid 5092] lstat("./22/file1", [pid 5091] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, [pid 5093] rmdir("./23/file1" [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./22/file1" [pid 5093] getdents64(3, [pid 5092] <... rmdir resumed>) = 0 [ 117.672409][ T5385] REISERFS (device loop5): Using r5 hash to sort names [ 117.684880][ T5385] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] getdents64(3, [pid 5093] close(3 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5093] <... close resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5385] <... mount resumed>) = 0 [pid 5092] rmdir("./22" [pid 5385] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] rmdir("./23" [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./23", 0777 [pid 5385] <... openat resumed>) = 3 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5385] chdir("./file1" [pid 5093] mkdir("./24", 0777 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5385] <... chdir resumed>) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5390 [pid 5385] ioctl(4, LOOP_CLR_FD) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5385] close(4) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5385] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... openat resumed>) = 3 [pid 5385] <... openat resumed>) = 4 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5385] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5385] <... mmap resumed>) = 0x20000000 [pid 5093] close(3 [pid 5385] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... close resumed>) = 0 [pid 5385] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5385] exit_group(0) = ? [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5391 [pid 5385] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5385, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5095] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5391 attached [pid 5095] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5390 attached [pid 5391] chdir("./24" [pid 5095] <... openat resumed>) = 3 [pid 5391] <... chdir resumed>) = 0 [pid 5095] fstat(3, [pid 5391] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5391] <... prctl resumed>) = 0 [pid 5095] getdents64(3, [pid 5391] setpgid(0, 0 [pid 5390] chdir("./23" [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5391] <... setpgid resumed>) = 0 [pid 5095] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5390] <... chdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5391] <... openat resumed>) = 3 [pid 5095] lstat("./23/binderfs", [pid 5391] write(3, "1000", 4 [pid 5390] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5391] <... write resumed>) = 4 [pid 5095] unlink("./23/binderfs" [pid 5391] close(3 [pid 5390] <... prctl resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [ 117.712596][ T5382] REISERFS (device loop0): Using r5 hash to sort names [ 117.719829][ T5382] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 117.747805][ T5383] REISERFS (device loop4): Using r5 hash to sort names [pid 5391] <... close resumed>) = 0 [pid 5390] setpgid(0, 0 [pid 5382] <... mount resumed>) = 0 [pid 5095] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5391] symlink("/dev/binderfs", "./binderfs" [pid 5390] <... setpgid resumed>) = 0 [pid 5382] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5391] <... symlink resumed>) = 0 [pid 5382] <... openat resumed>) = 3 [pid 5391] memfd_create("syzkaller", 0 [pid 5382] chdir("./file1" [pid 5391] <... memfd_create resumed>) = 3 [pid 5391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5382] <... chdir resumed>) = 0 [pid 5391] <... mmap resumed>) = 0x7f12a0a40000 [pid 5382] ioctl(4, LOOP_CLR_FD) = 0 [pid 5382] close(4) = 0 [pid 5382] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5382] <... openat resumed>) = 4 [pid 5390] <... openat resumed>) = 3 [pid 5382] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5390] write(3, "1000", 4 [pid 5382] <... mmap resumed>) = 0x20000000 [pid 5390] <... write resumed>) = 4 [pid 5382] ioctl(4, FS_IOC_GETVERSION [pid 5390] close(3 [pid 5382] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5382] exit_group(0 [pid 5390] <... close resumed>) = 0 [pid 5382] <... exit_group resumed>) = ? [pid 5390] symlink("/dev/binderfs", "./binderfs" [pid 5382] +++ exited with 0 +++ [pid 5390] <... symlink resumed>) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5382, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5390] memfd_create("syzkaller", 0) = 3 [pid 5090] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5390] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] <... openat resumed>) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, [pid 5383] <... mount resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [ 117.803070][ T5383] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5383] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5090] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5383] chdir("./file1" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5383] <... chdir resumed>) = 0 [pid 5090] lstat("./22/binderfs", [pid 5383] ioctl(4, LOOP_CLR_FD [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./22/binderfs" [pid 5383] <... ioctl resumed>) = 0 [pid 5383] close(4 [pid 5090] <... unlink resumed>) = 0 [pid 5383] <... close resumed>) = 0 [pid 5090] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5383] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5383] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5383] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5383] exit_group(0) = ? [pid 5383] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5383, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5094] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./24/binderfs") = 0 [pid 5094] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./22/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./22/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./22") = 0 [pid 5091] mkdir("./23", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5392 ./strace-static-x86_64: Process 5392 attached [pid 5392] chdir("./23") = 0 [pid 5392] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5392] setpgid(0, 0) = 0 [pid 5392] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5392] write(3, "1000", 4) = 4 [pid 5392] close(3) = 0 [pid 5392] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5392] memfd_create("syzkaller", 0) = 3 [pid 5392] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./23/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4 [pid 5392] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./23/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./23") = 0 [pid 5095] mkdir("./24", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5393 ./strace-static-x86_64: Process 5393 attached [pid 5393] chdir("./24") = 0 [pid 5393] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5393] setpgid(0, 0) = 0 [pid 5393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5391] <... write resumed>) = 4194304 [pid 5393] <... openat resumed>) = 3 [pid 5393] write(3, "1000", 4) = 4 [pid 5393] close(3) = 0 [pid 5393] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5393] memfd_create("syzkaller", 0) = 3 [pid 5393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5391] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5391] <... munmap resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = 0 [pid 5094] lstat("./24/file1", [pid 5391] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5391] <... openat resumed>) = 4 [pid 5094] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5391] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... openat resumed>) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5391] <... ioctl resumed>) = 0 [pid 5390] <... write resumed>) = 4194304 [pid 5094] getdents64(4, [pid 5090] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5391] close(3 [pid 5390] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5391] <... close resumed>) = 0 [pid 5094] close(4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... close resumed>) = 0 [pid 5391] mkdir("./file1", 0777 [pid 5390] <... munmap resumed>) = 0 [pid 5094] rmdir("./24/file1" [pid 5090] lstat("./22/file1", [pid 5391] <... mkdir resumed>) = 0 [pid 5390] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] <... rmdir resumed>) = 0 [pid 5390] <... openat resumed>) = 4 [pid 5094] getdents64(3, [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5391] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5390] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(3) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] rmdir("./24") = 0 [pid 5094] mkdir("./25", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5090] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5393] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5390] <... ioctl resumed>) = 0 [ 118.197123][ T5391] loop3: detected capacity change from 0 to 8192 [ 118.219483][ T5390] loop2: detected capacity change from 0 to 8192 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5390] close(3 [pid 5090] <... openat resumed>) = 4 [pid 5390] <... close resumed>) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5395 ./strace-static-x86_64: Process 5395 attached [pid 5395] chdir("./25") = 0 [pid 5395] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5395] setpgid(0, 0) = 0 [pid 5395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5395] write(3, "1000", 4) = 4 [pid 5395] close(3) = 0 [pid 5395] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5395] memfd_create("syzkaller", 0) = 3 [pid 5395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5390] mkdir("./file1", 0777 [pid 5090] fstat(4, [pid 5390] <... mkdir resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5390] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./22/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./22") = 0 [pid 5090] mkdir("./23", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 118.245318][ T5391] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 118.284254][ T5390] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5397 ./strace-static-x86_64: Process 5397 attached [pid 5397] chdir("./23") = 0 [pid 5397] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5397] setpgid(0, 0) = 0 [pid 5397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5397] write(3, "1000", 4) = 4 [pid 5397] close(3) = 0 [ 118.301505][ T5391] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 118.310773][ T5391] REISERFS (device loop3): using ordered data mode [ 118.318797][ T5391] reiserfs: using flush barriers [pid 5397] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5395] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5397] memfd_create("syzkaller", 0) = 3 [pid 5397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5392] <... write resumed>) = 4194304 [pid 5392] munmap(0x7f12a0a40000, 4194304) = 0 [ 118.340865][ T5391] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.341909][ T5390] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 118.371338][ T5390] REISERFS (device loop2): using ordered data mode [ 118.379139][ T5390] reiserfs: using flush barriers [pid 5392] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5392] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5392] close(3) = 0 [pid 5395] <... write resumed>) = 4194304 [pid 5392] mkdir("./file1", 0777) = 0 [ 118.388513][ T5390] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.388674][ T5391] REISERFS (device loop3): checking transaction log (loop3) [ 118.406307][ T5392] loop1: detected capacity change from 0 to 8192 [pid 5392] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5395] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5395] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5395] ioctl(4, LOOP_SET_FD, 3 [pid 5393] <... write resumed>) = 4194304 [ 118.448244][ T5390] REISERFS (device loop2): checking transaction log (loop2) [ 118.474383][ T5392] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5397] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5395] <... ioctl resumed>) = 0 [pid 5395] close(3) = 0 [pid 5395] mkdir("./file1", 0777) = 0 [pid 5395] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5393] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5393] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 118.499804][ T5395] loop4: detected capacity change from 0 to 8192 [ 118.502444][ T5392] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 118.531356][ T5395] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5393] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5393] close(3) = 0 [pid 5393] mkdir("./file1", 0777) = 0 [ 118.554033][ T5393] loop5: detected capacity change from 0 to 8192 [ 118.558432][ T5395] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 118.590675][ T5395] REISERFS (device loop4): using ordered data mode [ 118.593096][ T5392] REISERFS (device loop1): using ordered data mode [ 118.597751][ T5395] reiserfs: using flush barriers [ 118.611325][ T5393] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 118.612756][ T5395] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.644125][ T5395] REISERFS (device loop4): checking transaction log (loop4) [ 118.654283][ T5390] REISERFS (device loop2): Using r5 hash to sort names [ 118.656806][ T5392] reiserfs: using flush barriers [ 118.671772][ T5392] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.688331][ T5392] REISERFS (device loop1): checking transaction log (loop1) [ 118.694003][ T5393] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5393] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5397] <... write resumed>) = 4194304 [pid 5390] <... mount resumed>) = 0 [pid 5397] munmap(0x7f12a0a40000, 4194304 [pid 5390] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5397] <... munmap resumed>) = 0 [pid 5390] <... openat resumed>) = 3 [pid 5397] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5390] chdir("./file1" [pid 5397] <... openat resumed>) = 4 [pid 5390] <... chdir resumed>) = 0 [pid 5397] ioctl(4, LOOP_SET_FD, 3 [ 118.700843][ T5390] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 118.728417][ T5393] REISERFS (device loop5): using ordered data mode [ 118.744228][ T5391] REISERFS (device loop3): Using r5 hash to sort names [pid 5390] ioctl(4, LOOP_CLR_FD [pid 5397] <... ioctl resumed>) = 0 [pid 5390] <... ioctl resumed>) = 0 [pid 5397] close(3 [pid 5390] close(4 [pid 5397] <... close resumed>) = 0 [pid 5390] <... close resumed>) = 0 [pid 5391] <... mount resumed>) = 0 [pid 5397] mkdir("./file1", 0777 [pid 5391] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 118.764742][ T5397] loop0: detected capacity change from 0 to 8192 [ 118.767358][ T5393] reiserfs: using flush barriers [ 118.774498][ T5391] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 118.796437][ T5393] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5390] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5397] <... mkdir resumed>) = 0 [pid 5391] <... openat resumed>) = 3 [pid 5390] <... openat resumed>) = 4 [pid 5397] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5391] chdir("./file1" [pid 5390] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5391] <... chdir resumed>) = 0 [pid 5390] <... mmap resumed>) = 0x20000000 [pid 5391] ioctl(4, LOOP_CLR_FD) = 0 [pid 5390] ioctl(4, FS_IOC_GETVERSION [pid 5391] close(4 [pid 5390] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5391] <... close resumed>) = 0 [pid 5390] exit_group(0 [pid 5391] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5390] <... exit_group resumed>) = ? [pid 5391] <... openat resumed>) = 4 [pid 5390] +++ exited with 0 +++ [ 118.818680][ T5393] REISERFS (device loop5): checking transaction log (loop5) [ 118.851687][ T5397] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5391] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5391] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5391] exit_group(0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5390, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5391] <... exit_group resumed>) = ? [pid 5391] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5391, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5093] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... openat resumed>) = 3 [pid 5092] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] fstat(3, [pid 5092] <... openat resumed>) = 3 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] fstat(3, [pid 5093] getdents64(3, [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] getdents64(3, [pid 5093] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] lstat("./24/binderfs", [ 118.881493][ T5397] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 118.897789][ T5392] REISERFS (device loop1): Using r5 hash to sort names [ 118.917797][ T5392] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] lstat("./23/binderfs", [pid 5093] unlink("./24/binderfs" [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5092] unlink("./23/binderfs" [pid 5093] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... unlink resumed>) = 0 [pid 5092] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5395] <... mount resumed>) = 0 [pid 5392] <... mount resumed>) = 0 [pid 5395] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5392] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5395] <... openat resumed>) = 3 [pid 5392] <... openat resumed>) = 3 [pid 5395] chdir("./file1" [pid 5392] chdir("./file1" [pid 5395] <... chdir resumed>) = 0 [pid 5392] <... chdir resumed>) = 0 [pid 5395] ioctl(4, LOOP_CLR_FD [pid 5392] ioctl(4, LOOP_CLR_FD [pid 5395] <... ioctl resumed>) = 0 [pid 5392] <... ioctl resumed>) = 0 [pid 5395] close(4) = 0 [pid 5392] close(4 [pid 5395] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5392] <... close resumed>) = 0 [pid 5395] <... openat resumed>) = 4 [ 118.933954][ T5397] REISERFS (device loop0): using ordered data mode [ 118.940535][ T5397] reiserfs: using flush barriers [ 118.947595][ T5395] REISERFS (device loop4): Using r5 hash to sort names [ 118.955375][ T5395] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 118.959467][ T5397] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5395] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5392] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5395] <... mmap resumed>) = 0x20000000 [pid 5395] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5395] exit_group(0) = ? [pid 5392] <... openat resumed>) = 4 [pid 5395] +++ exited with 0 +++ [pid 5392] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5395, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5392] <... mmap resumed>) = 0x20000000 [pid 5392] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5392] exit_group(0 [pid 5094] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5392] <... exit_group resumed>) = ? [pid 5392] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5392, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, [pid 5091] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] getdents64(3, [pid 5091] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... openat resumed>) = 3 [pid 5091] fstat(3, [pid 5094] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./25/binderfs", [pid 5091] getdents64(3, [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] unlink("./25/binderfs" [pid 5091] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... unlink resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 119.002418][ T5397] REISERFS (device loop0): checking transaction log (loop0) [pid 5091] unlink("./23/binderfs") = 0 [pid 5091] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5091] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./23/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./23/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./23") = 0 [pid 5091] mkdir("./24", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = 0 [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5402 ./strace-static-x86_64: Process 5402 attached [pid 5402] chdir("./24") = 0 [pid 5402] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5402] setpgid(0, 0) = 0 [pid 5402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5093] <... umount2 resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5402] write(3, "1000", 4 [ 119.211474][ T5393] REISERFS (device loop5): Using r5 hash to sort names [ 119.218710][ T5393] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5402] <... write resumed>) = 4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./23/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5402] close(3 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4 [pid 5402] <... close resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5402] symlink("/dev/binderfs", "./binderfs" [pid 5093] lstat("./24/file1", [pid 5092] rmdir("./23/file1" [pid 5402] <... symlink resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5093] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5402] memfd_create("syzkaller", 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] getdents64(3, [pid 5402] <... memfd_create resumed>) = 3 [pid 5093] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5393] <... mount resumed>) = 0 [pid 5093] <... openat resumed>) = 4 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5393] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] fstat(4, [pid 5092] close(3 [pid 5393] <... openat resumed>) = 3 [pid 5092] <... close resumed>) = 0 [pid 5393] chdir("./file1" [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] rmdir("./23" [pid 5393] <... chdir resumed>) = 0 [pid 5093] getdents64(4, [pid 5092] <... rmdir resumed>) = 0 [pid 5393] ioctl(4, LOOP_CLR_FD [pid 5092] mkdir("./24", 0777 [pid 5393] <... ioctl resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... mkdir resumed>) = 0 [pid 5393] close(4 [pid 5093] getdents64(4, [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5393] <... close resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5393] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] close(4 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5393] <... openat resumed>) = 4 [pid 5093] <... close resumed>) = 0 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5393] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] rmdir("./24/file1" [pid 5092] close(3 [pid 5393] <... mmap resumed>) = 0x20000000 [pid 5092] <... close resumed>) = 0 [pid 5393] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... rmdir resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5393] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] getdents64(3, [pid 5393] exit_group(0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5403 [pid 5393] <... exit_group resumed>) = ? [pid 5093] close(3 [pid 5393] +++ exited with 0 +++ [pid 5093] <... close resumed>) = 0 [pid 5093] rmdir("./24" [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5393, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=15 /* 0.15 s */} --- [pid 5093] <... rmdir resumed>) = 0 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5093] mkdir("./25", 0777./strace-static-x86_64: Process 5403 attached [pid 5095] <... restart_syscall resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5403] chdir("./24" [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5403] <... chdir resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5403] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] close(3 [pid 5403] <... prctl resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5093] <... close resumed>) = 0 [pid 5403] setpgid(0, 0 [pid 5095] fstat(3, [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5403] <... setpgid resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5403] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] getdents64(3, [pid 5403] <... openat resumed>) = 3 [pid 5403] write(3, "1000", 4 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5403] <... write resumed>) = 4 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5404 [pid 5095] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5403] close(3) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5404 attached [pid 5403] symlink("/dev/binderfs", "./binderfs" [pid 5095] lstat("./24/binderfs", [pid 5404] chdir("./25" [pid 5403] <... symlink resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5404] <... chdir resumed>) = 0 [pid 5403] memfd_create("syzkaller", 0 [pid 5095] unlink("./24/binderfs" [pid 5094] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5404] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5403] <... memfd_create resumed>) = 3 [pid 5095] <... unlink resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5404] <... prctl resumed>) = 0 [pid 5403] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] lstat("./25/file1", [pid 5404] setpgid(0, 0 [pid 5403] <... mmap resumed>) = 0x7f12a0a40000 [pid 5404] <... setpgid resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5404] <... openat resumed>) = 3 [pid 5404] write(3, "1000", 4) = 4 [pid 5404] close(3) = 0 [pid 5404] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5404] memfd_create("syzkaller", 0) = 3 [pid 5404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./25/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./25") = 0 [pid 5094] mkdir("./26", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5405 ./strace-static-x86_64: Process 5405 attached [pid 5405] chdir("./26") = 0 [pid 5405] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5405] setpgid(0, 0) = 0 [pid 5405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 119.431374][ T5397] REISERFS (device loop0): Using r5 hash to sort names [ 119.438671][ T5397] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5405] write(3, "1000", 4) = 4 [pid 5403] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5405] close(3) = 0 [pid 5405] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5405] memfd_create("syzkaller", 0) = 3 [pid 5405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5404] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5397] <... mount resumed>) = 0 [pid 5397] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5397] chdir("./file1") = 0 [pid 5397] ioctl(4, LOOP_CLR_FD) = 0 [pid 5397] close(4) = 0 [pid 5397] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5397] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5397] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5397] exit_group(0) = ? [pid 5397] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5397, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5090] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./23/binderfs") = 0 [pid 5090] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5402] <... write resumed>) = 4194304 [pid 5402] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5402] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5090] <... umount2 resumed>) = 0 [pid 5404] <... write resumed>) = 4194304 [pid 5402] ioctl(4, LOOP_SET_FD, 3 [pid 5403] <... write resumed>) = 4194304 [pid 5090] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5403] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5403] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5403] ioctl(4, LOOP_SET_FD, 3 [pid 5402] <... ioctl resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5402] close(3 [pid 5090] lstat("./23/file1", [pid 5402] <... close resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5402] mkdir("./file1", 0777 [pid 5090] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5402] <... mkdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5402] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5404] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5405] <... write resumed>) = 4194304 [pid 5404] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5403] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5090] fstat(4, [pid 5405] munmap(0x7f12a0a40000, 4194304 [pid 5404] <... openat resumed>) = 4 [pid 5403] close(3 [pid 5095] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5405] <... munmap resumed>) = 0 [ 119.691487][ T5402] loop1: detected capacity change from 0 to 8192 [ 119.697620][ T5403] loop2: detected capacity change from 0 to 8192 [ 119.722204][ T5402] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5404] ioctl(4, LOOP_SET_FD, 3 [pid 5403] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] getdents64(4, [pid 5405] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5403] mkdir("./file1", 0777 [pid 5095] lstat("./24/file1", [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5405] <... openat resumed>) = 4 [pid 5403] <... mkdir resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, [pid 5405] ioctl(4, LOOP_SET_FD, 3 [pid 5403] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5405] <... ioctl resumed>) = 0 [pid 5404] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] close(4 [pid 5405] close(3 [ 119.744508][ T5402] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 119.746650][ T5404] loop3: detected capacity change from 0 to 8192 [ 119.763725][ T5402] REISERFS (device loop1): using ordered data mode [ 119.771612][ T5405] loop4: detected capacity change from 0 to 8192 [ 119.779943][ T5402] reiserfs: using flush barriers [pid 5095] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... close resumed>) = 0 [pid 5405] <... close resumed>) = 0 [pid 5404] close(3 [pid 5095] <... openat resumed>) = 4 [pid 5090] rmdir("./23/file1" [pid 5405] mkdir("./file1", 0777 [pid 5404] <... close resumed>) = 0 [pid 5095] fstat(4, [pid 5090] <... rmdir resumed>) = 0 [pid 5405] <... mkdir resumed>) = 0 [pid 5404] mkdir("./file1", 0777 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, [pid 5405] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5404] <... mkdir resumed>) = 0 [pid 5095] getdents64(4, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5404] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] close(3 [pid 5095] getdents64(4, [pid 5090] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] rmdir("./23" [pid 5095] close(4 [pid 5090] <... rmdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5090] mkdir("./24", 0777 [pid 5095] rmdir("./24/file1" [pid 5090] <... mkdir resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] getdents64(3, [pid 5090] <... openat resumed>) = 3 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [ 119.785467][ T5403] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 119.793682][ T5402] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 119.815702][ T5405] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 119.815935][ T5402] REISERFS (device loop1): checking transaction log (loop1) [pid 5095] close(3 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] <... close resumed>) = 0 [pid 5090] close(3 [pid 5095] rmdir("./24" [pid 5090] <... close resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] mkdir("./25", 0777) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5410 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5410 attached [pid 5095] close(3 [pid 5410] chdir("./24" [pid 5095] <... close resumed>) = 0 [pid 5410] <... chdir resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5410] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5411 [ 119.836719][ T5404] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 119.852124][ T5403] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 119.859806][ T5404] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 119.885772][ T5404] REISERFS (device loop3): using ordered data mode [pid 5410] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5411 attached [pid 5410] setpgid(0, 0 [pid 5411] chdir("./25" [pid 5410] <... setpgid resumed>) = 0 [pid 5411] <... chdir resumed>) = 0 [pid 5410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5411] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5410] <... openat resumed>) = 3 [pid 5411] <... prctl resumed>) = 0 [pid 5410] write(3, "1000", 4 [pid 5411] setpgid(0, 0 [pid 5410] <... write resumed>) = 4 [pid 5411] <... setpgid resumed>) = 0 [ 119.892604][ T5404] reiserfs: using flush barriers [ 119.907145][ T5405] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 119.910301][ T5404] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 119.932444][ T5403] REISERFS (device loop2): using ordered data mode [ 119.932463][ T5403] reiserfs: using flush barriers [pid 5410] close(3 [pid 5411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5410] <... close resumed>) = 0 [pid 5411] <... openat resumed>) = 3 [pid 5410] symlink("/dev/binderfs", "./binderfs" [pid 5411] write(3, "1000", 4 [pid 5410] <... symlink resumed>) = 0 [pid 5411] <... write resumed>) = 4 [pid 5410] memfd_create("syzkaller", 0 [pid 5411] close(3 [pid 5410] <... memfd_create resumed>) = 3 [pid 5411] <... close resumed>) = 0 [pid 5410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5411] symlink("/dev/binderfs", "./binderfs" [pid 5410] <... mmap resumed>) = 0x7f12a0a40000 [pid 5411] <... symlink resumed>) = 0 [ 119.944642][ T5404] REISERFS (device loop3): checking transaction log (loop3) [ 119.952830][ T5403] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 119.956887][ T5405] REISERFS (device loop4): using ordered data mode [ 119.988078][ T5405] reiserfs: using flush barriers [pid 5411] memfd_create("syzkaller", 0) = 3 [pid 5411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 120.002601][ T5405] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 120.059751][ T5405] REISERFS (device loop4): checking transaction log (loop4) [ 120.067570][ T5403] REISERFS (device loop2): checking transaction log (loop2) [pid 5410] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 120.102916][ T5404] REISERFS (device loop3): Using r5 hash to sort names [ 120.110152][ T5404] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5411] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5404] <... mount resumed>) = 0 [pid 5404] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5404] chdir("./file1") = 0 [pid 5404] ioctl(4, LOOP_CLR_FD) = 0 [pid 5404] close(4) = 0 [pid 5404] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5404] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5410] <... write resumed>) = 4194304 [pid 5404] <... mmap resumed>) = 0x20000000 [pid 5410] munmap(0x7f12a0a40000, 4194304 [pid 5404] ioctl(4, FS_IOC_GETVERSION [pid 5410] <... munmap resumed>) = 0 [pid 5404] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5410] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5404] exit_group(0 [pid 5410] <... openat resumed>) = 4 [pid 5404] <... exit_group resumed>) = ? [pid 5410] ioctl(4, LOOP_SET_FD, 3 [pid 5404] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5404, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5093] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 120.246956][ T5405] REISERFS (device loop4): Using r5 hash to sort names [ 120.254024][ T5403] REISERFS (device loop2): Using r5 hash to sort names [ 120.271467][ T5405] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 120.277824][ T5402] REISERFS (device loop1): Using r5 hash to sort names [ 120.282483][ T5403] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5405] <... mount resumed>) = 0 [pid 5093] lstat("./25/binderfs", [pid 5405] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5410] <... ioctl resumed>) = 0 [pid 5405] <... openat resumed>) = 3 [pid 5093] unlink("./25/binderfs" [pid 5410] close(3 [pid 5405] chdir("./file1" [pid 5093] <... unlink resumed>) = 0 [pid 5411] <... write resumed>) = 4194304 [pid 5410] <... close resumed>) = 0 [pid 5405] <... chdir resumed>) = 0 [pid 5403] <... mount resumed>) = 0 [pid 5093] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5411] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5411] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5411] ioctl(4, LOOP_SET_FD, 3 [pid 5410] mkdir("./file1", 0777 [pid 5405] ioctl(4, LOOP_CLR_FD [pid 5403] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5402] <... mount resumed>) = 0 [pid 5410] <... mkdir resumed>) = 0 [pid 5405] <... ioctl resumed>) = 0 [pid 5403] <... openat resumed>) = 3 [pid 5410] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5405] close(4 [pid 5403] chdir("./file1" [pid 5402] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5405] <... close resumed>) = 0 [pid 5403] <... chdir resumed>) = 0 [pid 5405] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5403] ioctl(4, LOOP_CLR_FD [pid 5402] <... openat resumed>) = 3 [pid 5405] <... openat resumed>) = 4 [pid 5403] <... ioctl resumed>) = 0 [pid 5402] chdir("./file1" [pid 5405] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5403] close(4 [pid 5402] <... chdir resumed>) = 0 [pid 5405] <... mmap resumed>) = 0x20000000 [pid 5403] <... close resumed>) = 0 [pid 5402] ioctl(4, LOOP_CLR_FD [pid 5405] ioctl(4, FS_IOC_GETVERSION [pid 5403] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5402] <... ioctl resumed>) = 0 [pid 5405] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5403] <... openat resumed>) = 4 [pid 5402] close(4 [pid 5405] exit_group(0 [pid 5403] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5402] <... close resumed>) = 0 [pid 5405] <... exit_group resumed>) = ? [pid 5403] <... mmap resumed>) = 0x20000000 [ 120.296784][ T5410] loop0: detected capacity change from 0 to 8192 [ 120.315122][ T5402] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 120.333260][ T5411] loop5: detected capacity change from 0 to 8192 [pid 5402] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5405] +++ exited with 0 +++ [pid 5403] ioctl(4, FS_IOC_GETVERSION [pid 5402] <... openat resumed>) = 4 [pid 5411] <... ioctl resumed>) = 0 [pid 5403] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5405, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5411] close(3) = 0 [pid 5411] mkdir("./file1", 0777) = 0 [pid 5411] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5403] exit_group(0 [pid 5094] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5403] <... exit_group resumed>) = ? [pid 5402] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./26/binderfs") = 0 [pid 5094] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5403] +++ exited with 0 +++ [pid 5402] <... mmap resumed>) = 0x20000000 [pid 5402] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5403, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5402] exit_group(0 [pid 5092] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5402] <... exit_group resumed>) = ? [pid 5092] <... openat resumed>) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5402] +++ exited with 0 +++ [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5402, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5092] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... restart_syscall resumed>) = 0 [pid 5092] lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./24/binderfs" [pid 5091] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... unlink resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./24/binderfs") = 0 [ 120.358338][ T5410] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 120.372438][ T5411] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 120.433197][ T5410] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 120.444276][ T5410] REISERFS (device loop0): using ordered data mode [ 120.452061][ T5410] reiserfs: using flush barriers [ 120.459949][ T5411] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 120.460218][ T5410] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 120.470924][ T5411] REISERFS (device loop5): using ordered data mode [ 120.493369][ T5411] reiserfs: using flush barriers [ 120.501737][ T5411] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 120.501813][ T5410] REISERFS (device loop0): checking transaction log (loop0) [ 120.589953][ T5411] REISERFS (device loop5): checking transaction log (loop5) [pid 5091] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5093] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./25/file1", [pid 5094] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = 0 [pid 5094] lstat("./26/file1", [pid 5093] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5410] <... mount resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./24/file1", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5410] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] lstat("./24/file1", [pid 5410] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... openat resumed>) = 4 [pid 5092] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5410] chdir("./file1" [pid 5094] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] fstat(4, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5410] <... chdir resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5410] ioctl(4, LOOP_CLR_FD [pid 5094] fstat(4, [pid 5093] getdents64(4, [pid 5092] <... openat resumed>) = 4 [pid 5091] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5410] <... ioctl resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5410] close(4 [pid 5094] getdents64(4, [pid 5093] getdents64(4, [pid 5092] fstat(4, [pid 5091] <... openat resumed>) = 4 [pid 5410] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5410] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 120.719032][ T5410] REISERFS (device loop0): Using r5 hash to sort names [ 120.737096][ T5410] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] getdents64(4, [pid 5093] close(4 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] fstat(4, [pid 5410] <... openat resumed>) = 4 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] getdents64(4, [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5410] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] close(4 [pid 5093] rmdir("./25/file1" [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5410] <... mmap resumed>) = 0x20000000 [pid 5094] <... close resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] getdents64(4, [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5410] ioctl(4, FS_IOC_GETVERSION [pid 5094] rmdir("./26/file1" [pid 5093] getdents64(3, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] getdents64(4, [pid 5410] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5410] exit_group(0 [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(4 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5410] <... exit_group resumed>) = ? [pid 5094] getdents64(3, [pid 5093] close(3 [pid 5092] <... close resumed>) = 0 [pid 5091] close(4 [pid 5410] +++ exited with 0 +++ [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] rmdir("./24/file1" [pid 5091] <... close resumed>) = 0 [pid 5094] close(3 [pid 5093] rmdir("./25" [pid 5092] <... rmdir resumed>) = 0 [pid 5091] rmdir("./24/file1" [pid 5094] <... close resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5091] <... rmdir resumed>) = 0 [pid 5094] rmdir("./26" [pid 5093] mkdir("./26", 0777 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] getdents64(3, [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5092] close(3 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5410, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5094] mkdir("./27", 0777 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] <... close resumed>) = 0 [pid 5091] close(3 [pid 5094] <... mkdir resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5092] rmdir("./24" [pid 5091] <... close resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5092] <... rmdir resumed>) = 0 [pid 5091] rmdir("./24" [pid 5094] <... openat resumed>) = 3 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] mkdir("./25", 0777 [pid 5091] <... rmdir resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5093] close(3 [pid 5092] <... mkdir resumed>) = 0 [pid 5091] mkdir("./25", 0777 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] <... mkdir resumed>) = 0 [pid 5094] close(3 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... openat resumed>) = 3 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] <... close resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5414 attached [pid 5411] <... mount resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5414 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5414] chdir("./26" [pid 5411] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] close(3 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5414] <... chdir resumed>) = 0 [pid 5411] <... openat resumed>) = 3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5415 [pid 5092] <... close resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5415 attached [pid 5414] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5411] chdir("./file1" [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] close(3 [pid 5090] <... openat resumed>) = 3 [pid 5415] chdir("./27" [pid 5414] <... prctl resumed>) = 0 [pid 5411] <... chdir resumed>) = 0 [pid 5090] fstat(3, [pid 5415] <... chdir resumed>) = 0 [pid 5414] setpgid(0, 0 [pid 5411] ioctl(4, LOOP_CLR_FD [pid 5091] <... close resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5416 attached [pid 5415] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5414] <... setpgid resumed>) = 0 [pid 5411] <... ioctl resumed>) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5416 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] getdents64(3, [pid 5416] chdir("./25" [pid 5415] <... prctl resumed>) = 0 [pid 5414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5411] close(4 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5416] <... chdir resumed>) = 0 [pid 5415] setpgid(0, 0 [pid 5414] <... openat resumed>) = 3 [pid 5411] <... close resumed>) = 0 [pid 5090] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5417 attached [pid 5416] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5415] <... setpgid resumed>) = 0 [pid 5414] write(3, "1000", 4 [ 120.815623][ T5411] REISERFS (device loop5): Using r5 hash to sort names [ 120.829004][ T5411] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5411] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5417 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5417] chdir("./25" [pid 5416] <... prctl resumed>) = 0 [pid 5415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5414] <... write resumed>) = 4 [pid 5411] <... openat resumed>) = 4 [pid 5090] lstat("./24/binderfs", [pid 5417] <... chdir resumed>) = 0 [pid 5416] setpgid(0, 0 [pid 5415] <... openat resumed>) = 3 [pid 5414] close(3 [pid 5411] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5417] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5416] <... setpgid resumed>) = 0 [pid 5415] write(3, "1000", 4 [pid 5414] <... close resumed>) = 0 [pid 5411] <... mmap resumed>) = 0x20000000 [pid 5090] unlink("./24/binderfs" [pid 5414] symlink("/dev/binderfs", "./binderfs" [pid 5411] ioctl(4, FS_IOC_GETVERSION [pid 5090] <... unlink resumed>) = 0 [pid 5417] <... prctl resumed>) = 0 [pid 5414] <... symlink resumed>) = 0 [pid 5411] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5416] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5417] setpgid(0, 0 [pid 5416] <... openat resumed>) = 3 [pid 5415] <... write resumed>) = 4 [pid 5414] memfd_create("syzkaller", 0 [pid 5411] exit_group(0 [pid 5417] <... setpgid resumed>) = 0 [pid 5416] write(3, "1000", 4 [pid 5415] close(3 [pid 5414] <... memfd_create resumed>) = 3 [pid 5411] <... exit_group resumed>) = ? [pid 5417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5416] <... write resumed>) = 4 [pid 5415] <... close resumed>) = 0 [pid 5414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5411] +++ exited with 0 +++ [pid 5417] <... openat resumed>) = 3 [pid 5416] close(3 [pid 5415] symlink("/dev/binderfs", "./binderfs" [pid 5414] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5411, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5417] write(3, "1000", 4 [pid 5416] <... close resumed>) = 0 [pid 5415] <... symlink resumed>) = 0 [pid 5417] <... write resumed>) = 4 [pid 5416] symlink("/dev/binderfs", "./binderfs" [pid 5415] memfd_create("syzkaller", 0 [pid 5417] close(3) = 0 [pid 5416] <... symlink resumed>) = 0 [pid 5415] <... memfd_create resumed>) = 3 [pid 5417] symlink("/dev/binderfs", "./binderfs" [pid 5416] memfd_create("syzkaller", 0 [pid 5415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5417] <... symlink resumed>) = 0 [pid 5416] <... memfd_create resumed>) = 3 [pid 5415] <... mmap resumed>) = 0x7f12a0a40000 [pid 5417] memfd_create("syzkaller", 0 [pid 5095] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5417] <... memfd_create resumed>) = 3 [pid 5416] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5416] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5417] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] <... openat resumed>) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./25/binderfs") = 0 [pid 5095] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5417] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... umount2 resumed>) = 0 [pid 5415] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5416] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./24/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./24/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5414] <... write resumed>) = 4194304 [pid 5090] rmdir("./24") = 0 [pid 5090] mkdir("./25", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5414] munmap(0x7f12a0a40000, 4194304 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5414] <... munmap resumed>) = 0 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5414] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] close(3 [pid 5414] <... openat resumed>) = 4 [pid 5090] <... close resumed>) = 0 [pid 5414] ioctl(4, LOOP_SET_FD, 3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5414] <... ioctl resumed>) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5418 ./strace-static-x86_64: Process 5418 attached [pid 5418] chdir("./25") = 0 [pid 5418] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5418] setpgid(0, 0) = 0 [pid 5418] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5095] <... umount2 resumed>) = 0 [pid 5418] write(3, "1000", 4 [pid 5095] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5418] <... write resumed>) = 4 [pid 5414] close(3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5418] close(3 [pid 5415] <... write resumed>) = 4194304 [pid 5414] <... close resumed>) = 0 [pid 5095] lstat("./25/file1", [pid 5418] <... close resumed>) = 0 [pid 5416] <... write resumed>) = 4194304 [pid 5415] munmap(0x7f12a0a40000, 4194304 [pid 5414] mkdir("./file1", 0777 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5418] symlink("/dev/binderfs", "./binderfs" [pid 5416] munmap(0x7f12a0a40000, 4194304 [pid 5415] <... munmap resumed>) = 0 [pid 5414] <... mkdir resumed>) = 0 [pid 5095] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5418] <... symlink resumed>) = 0 [pid 5416] <... munmap resumed>) = 0 [pid 5415] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5414] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 121.193433][ T5414] loop3: detected capacity change from 0 to 8192 [pid 5418] memfd_create("syzkaller", 0 [pid 5416] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5415] <... openat resumed>) = 4 [pid 5095] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5418] <... memfd_create resumed>) = 3 [pid 5417] <... write resumed>) = 4194304 [pid 5416] <... openat resumed>) = 4 [pid 5415] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... openat resumed>) = 4 [pid 5418] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5417] munmap(0x7f12a0a40000, 4194304 [pid 5416] ioctl(4, LOOP_SET_FD, 3 [pid 5095] fstat(4, [pid 5418] <... mmap resumed>) = 0x7f12a0a40000 [pid 5417] <... munmap resumed>) = 0 [pid 5416] <... ioctl resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5417] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5416] close(3 [pid 5095] getdents64(4, [pid 5417] <... openat resumed>) = 4 [pid 5416] <... close resumed>) = 0 [ 121.241730][ T5414] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.242855][ T5415] loop4: detected capacity change from 0 to 8192 [ 121.255609][ T5414] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 121.263247][ T5416] loop2: detected capacity change from 0 to 8192 [ 121.277448][ T5414] REISERFS (device loop3): using ordered data mode [ 121.284639][ T5414] reiserfs: using flush barriers [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5418] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5417] ioctl(4, LOOP_SET_FD, 3 [pid 5416] mkdir("./file1", 0777 [pid 5415] <... ioctl resumed>) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./25/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./25") = 0 [pid 5095] mkdir("./26", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3 [pid 5417] <... ioctl resumed>) = 0 [pid 5416] <... mkdir resumed>) = 0 [pid 5415] close(3 [pid 5095] <... close resumed>) = 0 [pid 5417] close(3 [pid 5416] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5415] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5417] <... close resumed>) = 0 [pid 5415] mkdir("./file1", 0777 [pid 5417] mkdir("./file1", 0777 [pid 5415] <... mkdir resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5420 [pid 5417] <... mkdir resumed>) = 0 [ 121.292051][ T5414] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 121.308759][ T5414] REISERFS (device loop3): checking transaction log (loop3) [ 121.321478][ T5417] loop1: detected capacity change from 0 to 8192 [pid 5415] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5417] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5420 attached [pid 5418] <... write resumed>) = 4194304 [pid 5420] chdir("./26" [pid 5418] munmap(0x7f12a0a40000, 4194304 [pid 5420] <... chdir resumed>) = 0 [pid 5420] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5418] <... munmap resumed>) = 0 [pid 5420] <... prctl resumed>) = 0 [pid 5418] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5420] setpgid(0, 0 [pid 5418] <... openat resumed>) = 4 [ 121.354428][ T5416] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.375733][ T5415] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.377050][ T5416] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5420] <... setpgid resumed>) = 0 [pid 5418] ioctl(4, LOOP_SET_FD, 3 [pid 5420] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5418] <... ioctl resumed>) = 0 [ 121.394584][ T5417] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.400500][ T5416] REISERFS (device loop2): using ordered data mode [ 121.418634][ T5416] reiserfs: using flush barriers [ 121.419527][ T5415] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 121.426334][ T5416] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5420] <... openat resumed>) = 3 [pid 5418] close(3 [pid 5420] write(3, "1000", 4 [pid 5418] <... close resumed>) = 0 [pid 5420] <... write resumed>) = 4 [pid 5418] mkdir("./file1", 0777 [pid 5420] close(3) = 0 [pid 5418] <... mkdir resumed>) = 0 [pid 5420] symlink("/dev/binderfs", "./binderfs" [pid 5418] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5420] <... symlink resumed>) = 0 [pid 5420] memfd_create("syzkaller", 0) = 3 [pid 5420] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 121.433762][ T5418] loop0: detected capacity change from 0 to 8192 [ 121.456454][ T5416] REISERFS (device loop2): checking transaction log (loop2) [ 121.474824][ T5418] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.478921][ T5415] REISERFS (device loop4): using ordered data mode [ 121.494783][ T5415] reiserfs: using flush barriers [ 121.501603][ T5417] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 121.510821][ T5415] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 121.541178][ T5417] REISERFS (device loop1): using ordered data mode [ 121.542401][ T5418] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 121.547775][ T5417] reiserfs: using flush barriers [ 121.562627][ T5417] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 121.579210][ T5415] REISERFS (device loop4): checking transaction log (loop4) [ 121.611524][ T5417] REISERFS (device loop1): checking transaction log (loop1) [ 121.644808][ T5418] REISERFS (device loop0): using ordered data mode [pid 5420] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [ 121.681074][ T5418] reiserfs: using flush barriers [ 121.698638][ T5418] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5420] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5420] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 121.725310][ T5416] REISERFS (device loop2): Using r5 hash to sort names [ 121.741158][ T5414] REISERFS (device loop3): Using r5 hash to sort names [ 121.748410][ T5414] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 121.752985][ T5418] REISERFS (device loop0): checking transaction log (loop0) [ 121.759073][ T5416] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5420] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5420] close(3) = 0 [pid 5420] mkdir("./file1", 0777) = 0 [pid 5420] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5414] <... mount resumed>) = 0 [ 121.776623][ T5420] loop5: detected capacity change from 0 to 8192 [pid 5414] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5414] chdir("./file1") = 0 [pid 5414] ioctl(4, LOOP_CLR_FD) = 0 [pid 5414] close(4) = 0 [pid 5414] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5414] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5416] <... mount resumed>) = 0 [ 121.808547][ T5420] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.834652][ T5415] REISERFS (device loop4): Using r5 hash to sort names [ 121.851895][ T5417] REISERFS (device loop1): Using r5 hash to sort names [pid 5414] ioctl(4, FS_IOC_GETVERSION [pid 5416] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5414] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5414] exit_group(0) = ? [pid 5414] +++ exited with 0 +++ [pid 5416] <... openat resumed>) = 3 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5414, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=18 /* 0.18 s */} --- [pid 5416] chdir("./file1" [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5416] <... chdir resumed>) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./26/binderfs") = 0 [pid 5417] <... mount resumed>) = 0 [pid 5093] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5417] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 121.859021][ T5420] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 121.871498][ T5417] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 121.884013][ T5415] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 121.901174][ T5420] REISERFS (device loop5): using ordered data mode [pid 5416] ioctl(4, LOOP_CLR_FD [pid 5417] <... openat resumed>) = 3 [pid 5417] chdir("./file1" [pid 5416] <... ioctl resumed>) = 0 [pid 5415] <... mount resumed>) = 0 [pid 5417] <... chdir resumed>) = 0 [ 121.907759][ T5420] reiserfs: using flush barriers [pid 5416] close(4 [pid 5415] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5417] ioctl(4, LOOP_CLR_FD [pid 5416] <... close resumed>) = 0 [pid 5415] <... openat resumed>) = 3 [pid 5417] <... ioctl resumed>) = 0 [pid 5416] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5415] chdir("./file1" [pid 5417] close(4 [pid 5416] <... openat resumed>) = 4 [pid 5415] <... chdir resumed>) = 0 [pid 5417] <... close resumed>) = 0 [pid 5416] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5415] ioctl(4, LOOP_CLR_FD [pid 5417] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5416] <... mmap resumed>) = 0x20000000 [pid 5415] <... ioctl resumed>) = 0 [pid 5417] <... openat resumed>) = 4 [pid 5416] ioctl(4, FS_IOC_GETVERSION [pid 5415] close(4 [pid 5417] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5416] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5415] <... close resumed>) = 0 [pid 5417] <... mmap resumed>) = 0x20000000 [pid 5416] exit_group(0 [pid 5415] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5417] ioctl(4, FS_IOC_GETVERSION [pid 5416] <... exit_group resumed>) = ? [pid 5415] <... openat resumed>) = 4 [pid 5417] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5416] +++ exited with 0 +++ [pid 5415] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5417] exit_group(0 [pid 5415] <... mmap resumed>) = 0x20000000 [pid 5417] <... exit_group resumed>) = ? [pid 5415] ioctl(4, FS_IOC_GETVERSION [pid 5417] +++ exited with 0 +++ [pid 5415] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5416, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=27 /* 0.27 s */} --- [pid 5415] exit_group(0) = ? [pid 5092] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5415] +++ exited with 0 +++ [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5417, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5415, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5092] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... openat resumed>) = 3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] fstat(3, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... openat resumed>) = 3 [pid 5094] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 121.933210][ T5420] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5091] fstat(3, [pid 5094] <... openat resumed>) = 3 [pid 5092] getdents64(3, [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] fstat(3, [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] getdents64(3, [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] getdents64(3, [pid 5091] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] lstat("./25/binderfs", [pid 5091] lstat("./25/binderfs", [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] unlink("./25/binderfs" [pid 5091] unlink("./25/binderfs" [pid 5094] lstat("./27/binderfs", [pid 5092] <... unlink resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] unlink("./27/binderfs") = 0 [ 121.985149][ T5420] REISERFS (device loop5): checking transaction log (loop5) [ 122.008056][ T5418] REISERFS (device loop0): Using r5 hash to sort names [ 122.023990][ T5418] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5418] <... mount resumed>) = 0 [pid 5418] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5418] chdir("./file1") = 0 [pid 5418] ioctl(4, LOOP_CLR_FD) = 0 [pid 5418] close(4) = 0 [pid 5418] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5418] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5418] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5418] exit_group(0) = ? [pid 5418] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5418, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./25/binderfs") = 0 [pid 5090] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./26/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./26/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./26") = 0 [pid 5093] mkdir("./27", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5426 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5426 attached [pid 5091] lstat("./25/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5426] chdir("./27" [pid 5091] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5426] <... chdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5426] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] <... umount2 resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5426] <... prctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5092] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./25/file1", [pid 5091] fstat(4, [pid 5094] lstat("./27/file1", [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(4, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5426] setpgid(0, 0 [pid 5094] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5426] <... setpgid resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5092] <... openat resumed>) = 4 [pid 5426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] fstat(4, [pid 5092] fstat(4, [pid 5091] getdents64(4, [pid 5426] <... openat resumed>) = 3 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5426] write(3, "1000", 4 [pid 5094] getdents64(4, [pid 5092] getdents64(4, [pid 5091] close(4 [pid 5426] <... write resumed>) = 4 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5426] close(3 [pid 5094] getdents64(4, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... close resumed>) = 0 [pid 5426] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] getdents64(4, [pid 5091] rmdir("./25/file1" [pid 5426] symlink("/dev/binderfs", "./binderfs" [pid 5094] close(4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5426] <... symlink resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] close(4 [pid 5091] <... rmdir resumed>) = 0 [pid 5426] memfd_create("syzkaller", 0 [pid 5094] rmdir("./27/file1" [pid 5092] <... close resumed>) = 0 [pid 5426] <... memfd_create resumed>) = 3 [pid 5091] getdents64(3, [pid 5426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] rmdir("./25/file1" [pid 5426] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] getdents64(3, [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5094] close(3 [pid 5092] getdents64(3, [pid 5091] close(3 [pid 5094] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... close resumed>) = 0 [pid 5092] close(3 [pid 5094] rmdir("./27" [pid 5091] rmdir("./25" [pid 5092] <... close resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] rmdir("./25" [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5094] mkdir("./28", 0777 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] mkdir("./26", 0777 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] mkdir("./26", 0777 [pid 5090] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... mkdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... mkdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] <... openat resumed>) = 3 [pid 5090] lstat("./25/file1", [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] <... openat resumed>) = 3 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] <... openat resumed>) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... close resumed>) = 0 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] close(3 [ 122.300619][ T5420] REISERFS (device loop5): Using r5 hash to sort names [ 122.337204][ T5420] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] close(3 [pid 5091] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5092] <... close resumed>) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] fstat(4, [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5427 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5428 [pid 5090] getdents64(4, [pid 5420] <... mount resumed>) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5429 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5420] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] close(4./strace-static-x86_64: Process 5428 attached [pid 5420] <... openat resumed>) = 3 [pid 5090] <... close resumed>) = 0 ./strace-static-x86_64: Process 5429 attached ./strace-static-x86_64: Process 5427 attached [pid 5428] chdir("./26" [pid 5420] chdir("./file1" [pid 5090] rmdir("./25/file1" [pid 5429] chdir("./26" [pid 5428] <... chdir resumed>) = 0 [pid 5427] chdir("./28" [pid 5420] <... chdir resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5428] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5420] ioctl(4, LOOP_CLR_FD [pid 5090] getdents64(3, [pid 5428] <... prctl resumed>) = 0 [pid 5420] <... ioctl resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5428] setpgid(0, 0 [pid 5420] close(4 [pid 5090] close(3 [pid 5429] <... chdir resumed>) = 0 [pid 5428] <... setpgid resumed>) = 0 [pid 5427] <... chdir resumed>) = 0 [pid 5420] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5429] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5427] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5420] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] rmdir("./25" [pid 5429] <... prctl resumed>) = 0 [pid 5428] <... openat resumed>) = 3 [pid 5427] <... prctl resumed>) = 0 [pid 5420] <... openat resumed>) = 4 [pid 5090] <... rmdir resumed>) = 0 [pid 5429] setpgid(0, 0 [pid 5428] write(3, "1000", 4 [pid 5427] setpgid(0, 0 [pid 5420] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] mkdir("./26", 0777 [pid 5429] <... setpgid resumed>) = 0 [pid 5428] <... write resumed>) = 4 [pid 5427] <... setpgid resumed>) = 0 [pid 5420] <... mmap resumed>) = 0x20000000 [pid 5090] <... mkdir resumed>) = 0 [pid 5429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5428] close(3 [pid 5427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5420] ioctl(4, FS_IOC_GETVERSION [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5429] <... openat resumed>) = 3 [pid 5428] <... close resumed>) = 0 [pid 5427] <... openat resumed>) = 3 [pid 5420] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] <... openat resumed>) = 3 [pid 5429] write(3, "1000", 4 [pid 5428] symlink("/dev/binderfs", "./binderfs" [pid 5427] write(3, "1000", 4 [pid 5420] exit_group(0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5429] <... write resumed>) = 4 [pid 5428] <... symlink resumed>) = 0 [pid 5427] <... write resumed>) = 4 [pid 5420] <... exit_group resumed>) = ? [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5429] close(3 [pid 5428] memfd_create("syzkaller", 0 [pid 5427] close(3 [pid 5420] +++ exited with 0 +++ [pid 5090] close(3 [pid 5429] <... close resumed>) = 0 [pid 5428] <... memfd_create resumed>) = 3 [pid 5427] <... close resumed>) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5420, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5090] <... close resumed>) = 0 [pid 5428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5428] <... mmap resumed>) = 0x7f12a0a40000 [pid 5429] symlink("/dev/binderfs", "./binderfs" [pid 5427] symlink("/dev/binderfs", "./binderfs" [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5430 ./strace-static-x86_64: Process 5430 attached [pid 5430] chdir("./26" [pid 5429] <... symlink resumed>) = 0 [pid 5427] <... symlink resumed>) = 0 [pid 5429] memfd_create("syzkaller", 0 [pid 5427] memfd_create("syzkaller", 0 [pid 5095] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5429] <... memfd_create resumed>) = 3 [pid 5427] <... memfd_create resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5430] <... chdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5430] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5429] <... mmap resumed>) = 0x7f12a0a40000 [pid 5427] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... openat resumed>) = 3 [pid 5430] <... prctl resumed>) = 0 [pid 5427] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] fstat(3, [pid 5430] setpgid(0, 0) = 0 [pid 5430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5430] write(3, "1000", 4) = 4 [pid 5095] getdents64(3, [pid 5430] close(3 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5430] <... close resumed>) = 0 [pid 5095] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5430] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5430] <... symlink resumed>) = 0 [pid 5095] lstat("./26/binderfs", [pid 5430] memfd_create("syzkaller", 0) = 3 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] unlink("./26/binderfs" [pid 5430] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5427] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5429] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5430] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5426] <... write resumed>) = 4194304 [pid 5426] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5426] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5426] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5426] close(3) = 0 [pid 5426] mkdir("./file1", 0777) = 0 [pid 5426] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5427] <... write resumed>) = 4194304 [pid 5428] <... write resumed>) = 4194304 [ 122.675556][ T5426] loop3: detected capacity change from 0 to 8192 [pid 5427] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... umount2 resumed>) = 0 [pid 5428] munmap(0x7f12a0a40000, 4194304 [pid 5427] <... munmap resumed>) = 0 [pid 5095] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5428] <... munmap resumed>) = 0 [pid 5427] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5428] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5427] <... openat resumed>) = 4 [pid 5095] lstat("./26/file1", [pid 5430] <... write resumed>) = 4194304 [pid 5428] <... openat resumed>) = 4 [pid 5427] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5430] munmap(0x7f12a0a40000, 4194304 [pid 5428] ioctl(4, LOOP_SET_FD, 3 [pid 5427] <... ioctl resumed>) = 0 [pid 5095] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5430] <... munmap resumed>) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./26/file1" [pid 5430] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5428] <... ioctl resumed>) = 0 [pid 5427] close(3 [pid 5095] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5430] <... openat resumed>) = 4 [pid 5428] close(3 [pid 5427] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [ 122.713075][ T5426] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 122.740138][ T5427] loop4: detected capacity change from 0 to 8192 [ 122.747273][ T5426] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 122.757794][ T5428] loop1: detected capacity change from 0 to 8192 [ 122.764503][ T5426] REISERFS (device loop3): using ordered data mode [ 122.771140][ T5426] reiserfs: using flush barriers [pid 5430] ioctl(4, LOOP_SET_FD, 3 [pid 5428] <... close resumed>) = 0 [pid 5427] mkdir("./file1", 0777 [pid 5095] close(3 [pid 5428] mkdir("./file1", 0777 [pid 5427] <... mkdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5428] <... mkdir resumed>) = 0 [pid 5427] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] rmdir("./26" [pid 5430] <... ioctl resumed>) = 0 [pid 5428] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... rmdir resumed>) = 0 [pid 5430] close(3 [pid 5095] mkdir("./27", 0777 [pid 5430] <... close resumed>) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5430] mkdir("./file1", 0777 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5430] <... mkdir resumed>) = 0 [ 122.775670][ T5430] loop0: detected capacity change from 0 to 8192 [ 122.777268][ T5426] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 122.799478][ T5427] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 122.799540][ T5426] REISERFS (device loop3): checking transaction log (loop3) [pid 5095] <... openat resumed>) = 3 [pid 5430] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5429] <... write resumed>) = 4194304 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5429] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 122.820808][ T5428] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 122.825964][ T5427] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 122.843374][ T5427] REISERFS (device loop4): using ordered data mode [ 122.849926][ T5427] reiserfs: using flush barriers [ 122.855973][ T5430] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5095] close(3 [pid 5429] <... munmap resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5429] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5429] <... openat resumed>) = 4 [pid 5429] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5435 ./strace-static-x86_64: Process 5435 attached [pid 5435] chdir("./27" [pid 5429] <... ioctl resumed>) = 0 [ 122.856599][ T5428] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 122.878336][ T5427] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 122.888498][ T5429] loop2: detected capacity change from 0 to 8192 [ 122.901657][ T5428] REISERFS (device loop1): using ordered data mode [ 122.908207][ T5428] reiserfs: using flush barriers [ 122.914421][ T5427] REISERFS (device loop4): checking transaction log (loop4) [pid 5435] <... chdir resumed>) = 0 [pid 5429] close(3 [pid 5435] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5429] <... close resumed>) = 0 [pid 5435] setpgid(0, 0) = 0 [pid 5429] mkdir("./file1", 0777 [pid 5435] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5429] <... mkdir resumed>) = 0 [pid 5435] write(3, "1000", 4) = 4 [pid 5429] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5435] close(3) = 0 [pid 5435] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5435] memfd_create("syzkaller", 0) = 3 [pid 5435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 122.925612][ T5428] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 122.945501][ T5428] REISERFS (device loop1): checking transaction log (loop1) [ 122.951383][ T5430] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 122.964122][ T5429] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 122.977219][ T5429] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 122.986933][ T5429] REISERFS (device loop2): using ordered data mode [ 122.993856][ T5429] reiserfs: using flush barriers [ 123.000071][ T5430] REISERFS (device loop0): using ordered data mode [ 123.000960][ T5429] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 123.028774][ T5430] reiserfs: using flush barriers [pid 5435] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5435] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5426] <... mount resumed>) = 0 [pid 5435] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5426] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5435] <... openat resumed>) = 4 [pid 5426] <... openat resumed>) = 3 [pid 5435] ioctl(4, LOOP_SET_FD, 3 [ 123.078739][ T5426] REISERFS (device loop3): Using r5 hash to sort names [ 123.086206][ T5429] REISERFS (device loop2): checking transaction log (loop2) [ 123.087938][ T5430] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 123.102000][ T5426] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5426] chdir("./file1") = 0 [pid 5426] ioctl(4, LOOP_CLR_FD [pid 5435] <... ioctl resumed>) = 0 [pid 5426] <... ioctl resumed>) = 0 [pid 5435] close(3 [pid 5426] close(4 [pid 5435] <... close resumed>) = 0 [pid 5426] <... close resumed>) = 0 [pid 5435] mkdir("./file1", 0777 [pid 5426] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5435] <... mkdir resumed>) = 0 [pid 5435] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5426] <... openat resumed>) = 4 [pid 5426] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5426] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5426] exit_group(0) = ? [pid 5426] +++ exited with 0 +++ [ 123.144795][ T5435] loop5: detected capacity change from 0 to 8192 [ 123.169970][ T5427] REISERFS (device loop4): Using r5 hash to sort names [ 123.178362][ T5427] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5426, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5093] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5427] <... mount resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5427] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 123.207854][ T5435] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 123.221838][ T5435] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 123.231568][ T5435] REISERFS (device loop5): using ordered data mode [ 123.238206][ T5435] reiserfs: using flush barriers [ 123.245726][ T5430] REISERFS (device loop0): checking transaction log (loop0) [pid 5427] <... openat resumed>) = 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5427] chdir("./file1") = 0 [pid 5427] ioctl(4, LOOP_CLR_FD) = 0 [pid 5427] close(4) = 0 [pid 5427] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5427] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5427] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5427] exit_group(0) = ? [pid 5427] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5427, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5093] lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./27/binderfs") = 0 [pid 5094] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 123.245861][ T5435] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5094] unlink("./28/binderfs") = 0 [ 123.305003][ T5435] REISERFS (device loop5): checking transaction log (loop5) [ 123.451124][ T5429] REISERFS (device loop2): Using r5 hash to sort names [ 123.489477][ T5428] REISERFS (device loop1): Using r5 hash to sort names [pid 5094] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5435] <... mount resumed>) = 0 [pid 5435] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5428] <... mount resumed>) = 0 [pid 5435] <... openat resumed>) = 3 [pid 5435] chdir("./file1") = 0 [pid 5428] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5435] ioctl(4, LOOP_CLR_FD) = 0 [pid 5428] <... openat resumed>) = 3 [pid 5435] close(4 [pid 5428] chdir("./file1" [pid 5435] <... close resumed>) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5428] <... chdir resumed>) = 0 [pid 5435] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5428] ioctl(4, LOOP_CLR_FD [pid 5435] <... openat resumed>) = 4 [pid 5428] <... ioctl resumed>) = 0 [pid 5435] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5428] close(4) = 0 [pid 5435] <... mmap resumed>) = 0x20000000 [pid 5428] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5435] ioctl(4, FS_IOC_GETVERSION [pid 5428] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5435] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5428] <... mmap resumed>) = 0x20000000 [pid 5435] exit_group(0) = ? [pid 5428] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5428] exit_group(0) = ? [ 123.491211][ T5430] REISERFS (device loop0): Using r5 hash to sort names [ 123.512866][ T5435] REISERFS (device loop5): Using r5 hash to sort names [ 123.522440][ T5429] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 123.531570][ T5435] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 123.541760][ T5428] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5435] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5435, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5428] +++ exited with 0 +++ [pid 5095] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5428, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5429] <... mount resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5429] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = 0 [pid 5093] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5429] <... openat resumed>) = 3 [pid 5095] fstat(3, [pid 5094] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5429] chdir("./file1" [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./27/file1", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5429] <... chdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5094] lstat("./28/file1", [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5430] <... mount resumed>) = 0 [pid 5429] ioctl(4, LOOP_CLR_FD [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [pid 5430] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5429] <... ioctl resumed>) = 0 [pid 5095] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5430] <... openat resumed>) = 3 [pid 5429] close(4 [pid 5430] chdir("./file1" [pid 5429] <... close resumed>) = 0 [pid 5430] <... chdir resumed>) = 0 [pid 5429] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5430] ioctl(4, LOOP_CLR_FD [pid 5429] <... openat resumed>) = 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] fstat(3, [pid 5430] <... ioctl resumed>) = 0 [pid 5429] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] lstat("./27/binderfs", [pid 5430] close(4 [pid 5429] <... mmap resumed>) = 0x20000000 [pid 5094] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... openat resumed>) = 4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5430] <... close resumed>) = 0 [pid 5429] ioctl(4, FS_IOC_GETVERSION [pid 5095] unlink("./27/binderfs" [pid 5094] <... openat resumed>) = 4 [pid 5093] fstat(4, [pid 5091] getdents64(3, [pid 5430] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5429] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5430] <... openat resumed>) = 4 [pid 5429] exit_group(0 [pid 5095] <... unlink resumed>) = 0 [pid 5094] fstat(4, [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5430] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5429] <... exit_group resumed>) = ? [pid 5095] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, [pid 5091] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5430] <... mmap resumed>) = 0x20000000 [pid 5429] +++ exited with 0 +++ [pid 5430] ioctl(4, FS_IOC_GETVERSION [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5429, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5430] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5430] exit_group(0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] lstat("./26/binderfs", [pid 5430] <... exit_group resumed>) = ? [pid 5430] +++ exited with 0 +++ [pid 5094] getdents64(4, [pid 5093] getdents64(4, [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] getdents64(4, [pid 5093] close(4 [pid 5091] unlink("./26/binderfs" [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... unlink resumed>) = 0 [pid 5094] close(4 [pid 5093] rmdir("./27/file1" [pid 5092] <... openat resumed>) = 3 [pid 5091] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5430, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5094] <... close resumed>) = 0 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5092] unlink("./26/binderfs") = 0 [ 123.601423][ T5430] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] rmdir("./28/file1" [pid 5093] getdents64(3, [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] getdents64(3, [pid 5093] close(3 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... close resumed>) = 0 [pid 5090] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(3 [pid 5093] rmdir("./27" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... close resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] rmdir("./28" [pid 5090] <... openat resumed>) = 3 [pid 5094] <... rmdir resumed>) = 0 [pid 5090] fstat(3, [pid 5093] mkdir("./28", 0777 [pid 5094] mkdir("./29", 0777 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5090] getdents64(3, [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... openat resumed>) = 3 [pid 5093] <... openat resumed>) = 3 [pid 5090] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] close(3 [pid 5093] close(3 [pid 5094] <... close resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5090] lstat("./26/binderfs", [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./26/binderfs" [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5438 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5439 [pid 5090] <... unlink resumed>) = 0 [pid 5090] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5439 attached ./strace-static-x86_64: Process 5438 attached [pid 5438] chdir("./29" [pid 5439] chdir("./28") = 0 [pid 5438] <... chdir resumed>) = 0 [pid 5439] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5438] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5439] <... prctl resumed>) = 0 [pid 5438] <... prctl resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./26/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./26/file1" [pid 5439] setpgid(0, 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5438] setpgid(0, 0 [pid 5092] getdents64(3, [pid 5438] <... setpgid resumed>) = 0 [pid 5439] <... setpgid resumed>) = 0 [pid 5438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] close(3 [pid 5438] <... openat resumed>) = 3 [pid 5092] <... close resumed>) = 0 [pid 5439] <... openat resumed>) = 3 [pid 5092] rmdir("./26" [pid 5439] write(3, "1000", 4) = 4 [pid 5438] write(3, "1000", 4 [pid 5439] close(3 [pid 5438] <... write resumed>) = 4 [pid 5439] <... close resumed>) = 0 [pid 5438] close(3 [pid 5439] symlink("/dev/binderfs", "./binderfs" [pid 5438] <... close resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./27", 0777) = 0 [pid 5439] <... symlink resumed>) = 0 [pid 5438] symlink("/dev/binderfs", "./binderfs" [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = 0 [pid 5439] memfd_create("syzkaller", 0 [pid 5438] <... symlink resumed>) = 0 [pid 5092] close(3 [pid 5439] <... memfd_create resumed>) = 3 [pid 5092] <... close resumed>) = 0 [pid 5439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5438] memfd_create("syzkaller", 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5439] <... mmap resumed>) = 0x7f12a0a40000 [pid 5438] <... memfd_create resumed>) = 3 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5440 [pid 5438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 ./strace-static-x86_64: Process 5440 attached [pid 5440] chdir("./27") = 0 [pid 5440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5440] setpgid(0, 0) = 0 [pid 5440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5440] write(3, "1000", 4) = 4 [pid 5440] close(3) = 0 [pid 5440] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5440] memfd_create("syzkaller", 0) = 3 [pid 5440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5439] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5438] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./27/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./27/file1") = 0 [pid 5095] getdents64(3, [pid 5091] <... umount2 resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./27") = 0 [pid 5095] mkdir("./28", 0777 [pid 5440] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5441 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./26/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 ./strace-static-x86_64: Process 5441 attached [pid 5091] fstat(4, [pid 5441] chdir("./28" [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5441] <... chdir resumed>) = 0 [pid 5091] getdents64(4, [pid 5441] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5441] <... prctl resumed>) = 0 [pid 5091] getdents64(4, [pid 5441] setpgid(0, 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5441] <... setpgid resumed>) = 0 [pid 5091] close(4 [pid 5441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... close resumed>) = 0 [pid 5441] <... openat resumed>) = 3 [pid 5091] rmdir("./26/file1" [pid 5441] write(3, "1000", 4 [pid 5091] <... rmdir resumed>) = 0 [pid 5441] <... write resumed>) = 4 [pid 5091] getdents64(3, [pid 5441] close(3 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5441] <... close resumed>) = 0 [pid 5091] close(3 [pid 5441] symlink("/dev/binderfs", "./binderfs" [pid 5091] <... close resumed>) = 0 [pid 5441] <... symlink resumed>) = 0 [pid 5091] rmdir("./26" [pid 5441] memfd_create("syzkaller", 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5441] <... memfd_create resumed>) = 3 [pid 5091] mkdir("./27", 0777 [pid 5441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5441] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5442 ./strace-static-x86_64: Process 5442 attached [pid 5442] chdir("./27") = 0 [pid 5442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5442] setpgid(0, 0) = 0 [pid 5442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] <... umount2 resumed>) = 0 [pid 5442] write(3, "1000", 4) = 4 [pid 5442] close(3) = 0 [pid 5442] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5442] memfd_create("syzkaller", 0 [pid 5090] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5442] <... memfd_create resumed>) = 3 [pid 5442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5442] <... mmap resumed>) = 0x7f12a0a40000 [pid 5438] <... write resumed>) = 4194304 [pid 5090] lstat("./26/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./26/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./26") = 0 [pid 5090] mkdir("./27", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5438] munmap(0x7f12a0a40000, 4194304 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] close(3 [pid 5439] <... write resumed>) = 4194304 [pid 5438] <... munmap resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5439] munmap(0x7f12a0a40000, 4194304 [pid 5438] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5439] <... munmap resumed>) = 0 [pid 5438] <... openat resumed>) = 4 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5443 [pid 5439] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5438] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5443 attached [pid 5443] chdir("./27") = 0 [pid 5443] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5443] setpgid(0, 0) = 0 [pid 5443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5443] write(3, "1000", 4) = 4 [pid 5443] close(3) = 0 [pid 5441] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5439] <... openat resumed>) = 4 [pid 5443] symlink("/dev/binderfs", "./binderfs" [pid 5439] ioctl(4, LOOP_SET_FD, 3 [pid 5443] <... symlink resumed>) = 0 [pid 5443] memfd_create("syzkaller", 0) = 3 [pid 5443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5439] <... ioctl resumed>) = 0 [pid 5438] <... ioctl resumed>) = 0 [pid 5439] close(3 [pid 5438] close(3 [pid 5439] <... close resumed>) = 0 [pid 5438] <... close resumed>) = 0 [pid 5440] <... write resumed>) = 4194304 [pid 5439] mkdir("./file1", 0777 [pid 5438] mkdir("./file1", 0777 [pid 5440] munmap(0x7f12a0a40000, 4194304 [pid 5439] <... mkdir resumed>) = 0 [pid 5438] <... mkdir resumed>) = 0 [pid 5438] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 124.144552][ T5438] loop4: detected capacity change from 0 to 8192 [ 124.153267][ T5439] loop3: detected capacity change from 0 to 8192 [pid 5439] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5440] <... munmap resumed>) = 0 [pid 5440] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 124.184804][ T5439] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.199616][ T5438] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.213488][ T5438] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 124.223387][ T5438] REISERFS (device loop4): using ordered data mode [pid 5440] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5440] close(3) = 0 [pid 5440] mkdir("./file1", 0777) = 0 [ 124.224381][ T5440] loop2: detected capacity change from 0 to 8192 [ 124.230126][ T5438] reiserfs: using flush barriers [ 124.239436][ T5439] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 124.242612][ T5438] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 124.267265][ T5438] REISERFS (device loop4): checking transaction log (loop4) [ 124.272840][ T5439] REISERFS (device loop3): using ordered data mode [pid 5440] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 124.304469][ T5440] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.331458][ T5440] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 124.342045][ T5439] reiserfs: using flush barriers [pid 5443] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5442] <... write resumed>) = 4194304 [pid 5441] <... write resumed>) = 4194304 [pid 5442] munmap(0x7f12a0a40000, 4194304) = 0 [ 124.367372][ T5439] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 124.391618][ T5440] REISERFS (device loop2): using ordered data mode [ 124.398333][ T5440] reiserfs: using flush barriers [pid 5441] munmap(0x7f12a0a40000, 4194304 [pid 5442] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5441] <... munmap resumed>) = 0 [pid 5442] <... openat resumed>) = 4 [pid 5441] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5442] ioctl(4, LOOP_SET_FD, 3 [pid 5441] <... openat resumed>) = 4 [pid 5441] ioctl(4, LOOP_SET_FD, 3 [pid 5442] <... ioctl resumed>) = 0 [pid 5442] close(3) = 0 [pid 5442] mkdir("./file1", 0777) = 0 [pid 5442] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5441] <... ioctl resumed>) = 0 [pid 5441] close(3) = 0 [ 124.405384][ T5440] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 124.424620][ T5440] REISERFS (device loop2): checking transaction log (loop2) [ 124.427305][ T5442] loop1: detected capacity change from 0 to 8192 [ 124.447847][ T5441] loop5: detected capacity change from 0 to 8192 [pid 5441] mkdir("./file1", 0777) = 0 [ 124.485822][ T5438] REISERFS (device loop4): Using r5 hash to sort names [ 124.493538][ T5442] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.512125][ T5439] REISERFS (device loop3): checking transaction log (loop3) [ 124.523030][ T5441] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5441] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5443] <... write resumed>) = 4194304 [pid 5443] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5443] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 124.541895][ T5440] REISERFS (device loop2): Using r5 hash to sort names [ 124.542060][ T5438] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 124.549060][ T5440] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 124.571333][ T5442] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 124.574753][ T5443] loop0: detected capacity change from 0 to 8192 [pid 5443] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5438] <... mount resumed>) = 0 [pid 5443] close(3 [pid 5438] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5443] <... close resumed>) = 0 [pid 5440] <... mount resumed>) = 0 [pid 5438] <... openat resumed>) = 3 [pid 5443] mkdir("./file1", 0777 [pid 5440] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5438] chdir("./file1" [pid 5443] <... mkdir resumed>) = 0 [pid 5440] <... openat resumed>) = 3 [pid 5438] <... chdir resumed>) = 0 [pid 5443] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5440] chdir("./file1" [pid 5438] ioctl(4, LOOP_CLR_FD [pid 5440] <... chdir resumed>) = 0 [pid 5438] <... ioctl resumed>) = 0 [pid 5440] ioctl(4, LOOP_CLR_FD [ 124.585330][ T5442] REISERFS (device loop1): using ordered data mode [ 124.587691][ T5441] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 124.603648][ T5441] REISERFS (device loop5): using ordered data mode [ 124.610897][ T5441] reiserfs: using flush barriers [ 124.617961][ T5442] reiserfs: using flush barriers [ 124.619253][ T5441] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5438] close(4 [pid 5440] <... ioctl resumed>) = 0 [pid 5438] <... close resumed>) = 0 [pid 5440] close(4 [pid 5438] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5440] <... close resumed>) = 0 [pid 5438] <... openat resumed>) = 4 [pid 5440] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5438] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5440] <... openat resumed>) = 4 [pid 5438] <... mmap resumed>) = 0x20000000 [pid 5440] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5438] ioctl(4, FS_IOC_GETVERSION [pid 5440] <... mmap resumed>) = 0x20000000 [pid 5438] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5440] ioctl(4, FS_IOC_GETVERSION [pid 5438] exit_group(0 [pid 5440] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5438] <... exit_group resumed>) = ? [pid 5440] exit_group(0 [pid 5438] +++ exited with 0 +++ [pid 5440] <... exit_group resumed>) = ? [pid 5440] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5438, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5440, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5094] <... restart_syscall resumed>) = 0 [pid 5092] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 124.641609][ T5442] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5094] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./27/binderfs") = 0 [pid 5092] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./29/binderfs") = 0 [ 124.682520][ T5443] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.688265][ T5442] REISERFS (device loop1): checking transaction log (loop1) [ 124.711968][ T5441] REISERFS (device loop5): checking transaction log (loop5) [ 124.747251][ T5443] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 124.800417][ T5443] REISERFS (device loop0): using ordered data mode [ 124.840285][ T5443] reiserfs: using flush barriers [pid 5094] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./27/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 124.871122][ T5443] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 124.899714][ T5439] REISERFS (device loop3): Using r5 hash to sort names [pid 5092] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./27/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./27") = 0 [pid 5092] mkdir("./28", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5439] <... mount resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5439] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5439] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 124.926103][ T5439] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 124.948165][ T5443] REISERFS (device loop0): checking transaction log (loop0) [pid 5439] chdir("./file1" [pid 5094] lstat("./29/file1", [pid 5092] close(3 [pid 5439] <... chdir resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5450 [pid 5439] ioctl(4, LOOP_CLR_FD [pid 5094] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5439] <... ioctl resumed>) = 0 [pid 5439] close(4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5439] <... close resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5450 attached [pid 5439] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... openat resumed>) = 4 [pid 5450] chdir("./28" [pid 5439] <... openat resumed>) = 4 [pid 5094] fstat(4, [pid 5450] <... chdir resumed>) = 0 [pid 5439] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5450] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5439] <... mmap resumed>) = 0x20000000 [pid 5094] getdents64(4, [pid 5450] <... prctl resumed>) = 0 [pid 5439] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5450] setpgid(0, 0 [pid 5441] <... mount resumed>) = 0 [pid 5439] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] getdents64(4, [pid 5450] <... setpgid resumed>) = 0 [pid 5441] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5439] exit_group(0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5450] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5441] <... openat resumed>) = 3 [pid 5439] <... exit_group resumed>) = ? [pid 5094] close(4 [pid 5450] <... openat resumed>) = 3 [pid 5450] write(3, "1000", 4) = 4 [pid 5439] +++ exited with 0 +++ [pid 5094] <... close resumed>) = 0 [ 124.986009][ T5441] REISERFS (device loop5): Using r5 hash to sort names [ 125.000779][ T5441] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5450] close(3 [pid 5441] chdir("./file1" [pid 5094] rmdir("./29/file1" [pid 5450] <... close resumed>) = 0 [pid 5441] <... chdir resumed>) = 0 [pid 5450] symlink("/dev/binderfs", "./binderfs" [pid 5441] ioctl(4, LOOP_CLR_FD [pid 5094] <... rmdir resumed>) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5439, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5450] <... symlink resumed>) = 0 [pid 5441] <... ioctl resumed>) = 0 [pid 5094] getdents64(3, [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5450] memfd_create("syzkaller", 0 [pid 5441] close(4 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5450] <... memfd_create resumed>) = 3 [pid 5441] <... close resumed>) = 0 [pid 5094] close(3 [pid 5450] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5441] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... close resumed>) = 0 [pid 5450] <... mmap resumed>) = 0x7f12a0a40000 [pid 5441] <... openat resumed>) = 4 [pid 5094] rmdir("./29" [pid 5093] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5443] <... mount resumed>) = 0 [pid 5441] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5441] <... mmap resumed>) = 0x20000000 [pid 5093] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5443] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5441] ioctl(4, FS_IOC_GETVERSION [pid 5094] mkdir("./30", 0777 [pid 5443] <... openat resumed>) = 3 [pid 5093] <... openat resumed>) = 3 [pid 5441] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... mkdir resumed>) = 0 [pid 5441] exit_group(0 [pid 5093] fstat(3, [pid 5443] chdir("./file1" [pid 5441] <... exit_group resumed>) = ? [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5441] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5441, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... openat resumed>) = 3 [pid 5093] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5443] <... chdir resumed>) = 0 [pid 5095] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5443] ioctl(4, LOOP_CLR_FD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] lstat("./28/binderfs", [pid 5443] <... ioctl resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] close(3 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5443] close(4 [pid 5095] <... openat resumed>) = 3 [pid 5095] fstat(3, [pid 5094] <... close resumed>) = 0 [pid 5093] unlink("./28/binderfs") = 0 [ 125.104488][ T5443] REISERFS (device loop0): Using r5 hash to sort names [ 125.112329][ T5443] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5443] <... close resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5443] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] getdents64(3, [pid 5443] <... openat resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5443] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5451 [pid 5095] lstat("./28/binderfs", [pid 5443] <... mmap resumed>) = 0x20000000 [pid 5443] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5443] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] unlink("./28/binderfs" [pid 5443] exit_group(0 [pid 5095] <... unlink resumed>) = 0 [pid 5443] <... exit_group resumed>) = ? [pid 5095] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5450] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5443] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5443, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5090] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5451 attached [pid 5090] getdents64(3, [pid 5451] chdir("./30" [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5451] <... chdir resumed>) = 0 [pid 5090] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5451] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5451] <... prctl resumed>) = 0 [pid 5090] lstat("./27/binderfs", [pid 5451] setpgid(0, 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5451] <... setpgid resumed>) = 0 [pid 5090] unlink("./27/binderfs" [pid 5451] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... unlink resumed>) = 0 [pid 5451] <... openat resumed>) = 3 [pid 5090] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5451] write(3, "1000", 4) = 4 [pid 5451] close(3) = 0 [pid 5451] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5451] memfd_create("syzkaller", 0) = 3 [ 125.145614][ T5442] REISERFS (device loop1): Using r5 hash to sort names [ 125.180977][ T5442] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5451] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5442] <... mount resumed>) = 0 [pid 5442] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5442] chdir("./file1") = 0 [pid 5442] ioctl(4, LOOP_CLR_FD) = 0 [pid 5442] close(4) = 0 [pid 5442] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5442] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5442] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5442] exit_group(0) = ? [pid 5442] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5442, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] lstat("./27/binderfs", [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] lstat("./27/file1", [pid 5091] unlink("./27/binderfs" [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5090] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./27/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./27") = 0 [pid 5090] mkdir("./28", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... umount2 resumed>) = 0 [pid 5451] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5450] <... write resumed>) = 4194304 [pid 5095] lstat("./28/file1", [pid 5091] <... umount2 resumed>) = 0 [pid 5450] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5450] <... munmap resumed>) = 0 [pid 5095] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5450] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5450] ioctl(4, LOOP_SET_FD, 3 [pid 5095] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] lstat("./27/file1", [pid 5095] <... openat resumed>) = 4 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5095] fstat(4, [pid 5091] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] getdents64(4, [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... openat resumed>) = 4 [pid 5090] close(3 [pid 5095] getdents64(4, [pid 5091] fstat(4, [pid 5450] <... ioctl resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... close resumed>) = 0 [pid 5450] close(3 [pid 5095] close(4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5450] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5450] mkdir("./file1", 0777 [pid 5095] rmdir("./28/file1" [pid 5091] getdents64(4, [pid 5450] <... mkdir resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5450] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] getdents64(3, [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5452 [pid 5091] getdents64(4, [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(3 [pid 5091] close(4./strace-static-x86_64: Process 5452 attached [pid 5095] <... close resumed>) = 0 [pid 5451] <... write resumed>) = 4194304 [pid 5091] <... close resumed>) = 0 [pid 5452] chdir("./28" [pid 5451] munmap(0x7f12a0a40000, 4194304 [pid 5095] rmdir("./28" [pid 5093] <... umount2 resumed>) = 0 [ 125.434243][ T5450] loop2: detected capacity change from 0 to 8192 [ 125.463683][ T5450] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5091] rmdir("./27/file1" [pid 5452] <... chdir resumed>) = 0 [pid 5451] <... munmap resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5452] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5451] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] mkdir("./29", 0777 [pid 5091] getdents64(3, [pid 5093] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./28/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5452] <... prctl resumed>) = 0 [pid 5451] <... openat resumed>) = 4 [pid 5095] <... mkdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5452] setpgid(0, 0 [pid 5451] ioctl(4, LOOP_SET_FD, 3 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] close(3 [pid 5093] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5452] <... setpgid resumed>) = 0 [pid 5451] <... ioctl resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5091] <... close resumed>) = 0 [pid 5452] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5451] close(3 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] rmdir("./27" [pid 5452] <... openat resumed>) = 3 [pid 5451] <... close resumed>) = 0 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... rmdir resumed>) = 0 [pid 5452] write(3, "1000", 4 [pid 5451] mkdir("./file1", 0777 [ 125.477824][ T5450] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 125.490378][ T5450] REISERFS (device loop2): using ordered data mode [ 125.499558][ T5450] reiserfs: using flush barriers [ 125.501925][ T5451] loop4: detected capacity change from 0 to 8192 [ 125.512882][ T5450] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5095] close(3 [pid 5093] <... openat resumed>) = 4 [pid 5091] mkdir("./28", 0777 [pid 5452] <... write resumed>) = 4 [pid 5451] <... mkdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5093] fstat(4, [pid 5091] <... mkdir resumed>) = 0 [pid 5452] close(3 [pid 5451] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5452] <... close resumed>) = 0 [pid 5093] getdents64(4, [pid 5452] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5455 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5455 attached [pid 5452] <... symlink resumed>) = 0 [pid 5093] getdents64(4, [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5455] chdir("./29" [pid 5452] memfd_create("syzkaller", 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5455] <... chdir resumed>) = 0 [pid 5452] <... memfd_create resumed>) = 3 [pid 5093] close(4 [pid 5091] close(3 [pid 5455] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5452] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [ 125.530747][ T5450] REISERFS (device loop2): checking transaction log (loop2) [pid 5455] <... prctl resumed>) = 0 [pid 5452] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] rmdir("./28/file1" [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5455] setpgid(0, 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5456 [pid 5455] <... setpgid resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5455] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] close(3 [pid 5455] <... openat resumed>) = 3 [pid 5093] <... close resumed>) = 0 [pid 5455] write(3, "1000", 4 [pid 5093] rmdir("./28" [pid 5455] <... write resumed>) = 4 [pid 5093] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5456 attached [pid 5455] close(3 [pid 5093] mkdir("./29", 0777 [pid 5456] chdir("./28" [pid 5455] <... close resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5456] <... chdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5456] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] <... openat resumed>) = 3 [pid 5456] <... prctl resumed>) = 0 [pid 5455] symlink("/dev/binderfs", "./binderfs" [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5456] setpgid(0, 0 [pid 5455] <... symlink resumed>) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5456] <... setpgid resumed>) = 0 [pid 5455] memfd_create("syzkaller", 0 [pid 5093] close(3 [ 125.581707][ T5451] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 125.610689][ T5451] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5455] <... memfd_create resumed>) = 3 [pid 5093] <... close resumed>) = 0 [pid 5456] <... openat resumed>) = 3 [pid 5455] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5456] write(3, "1000", 4 [pid 5455] <... mmap resumed>) = 0x7f12a0a40000 [pid 5456] <... write resumed>) = 4 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5457 [pid 5456] close(3./strace-static-x86_64: Process 5457 attached ) = 0 [pid 5457] chdir("./29" [pid 5456] symlink("/dev/binderfs", "./binderfs" [pid 5457] <... chdir resumed>) = 0 [pid 5456] <... symlink resumed>) = 0 [pid 5457] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5456] memfd_create("syzkaller", 0 [pid 5457] <... prctl resumed>) = 0 [pid 5456] <... memfd_create resumed>) = 3 [pid 5457] setpgid(0, 0 [pid 5456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5457] <... setpgid resumed>) = 0 [pid 5456] <... mmap resumed>) = 0x7f12a0a40000 [pid 5457] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5457] write(3, "1000", 4) = 4 [pid 5457] close(3) = 0 [ 125.636249][ T5451] REISERFS (device loop4): using ordered data mode [ 125.670440][ T5451] reiserfs: using flush barriers [pid 5457] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5457] memfd_create("syzkaller", 0) = 3 [pid 5457] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5452] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 125.701199][ T5451] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 125.741158][ T5450] REISERFS (device loop2): Using r5 hash to sort names [pid 5455] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 125.748402][ T5450] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 125.791463][ T5451] REISERFS (device loop4): checking transaction log (loop4) [pid 5456] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5450] <... mount resumed>) = 0 [pid 5450] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5450] chdir("./file1") = 0 [pid 5450] ioctl(4, LOOP_CLR_FD) = 0 [pid 5450] close(4 [pid 5457] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5450] <... close resumed>) = 0 [pid 5450] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5450] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5450] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5450] exit_group(0) = ? [pid 5450] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5450, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5092] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./28/binderfs", [pid 5452] <... write resumed>) = 4194304 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./28/binderfs") = 0 [pid 5092] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5455] <... write resumed>) = 4194304 [pid 5452] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5452] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5455] munmap(0x7f12a0a40000, 4194304 [pid 5452] ioctl(4, LOOP_SET_FD, 3 [pid 5455] <... munmap resumed>) = 0 [pid 5455] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5455] ioctl(4, LOOP_SET_FD, 3 [pid 5452] <... ioctl resumed>) = 0 [pid 5452] close(3) = 0 [pid 5452] mkdir("./file1", 0777) = 0 [pid 5452] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5455] <... ioctl resumed>) = 0 [pid 5455] close(3) = 0 [ 125.948258][ T5452] loop0: detected capacity change from 0 to 8192 [ 125.969204][ T5455] loop5: detected capacity change from 0 to 8192 [pid 5456] <... write resumed>) = 4194304 [pid 5455] mkdir("./file1", 0777) = 0 [pid 5456] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5456] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5456] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5455] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5457] <... write resumed>) = 4194304 [pid 5457] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5457] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 125.993299][ T5452] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 126.022085][ T5456] loop1: detected capacity change from 0 to 8192 [pid 5457] ioctl(4, LOOP_SET_FD, 3 [pid 5092] <... umount2 resumed>) = 0 [pid 5456] close(3) = 0 [pid 5456] mkdir("./file1", 0777) = 0 [pid 5456] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 126.041177][ T5452] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 126.044768][ T5457] loop3: detected capacity change from 0 to 8192 [ 126.050967][ T5452] REISERFS (device loop0): using ordered data mode [ 126.072540][ T5455] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 126.078982][ T5452] reiserfs: using flush barriers [pid 5092] lstat("./28/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 126.100674][ T5451] REISERFS (device loop4): Using r5 hash to sort names [ 126.101525][ T5456] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 126.109404][ T5451] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 126.121928][ T5452] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5457] <... ioctl resumed>) = 0 [pid 5451] <... mount resumed>) = 0 [pid 5092] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5457] close(3 [pid 5451] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5457] <... close resumed>) = 0 [pid 5451] <... openat resumed>) = 3 [pid 5092] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5457] mkdir("./file1", 0777 [pid 5451] chdir("./file1" [pid 5092] <... openat resumed>) = 4 [pid 5457] <... mkdir resumed>) = 0 [pid 5451] <... chdir resumed>) = 0 [pid 5092] fstat(4, [pid 5457] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5451] ioctl(4, LOOP_CLR_FD [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5451] <... ioctl resumed>) = 0 [ 126.130460][ T5455] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 126.150616][ T5456] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 126.156199][ T5455] REISERFS (device loop5): using ordered data mode [ 126.165791][ T5452] REISERFS (device loop0): checking transaction log (loop0) [ 126.171926][ T5455] reiserfs: using flush barriers [ 126.183637][ T5456] REISERFS (device loop1): using ordered data mode [ 126.192818][ T5456] reiserfs: using flush barriers [pid 5092] getdents64(4, [pid 5451] close(4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5451] <... close resumed>) = 0 [pid 5092] getdents64(4, [pid 5451] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5451] <... openat resumed>) = 4 [pid 5092] close(4 [pid 5451] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... close resumed>) = 0 [pid 5451] <... mmap resumed>) = 0x20000000 [pid 5092] rmdir("./28/file1" [pid 5451] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... rmdir resumed>) = 0 [pid 5451] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] getdents64(3, [pid 5451] exit_group(0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5451] <... exit_group resumed>) = ? [pid 5092] close(3 [pid 5451] +++ exited with 0 +++ [pid 5092] <... close resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5451, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5092] rmdir("./28") = 0 [pid 5092] mkdir("./29", 0777 [pid 5094] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... mkdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... openat resumed>) = 3 [ 126.196400][ T5455] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 126.199852][ T5456] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 126.232285][ T5456] REISERFS (device loop1): checking transaction log (loop1) [pid 5094] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5094] fstat(3, [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] close(3 [pid 5094] getdents64(3, [pid 5092] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5462 [pid 5094] lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./30/binderfs") = 0 ./strace-static-x86_64: Process 5462 attached [pid 5094] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5462] chdir("./29") = 0 [ 126.261496][ T5455] REISERFS (device loop5): checking transaction log (loop5) [ 126.272119][ T5457] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5462] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5462] setpgid(0, 0) = 0 [pid 5462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5462] write(3, "1000", 4) = 4 [pid 5462] close(3) = 0 [pid 5462] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5462] memfd_create("syzkaller", 0) = 3 [pid 5462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 126.322958][ T5457] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 126.392852][ T5457] REISERFS (device loop3): using ordered data mode [ 126.418761][ T5457] reiserfs: using flush barriers [ 126.424182][ T5452] REISERFS (device loop0): Using r5 hash to sort names [pid 5452] <... mount resumed>) = 0 [pid 5452] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5462] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5452] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = 0 [pid 5452] chdir("./file1" [pid 5094] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5452] <... chdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5452] ioctl(4, LOOP_CLR_FD [pid 5094] lstat("./30/file1", [pid 5452] <... ioctl resumed>) = 0 [pid 5452] close(4 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5452] <... close resumed>) = 0 [pid 5452] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 126.451651][ T5452] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 126.466045][ T5457] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5094] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5452] <... openat resumed>) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5452] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5452] <... mmap resumed>) = 0x20000000 [pid 5094] <... openat resumed>) = 4 [pid 5452] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5094] fstat(4, [pid 5452] exit_group(0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5452] <... exit_group resumed>) = ? [pid 5094] getdents64(4, [pid 5452] +++ exited with 0 +++ [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5452, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] getdents64(4, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] close(4 [pid 5090] <... openat resumed>) = 3 [pid 5094] <... close resumed>) = 0 [pid 5090] fstat(3, [pid 5094] rmdir("./30/file1" [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, [pid 5094] getdents64(3, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./28/binderfs") = 0 [pid 5090] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./30") = 0 [ 126.557289][ T5457] REISERFS (device loop3): checking transaction log (loop3) [ 126.559811][ T5456] REISERFS (device loop1): Using r5 hash to sort names [ 126.595758][ T5456] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] mkdir("./31", 0777 [pid 5462] <... write resumed>) = 4194304 [pid 5456] <... mount resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5462] munmap(0x7f12a0a40000, 4194304 [pid 5456] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5456] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5462] <... munmap resumed>) = 0 [pid 5456] chdir("./file1" [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5462] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5456] <... chdir resumed>) = 0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5462] <... openat resumed>) = 4 [pid 5094] close(3 [pid 5462] ioctl(4, LOOP_SET_FD, 3 [pid 5456] ioctl(4, LOOP_CLR_FD [pid 5094] <... close resumed>) = 0 [pid 5456] <... ioctl resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5462] <... ioctl resumed>) = 0 [pid 5456] close(4) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5463 [pid 5456] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5456] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5456] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5456] exit_group(0) = ? [pid 5456] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5456, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5462] close(3) = 0 [pid 5462] mkdir("./file1", 0777) = 0 [pid 5462] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5091] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5463 attached [pid 5091] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5463] chdir("./31" [pid 5091] <... openat resumed>) = 3 [pid 5463] <... chdir resumed>) = 0 [pid 5091] fstat(3, [pid 5463] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5463] <... prctl resumed>) = 0 [pid 5091] getdents64(3, [pid 5463] setpgid(0, 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5463] <... setpgid resumed>) = 0 [pid 5091] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 126.622879][ T5455] REISERFS (device loop5): Using r5 hash to sort names [ 126.641681][ T5462] loop2: detected capacity change from 0 to 8192 [ 126.645365][ T5455] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5463] <... openat resumed>) = 3 [pid 5091] lstat("./28/binderfs", [pid 5463] write(3, "1000", 4 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5463] <... write resumed>) = 4 [pid 5091] unlink("./28/binderfs" [pid 5463] close(3 [pid 5091] <... unlink resumed>) = 0 [pid 5463] <... close resumed>) = 0 [pid 5091] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5463] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5463] memfd_create("syzkaller", 0) = 3 [pid 5463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5455] <... mount resumed>) = 0 [pid 5455] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5455] chdir("./file1") = 0 [pid 5455] ioctl(4, LOOP_CLR_FD) = 0 [ 126.684463][ T5462] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5455] close(4) = 0 [pid 5455] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5455] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5455] ioctl(4, FS_IOC_GETVERSION [pid 5090] lstat("./28/file1", [pid 5455] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5455] exit_group(0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5455] <... exit_group resumed>) = ? [pid 5090] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5463] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5455] +++ exited with 0 +++ [ 126.759845][ T5462] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 126.786579][ T5462] REISERFS (device loop2): using ordered data mode [ 126.794591][ T5462] reiserfs: using flush barriers [pid 5091] <... umount2 resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... openat resumed>) = 4 [pid 5091] lstat("./28/file1", [pid 5090] fstat(4, [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] getdents64(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] getdents64(4, [pid 5091] <... openat resumed>) = 4 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] fstat(4, [pid 5090] close(4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... close resumed>) = 0 [pid 5091] getdents64(4, [pid 5090] rmdir("./28/file1" [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... rmdir resumed>) = 0 [pid 5091] getdents64(4, [pid 5090] getdents64(3, [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5090] close(3 [pid 5091] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5091] rmdir("./28/file1" [pid 5090] rmdir("./28" [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5455, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5091] getdents64(3, [pid 5090] mkdir("./29", 0777 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5095] <... restart_syscall resumed>) = 0 [pid 5091] close(3 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5091] <... close resumed>) = 0 [pid 5091] rmdir("./28" [pid 5090] <... openat resumed>) = 3 [pid 5095] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... rmdir resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5095] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] mkdir("./29", 0777 [pid 5095] <... openat resumed>) = 3 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] fstat(3, [pid 5091] <... mkdir resumed>) = 0 [pid 5090] close(3 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] getdents64(3, [pid 5090] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./29/binderfs" [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5465 [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5465 attached [pid 5465] chdir("./29") = 0 [pid 5465] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 126.811352][ T5462] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5465] setpgid(0, 0) = 0 [pid 5465] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5465] write(3, "1000", 4) = 4 [pid 5465] close(3) = 0 [pid 5465] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5465] memfd_create("syzkaller", 0) = 3 [pid 5465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5463] <... write resumed>) = 4194304 [pid 5091] <... openat resumed>) = 3 [pid 5463] munmap(0x7f12a0a40000, 4194304 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5463] <... munmap resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5463] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5091] close(3 [pid 5463] <... openat resumed>) = 4 [pid 5091] <... close resumed>) = 0 [pid 5463] ioctl(4, LOOP_SET_FD, 3 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5466 [pid 5463] <... ioctl resumed>) = 0 [pid 5463] close(3) = 0 [pid 5463] mkdir("./file1", 0777) = 0 [pid 5463] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5466 attached [ 126.931430][ T5462] REISERFS (device loop2): checking transaction log (loop2) [ 126.962279][ T5463] loop4: detected capacity change from 0 to 8192 [pid 5466] chdir("./29") = 0 [pid 5466] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5466] setpgid(0, 0) = 0 [pid 5466] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5466] write(3, "1000", 4) = 4 [pid 5466] close(3) = 0 [pid 5466] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5465] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 126.992394][ T5463] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 127.025634][ T5457] REISERFS (device loop3): Using r5 hash to sort names [pid 5466] memfd_create("syzkaller", 0) = 3 [pid 5466] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5466] <... mmap resumed>) = 0x7f12a0a40000 [ 127.046049][ T5463] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 127.062974][ T5463] REISERFS (device loop4): using ordered data mode [ 127.070469][ T5463] reiserfs: using flush barriers [ 127.081413][ T5457] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5457] <... mount resumed>) = 0 [pid 5095] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5457] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5457] <... openat resumed>) = 3 [pid 5095] lstat("./29/file1", [pid 5457] chdir("./file1" [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5457] <... chdir resumed>) = 0 [pid 5095] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5457] ioctl(4, LOOP_CLR_FD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5457] <... ioctl resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5457] close(4 [pid 5095] <... openat resumed>) = 4 [pid 5466] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5457] <... close resumed>) = 0 [pid 5095] fstat(4, [pid 5457] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5457] <... openat resumed>) = 4 [pid 5095] getdents64(4, [pid 5457] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5457] <... mmap resumed>) = 0x20000000 [pid 5095] getdents64(4, [pid 5457] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5457] exit_group(0 [pid 5095] close(4 [pid 5457] <... exit_group resumed>) = ? [pid 5095] <... close resumed>) = 0 [pid 5457] +++ exited with 0 +++ [ 127.081484][ T5463] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5095] rmdir("./29/file1" [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5457, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5095] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./29" [pid 5093] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... rmdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] mkdir("./30", 0777 [pid 5093] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5465] <... write resumed>) = 4194304 [pid 5095] <... mkdir resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5465] munmap(0x7f12a0a40000, 4194304 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5093] fstat(3, [pid 5465] <... munmap resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5465] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5093] getdents64(3, [pid 5465] <... openat resumed>) = 4 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5465] ioctl(4, LOOP_SET_FD, 3 [pid 5095] close(3 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5465] <... ioctl resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5093] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5465] close(3 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5465] <... close resumed>) = 0 [pid 5093] lstat("./29/binderfs", [pid 5465] mkdir("./file1", 0777 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5468 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5465] <... mkdir resumed>) = 0 [pid 5093] unlink("./29/binderfs" [pid 5465] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] <... unlink resumed>) = 0 [pid 5093] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5468 attached [ 127.184823][ T5463] REISERFS (device loop4): checking transaction log (loop4) [ 127.213016][ T5465] loop0: detected capacity change from 0 to 8192 [pid 5468] chdir("./30") = 0 [pid 5468] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5468] setpgid(0, 0) = 0 [pid 5468] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5468] write(3, "1000", 4) = 4 [ 127.264478][ T5465] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5468] close(3) = 0 [pid 5468] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5468] memfd_create("syzkaller", 0) = 3 [pid 5468] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5466] <... write resumed>) = 4194304 [ 127.305912][ T5465] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 127.318684][ T5465] REISERFS (device loop0): using ordered data mode [ 127.321349][ T5462] REISERFS (device loop2): Using r5 hash to sort names [pid 5466] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5466] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5468] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 127.355865][ T5465] reiserfs: using flush barriers [ 127.374232][ T5462] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5466] ioctl(4, LOOP_SET_FD, 3 [pid 5462] <... mount resumed>) = 0 [pid 5462] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5462] chdir("./file1") = 0 [pid 5462] ioctl(4, LOOP_CLR_FD) = 0 [pid 5462] close(4) = 0 [pid 5462] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5462] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5462] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5462] exit_group(0) = ? [pid 5462] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5462, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [ 127.391161][ T5465] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 127.393524][ T5466] loop1: detected capacity change from 0 to 8192 [ 127.444542][ T5463] REISERFS (device loop4): Using r5 hash to sort names [pid 5092] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5466] <... ioctl resumed>) = 0 [pid 5466] close(3) = 0 [pid 5466] mkdir("./file1", 0777 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5466] <... mkdir resumed>) = 0 [pid 5092] unlink("./29/binderfs" [pid 5466] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] <... umount2 resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5093] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./29/file1", [pid 5463] <... mount resumed>) = 0 [pid 5463] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5463] <... openat resumed>) = 3 [pid 5463] chdir("./file1") = 0 [pid 5463] ioctl(4, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5463] <... ioctl resumed>) = 0 [pid 5093] <... openat resumed>) = 4 [pid 5463] close(4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, [pid 5463] <... close resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5463] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./29/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5463] <... openat resumed>) = 4 [pid 5093] <... close resumed>) = 0 [pid 5463] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] rmdir("./29" [pid 5463] <... mmap resumed>) = 0x20000000 [pid 5463] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... rmdir resumed>) = 0 [pid 5463] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 127.469815][ T5463] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 127.490456][ T5465] REISERFS (device loop0): checking transaction log (loop0) [ 127.494269][ T5466] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] mkdir("./30", 0777 [pid 5463] exit_group(0) = ? [pid 5093] <... mkdir resumed>) = 0 [pid 5463] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5463, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5094] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./31/binderfs") = 0 [pid 5094] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5471 [pid 5468] <... write resumed>) = 4194304 [pid 5468] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5468] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5468] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5471 attached [pid 5471] chdir("./30" [pid 5468] <... ioctl resumed>) = 0 [pid 5471] <... chdir resumed>) = 0 [pid 5468] close(3 [pid 5471] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5471] setpgid(0, 0) = 0 [pid 5468] <... close resumed>) = 0 [pid 5471] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5468] mkdir("./file1", 0777 [pid 5471] <... openat resumed>) = 3 [pid 5468] <... mkdir resumed>) = 0 [ 127.606445][ T5468] loop5: detected capacity change from 0 to 8192 [ 127.625827][ T5466] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5471] write(3, "1000", 4 [pid 5468] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5471] <... write resumed>) = 4 [pid 5471] close(3) = 0 [pid 5471] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5471] memfd_create("syzkaller", 0) = 3 [pid 5471] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 127.666877][ T5466] REISERFS (device loop1): using ordered data mode [ 127.675105][ T5466] reiserfs: using flush barriers [ 127.680832][ T5465] REISERFS (device loop0): Using r5 hash to sort names [ 127.689646][ T5466] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5465] <... mount resumed>) = 0 [pid 5465] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5465] chdir("./file1") = 0 [pid 5465] ioctl(4, LOOP_CLR_FD) = 0 [ 127.689947][ T5468] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 127.706178][ T5465] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 127.728801][ T5466] REISERFS (device loop1): checking transaction log (loop1) [pid 5465] close(4) = 0 [pid 5465] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5465] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5465] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5465] exit_group(0) = ? [pid 5471] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5465] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5465, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5090] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 127.772528][ T5468] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 127.782217][ T5468] REISERFS (device loop5): using ordered data mode [ 127.788785][ T5468] reiserfs: using flush barriers [ 127.801119][ T5468] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, [pid 5471] <... write resumed>) = 4194304 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5471] munmap(0x7f12a0a40000, 4194304 [pid 5090] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5471] <... munmap resumed>) = 0 [pid 5471] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5471] <... openat resumed>) = 4 [pid 5090] lstat("./29/binderfs", [pid 5471] ioctl(4, LOOP_SET_FD, 3 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5471] <... ioctl resumed>) = 0 [pid 5090] unlink("./29/binderfs" [pid 5471] close(3 [pid 5090] <... unlink resumed>) = 0 [pid 5471] <... close resumed>) = 0 [pid 5090] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5471] mkdir("./file1", 0777) = 0 [ 127.883167][ T5468] REISERFS (device loop5): checking transaction log (loop5) [ 127.902134][ T5471] loop3: detected capacity change from 0 to 8192 [ 127.927985][ T5471] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 127.951366][ T5471] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 127.961780][ T5471] REISERFS (device loop3): using ordered data mode [ 127.969761][ T5471] reiserfs: using flush barriers [ 127.979438][ T5471] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 127.984415][ T5466] REISERFS (device loop1): Using r5 hash to sort names [ 128.001246][ T5471] REISERFS (device loop3): checking transaction log (loop3) [pid 5471] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./31/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5466] <... mount resumed>) = 0 [pid 5466] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5094] <... openat resumed>) = 4 [pid 5466] chdir("./file1" [pid 5092] <... umount2 resumed>) = 0 [pid 5466] <... chdir resumed>) = 0 [pid 5466] ioctl(4, LOOP_CLR_FD) = 0 [pid 5094] fstat(4, [pid 5466] close(4) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5466] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5094] getdents64(4, [pid 5466] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5466] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5094] getdents64(4, [pid 5466] exit_group(0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5466] <... exit_group resumed>) = ? [pid 5094] close(4 [pid 5466] +++ exited with 0 +++ [pid 5094] <... close resumed>) = 0 [pid 5092] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] rmdir("./31/file1" [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5466, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5094] <... rmdir resumed>) = 0 [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5094] getdents64(3, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... restart_syscall resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [ 128.055114][ T5466] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] lstat("./29/file1", [pid 5094] close(3 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] rmdir("./31" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, [pid 5094] <... rmdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] mkdir("./32", 0777 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... mkdir resumed>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] fstat(4, [pid 5091] lstat("./29/binderfs", [pid 5094] <... openat resumed>) = 3 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] getdents64(4, [pid 5091] unlink("./29/binderfs" [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... unlink resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] getdents64(4, [pid 5091] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5474 [pid 5092] rmdir("./29/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./29") = 0 [pid 5092] mkdir("./30", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5475 ./strace-static-x86_64: Process 5474 attached ./strace-static-x86_64: Process 5475 attached [ 128.144897][ T5468] REISERFS (device loop5): Using r5 hash to sort names [ 128.158214][ T5468] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5474] chdir("./32" [pid 5475] chdir("./30" [pid 5474] <... chdir resumed>) = 0 [pid 5475] <... chdir resumed>) = 0 [pid 5474] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5475] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5474] <... prctl resumed>) = 0 [pid 5475] <... prctl resumed>) = 0 [pid 5474] setpgid(0, 0 [pid 5475] setpgid(0, 0 [pid 5474] <... setpgid resumed>) = 0 [pid 5475] <... setpgid resumed>) = 0 [pid 5474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5474] <... openat resumed>) = 3 [pid 5475] <... openat resumed>) = 3 [pid 5474] write(3, "1000", 4 [pid 5475] write(3, "1000", 4 [pid 5474] <... write resumed>) = 4 [pid 5475] <... write resumed>) = 4 [pid 5474] close(3 [pid 5475] close(3 [pid 5474] <... close resumed>) = 0 [pid 5475] <... close resumed>) = 0 [pid 5474] symlink("/dev/binderfs", "./binderfs" [pid 5475] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5474] <... symlink resumed>) = 0 [pid 5475] memfd_create("syzkaller", 0 [pid 5474] memfd_create("syzkaller", 0 [pid 5475] <... memfd_create resumed>) = 3 [pid 5474] <... memfd_create resumed>) = 3 [pid 5475] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5475] <... mmap resumed>) = 0x7f12a0a40000 [pid 5474] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5468] <... mount resumed>) = 0 [pid 5468] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5468] chdir("./file1") = 0 [pid 5468] ioctl(4, LOOP_CLR_FD) = 0 [pid 5468] close(4) = 0 [pid 5468] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5468] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5468] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5090] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./29/file1", [pid 5468] exit_group(0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5468] <... exit_group resumed>) = ? [pid 5090] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5468] +++ exited with 0 +++ [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5468, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5090] <... openat resumed>) = 4 [pid 5095] <... restart_syscall resumed>) = 0 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] getdents64(4, [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] <... openat resumed>) = 3 [pid 5090] getdents64(4, [pid 5095] fstat(3, [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] close(4 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] <... close resumed>) = 0 [pid 5095] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] rmdir("./29/file1" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./30/binderfs", [pid 5090] <... rmdir resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./30/binderfs" [pid 5090] getdents64(3, [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./29") = 0 [pid 5090] mkdir("./30", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5476 ./strace-static-x86_64: Process 5476 attached [pid 5476] chdir("./30") = 0 [pid 5476] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5476] setpgid(0, 0) = 0 [pid 5476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5476] write(3, "1000", 4) = 4 [pid 5476] close(3) = 0 [pid 5476] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5476] memfd_create("syzkaller", 0) = 3 [pid 5476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5475] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] lstat("./29/file1", [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] lstat("./30/file1", [pid 5091] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 128.335520][ T5471] REISERFS (device loop3): Using r5 hash to sort names [ 128.372177][ T5471] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... openat resumed>) = 4 [pid 5095] <... openat resumed>) = 4 [pid 5091] fstat(4, [pid 5095] fstat(4, [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] getdents64(4, [pid 5095] close(4 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] <... close resumed>) = 0 [pid 5091] close(4 [pid 5095] rmdir("./30/file1" [pid 5091] <... close resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5091] rmdir("./29/file1" [pid 5095] getdents64(3, [pid 5091] <... rmdir resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] getdents64(3, [pid 5095] close(3) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] rmdir("./30" [pid 5091] close(3 [pid 5471] <... mount resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5471] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] mkdir("./31", 0777 [pid 5091] <... close resumed>) = 0 [pid 5471] <... openat resumed>) = 3 [pid 5471] chdir("./file1" [pid 5095] <... mkdir resumed>) = 0 [pid 5091] rmdir("./29" [pid 5471] <... chdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5471] ioctl(4, LOOP_CLR_FD [pid 5091] <... rmdir resumed>) = 0 [pid 5471] <... ioctl resumed>) = 0 [pid 5091] mkdir("./30", 0777 [pid 5471] close(4 [pid 5475] <... write resumed>) = 4194304 [pid 5471] <... close resumed>) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5471] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5471] <... openat resumed>) = 4 [pid 5471] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] <... openat resumed>) = 3 [pid 5471] <... mmap resumed>) = 0x20000000 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5475] munmap(0x7f12a0a40000, 4194304 [pid 5474] <... write resumed>) = 4194304 [pid 5471] ioctl(4, FS_IOC_GETVERSION [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5475] <... munmap resumed>) = 0 [pid 5474] munmap(0x7f12a0a40000, 4194304 [pid 5471] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] close(3 [pid 5475] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5474] <... munmap resumed>) = 0 [pid 5471] exit_group(0 [pid 5091] <... close resumed>) = 0 [pid 5475] <... openat resumed>) = 4 [pid 5474] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5471] <... exit_group resumed>) = ? [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5475] ioctl(4, LOOP_SET_FD, 3 [pid 5474] <... openat resumed>) = 4 [pid 5471] +++ exited with 0 +++ [pid 5474] ioctl(4, LOOP_SET_FD, 3 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5471, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5093] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5477 [pid 5093] lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5476] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] unlink("./30/binderfs") = 0 [pid 5095] <... openat resumed>) = 3 [pid 5093] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5477 attached [pid 5475] <... ioctl resumed>) = 0 [pid 5474] <... ioctl resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5477] chdir("./30" [pid 5475] close(3 [pid 5474] close(3 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5475] <... close resumed>) = 0 [pid 5474] <... close resumed>) = 0 [pid 5095] close(3 [pid 5477] <... chdir resumed>) = 0 [pid 5475] mkdir("./file1", 0777 [pid 5474] mkdir("./file1", 0777 [pid 5477] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... close resumed>) = 0 [pid 5477] <... prctl resumed>) = 0 [pid 5475] <... mkdir resumed>) = 0 [pid 5474] <... mkdir resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5478 attached [pid 5477] setpgid(0, 0 [pid 5475] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5474] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5477] <... setpgid resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5478 [ 128.499128][ T5475] loop2: detected capacity change from 0 to 8192 [ 128.506378][ T5474] loop4: detected capacity change from 0 to 8192 [pid 5478] chdir("./31" [pid 5477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5478] <... chdir resumed>) = 0 [pid 5477] <... openat resumed>) = 3 [pid 5478] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5477] write(3, "1000", 4 [pid 5478] <... prctl resumed>) = 0 [pid 5478] setpgid(0, 0 [pid 5477] <... write resumed>) = 4 [pid 5478] <... setpgid resumed>) = 0 [pid 5477] close(3 [pid 5478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5477] <... close resumed>) = 0 [pid 5478] <... openat resumed>) = 3 [pid 5477] symlink("/dev/binderfs", "./binderfs" [pid 5478] write(3, "1000", 4 [pid 5477] <... symlink resumed>) = 0 [pid 5478] <... write resumed>) = 4 [pid 5478] close(3 [pid 5477] memfd_create("syzkaller", 0 [pid 5478] <... close resumed>) = 0 [pid 5477] <... memfd_create resumed>) = 3 [pid 5478] symlink("/dev/binderfs", "./binderfs" [pid 5477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5478] <... symlink resumed>) = 0 [pid 5478] memfd_create("syzkaller", 0 [pid 5477] <... mmap resumed>) = 0x7f12a0a40000 [pid 5478] <... memfd_create resumed>) = 3 [ 128.547565][ T5475] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 128.564734][ T5475] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 128.574483][ T5475] REISERFS (device loop2): using ordered data mode [ 128.581409][ T5474] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 128.611825][ T5475] reiserfs: using flush barriers [ 128.618245][ T5475] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 128.636356][ T5475] REISERFS (device loop2): checking transaction log (loop2) [ 128.660047][ T5474] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5476] <... write resumed>) = 4194304 [ 128.709850][ T5474] REISERFS (device loop4): using ordered data mode [pid 5477] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5478] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5476] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5476] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 128.760250][ T5474] reiserfs: using flush barriers [pid 5476] ioctl(4, LOOP_SET_FD, 3 [pid 5093] <... umount2 resumed>) = 0 [pid 5476] <... ioctl resumed>) = 0 [pid 5476] close(3) = 0 [pid 5476] mkdir("./file1", 0777) = 0 [pid 5093] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5476] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./30/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 128.786278][ T5476] loop0: detected capacity change from 0 to 8192 [ 128.796527][ T5474] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./30/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./30") = 0 [pid 5093] mkdir("./31", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5482 [ 128.857998][ T5475] REISERFS (device loop2): Using r5 hash to sort names [ 128.867131][ T5476] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 128.882272][ T5474] REISERFS (device loop4): checking transaction log (loop4) [pid 5475] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5482 attached [pid 5482] chdir("./31" [pid 5477] <... write resumed>) = 4194304 [pid 5475] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5482] <... chdir resumed>) = 0 [pid 5482] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5478] <... write resumed>) = 4194304 [pid 5477] munmap(0x7f12a0a40000, 4194304 [pid 5482] <... prctl resumed>) = 0 [pid 5477] <... munmap resumed>) = 0 [pid 5482] setpgid(0, 0 [pid 5478] munmap(0x7f12a0a40000, 4194304 [pid 5477] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5475] <... openat resumed>) = 3 [pid 5482] <... setpgid resumed>) = 0 [pid 5478] <... munmap resumed>) = 0 [pid 5477] <... openat resumed>) = 4 [pid 5475] chdir("./file1" [pid 5482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5478] openat(AT_FDCWD, "/dev/loop5", O_RDWR [ 128.901505][ T5475] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 128.911807][ T5476] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 128.921431][ T5476] REISERFS (device loop0): using ordered data mode [ 128.928441][ T5476] reiserfs: using flush barriers [ 128.936020][ T5476] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5477] ioctl(4, LOOP_SET_FD, 3 [pid 5482] <... openat resumed>) = 3 [pid 5478] <... openat resumed>) = 4 [pid 5477] <... ioctl resumed>) = 0 [pid 5475] <... chdir resumed>) = 0 [pid 5482] write(3, "1000", 4 [pid 5478] ioctl(4, LOOP_SET_FD, 3 [pid 5482] <... write resumed>) = 4 [pid 5475] ioctl(4, LOOP_CLR_FD [pid 5482] close(3 [pid 5475] <... ioctl resumed>) = 0 [pid 5482] <... close resumed>) = 0 [pid 5475] close(4 [pid 5482] symlink("/dev/binderfs", "./binderfs" [pid 5475] <... close resumed>) = 0 [pid 5482] <... symlink resumed>) = 0 [pid 5482] memfd_create("syzkaller", 0) = 3 [pid 5482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5478] <... ioctl resumed>) = 0 [pid 5477] close(3 [pid 5478] close(3 [pid 5477] <... close resumed>) = 0 [pid 5478] <... close resumed>) = 0 [pid 5477] mkdir("./file1", 0777 [pid 5478] mkdir("./file1", 0777 [pid 5477] <... mkdir resumed>) = 0 [pid 5478] <... mkdir resumed>) = 0 [pid 5477] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5475] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5478] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5475] <... openat resumed>) = 4 [ 128.954159][ T5477] loop1: detected capacity change from 0 to 8192 [ 128.954257][ T5476] REISERFS (device loop0): checking transaction log (loop0) [ 128.964328][ T5478] loop5: detected capacity change from 0 to 8192 [pid 5475] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5475] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5475] exit_group(0) = ? [pid 5475] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5475, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5092] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 128.999293][ T5477] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./30/binderfs") = 0 [ 129.037504][ T5478] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 129.040365][ T5477] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 129.060766][ T5477] REISERFS (device loop1): using ordered data mode [ 129.068009][ T5477] reiserfs: using flush barriers [ 129.076313][ T5477] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5092] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 129.104705][ T5477] REISERFS (device loop1): checking transaction log (loop1) [ 129.139848][ T5478] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 129.206880][ T5478] REISERFS (device loop5): using ordered data mode [ 129.229055][ T5478] reiserfs: using flush barriers [ 129.253046][ T5478] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 129.316279][ T5477] REISERFS (device loop1): Using r5 hash to sort names [ 129.327993][ T5478] REISERFS (device loop5): checking transaction log (loop5) [ 129.347109][ T5477] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5482] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] <... umount2 resumed>) = 0 [pid 5477] <... mount resumed>) = 0 [pid 5477] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5477] chdir("./file1") = 0 [pid 5477] ioctl(4, LOOP_CLR_FD) = 0 [pid 5477] close(4) = 0 [pid 5477] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5477] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5477] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5477] exit_group(0) = ? [pid 5477] +++ exited with 0 +++ [pid 5474] <... mount resumed>) = 0 [pid 5474] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5474] chdir("./file1") = 0 [pid 5474] ioctl(4, LOOP_CLR_FD) = 0 [pid 5474] close(4) = 0 [pid 5474] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5477, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5091] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5474] <... openat resumed>) = 4 [pid 5091] getdents64(3, [pid 5474] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./30/file1", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./30/binderfs" [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5091] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5474] ioctl(4, FS_IOC_GETVERSION [pid 5092] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5474] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5474] exit_group(0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5474] <... exit_group resumed>) = ? [pid 5092] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5474] +++ exited with 0 +++ [pid 5092] <... openat resumed>) = 4 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5474, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5092] fstat(4, [pid 5094] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] getdents64(4, [pid 5094] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... openat resumed>) = 3 [pid 5092] getdents64(4, [pid 5482] <... write resumed>) = 4194304 [pid 5094] fstat(3, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [ 129.362221][ T5474] REISERFS (device loop4): Using r5 hash to sort names [ 129.379347][ T5474] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 129.399813][ T5476] REISERFS (device loop0): Using r5 hash to sort names [pid 5482] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] close(4 [pid 5482] <... munmap resumed>) = 0 [pid 5094] getdents64(3, [pid 5092] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] rmdir("./30/file1" [pid 5482] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... rmdir resumed>) = 0 [pid 5482] <... openat resumed>) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] getdents64(3, [pid 5094] lstat("./32/binderfs", [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5482] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] close(3 [pid 5094] unlink("./32/binderfs" [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./30") = 0 [pid 5092] mkdir("./31", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5485 [pid 5094] <... unlink resumed>) = 0 [pid 5094] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5485 attached [pid 5485] chdir("./31") = 0 [pid 5485] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5485] setpgid(0, 0) = 0 [pid 5485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5485] write(3, "1000", 4) = 4 [pid 5485] close(3) = 0 [pid 5485] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5485] memfd_create("syzkaller", 0) = 3 [pid 5485] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./30/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 129.463580][ T5482] loop3: detected capacity change from 0 to 8192 [ 129.473069][ T5476] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5482] <... ioctl resumed>) = 0 [pid 5091] getdents64(4, [pid 5482] close(3 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5482] <... close resumed>) = 0 [pid 5091] close(4 [pid 5482] mkdir("./file1", 0777 [pid 5091] <... close resumed>) = 0 [pid 5091] rmdir("./30/file1" [pid 5482] <... mkdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5482] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./30") = 0 [pid 5091] mkdir("./31", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5476] <... mount resumed>) = 0 [pid 5476] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5476] chdir("./file1") = 0 [pid 5476] ioctl(4, LOOP_CLR_FD) = 0 [pid 5476] close(4) = 0 [pid 5476] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5476] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5476] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5476] exit_group(0) = ? [pid 5476] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5476, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5090] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5485] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./30/binderfs") = 0 [ 129.541734][ T5482] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 129.599728][ T5478] REISERFS (device loop5): Using r5 hash to sort names [ 129.611371][ T5482] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 129.621705][ T5482] REISERFS (device loop3): using ordered data mode [ 129.629239][ T5482] reiserfs: using flush barriers [ 129.635332][ T5478] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./32/file1", [pid 5090] <... umount2 resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] lstat("./30/file1", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5090] fstat(4, [pid 5094] getdents64(4, [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4 [pid 5090] getdents64(4, [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./32/file1" [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... rmdir resumed>) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./32") = 0 [pid 5091] <... openat resumed>) = 3 [pid 5090] getdents64(4, [pid 5094] mkdir("./33", 0777 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5094] <... mkdir resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5091] close(3 [pid 5094] <... openat resumed>) = 3 [pid 5091] <... close resumed>) = 0 [pid 5090] close(4 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... close resumed>) = 0 [pid 5094] close(3 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5487 [ 129.645145][ T5482] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5090] rmdir("./30/file1" [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... rmdir resumed>) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5488 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5487 attached [pid 5090] close(3 [pid 5487] chdir("./31" [pid 5090] <... close resumed>) = 0 [pid 5487] <... chdir resumed>) = 0 [pid 5090] rmdir("./30" [pid 5487] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5487] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5488 attached [pid 5090] <... rmdir resumed>) = 0 [pid 5487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5488] chdir("./33" [pid 5487] <... openat resumed>) = 3 [pid 5090] mkdir("./31", 0777 [pid 5488] <... chdir resumed>) = 0 [pid 5487] write(3, "1000", 4 [pid 5488] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5487] <... write resumed>) = 4 [pid 5488] <... prctl resumed>) = 0 [pid 5487] close(3 [pid 5488] setpgid(0, 0 [pid 5487] <... close resumed>) = 0 [pid 5488] <... setpgid resumed>) = 0 [pid 5487] symlink("/dev/binderfs", "./binderfs" [pid 5090] <... mkdir resumed>) = 0 [pid 5488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5487] <... symlink resumed>) = 0 [pid 5488] <... openat resumed>) = 3 [pid 5487] memfd_create("syzkaller", 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5488] write(3, "1000", 4 [pid 5487] <... memfd_create resumed>) = 3 [pid 5488] <... write resumed>) = 4 [pid 5487] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5488] close(3 [pid 5487] <... mmap resumed>) = 0x7f12a0a40000 [pid 5488] <... close resumed>) = 0 [pid 5478] <... mount resumed>) = 0 [pid 5488] symlink("/dev/binderfs", "./binderfs" [pid 5478] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5488] <... symlink resumed>) = 0 [pid 5478] <... openat resumed>) = 3 [pid 5488] memfd_create("syzkaller", 0 [pid 5478] chdir("./file1" [pid 5488] <... memfd_create resumed>) = 3 [pid 5488] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5478] <... chdir resumed>) = 0 [pid 5478] ioctl(4, LOOP_CLR_FD) = 0 [pid 5478] close(4) = 0 [pid 5478] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5478] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5478] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5478] exit_group(0) = ? [pid 5478] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5478, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5095] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] <... openat resumed>) = 3 [pid 5095] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 129.733879][ T5482] REISERFS (device loop3): checking transaction log (loop3) [pid 5095] lstat("./31/binderfs", [pid 5090] close(3 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./31/binderfs" [pid 5090] <... close resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5489 ./strace-static-x86_64: Process 5489 attached [pid 5489] chdir("./31") = 0 [pid 5489] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5489] setpgid(0, 0) = 0 [pid 5488] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5487] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5489] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5489] write(3, "1000", 4) = 4 [pid 5489] close(3) = 0 [pid 5485] <... write resumed>) = 4194304 [pid 5489] symlink("/dev/binderfs", "./binderfs" [pid 5485] munmap(0x7f12a0a40000, 4194304 [pid 5489] <... symlink resumed>) = 0 [pid 5485] <... munmap resumed>) = 0 [pid 5489] memfd_create("syzkaller", 0 [pid 5485] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5489] <... memfd_create resumed>) = 3 [pid 5485] <... openat resumed>) = 4 [pid 5489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5485] ioctl(4, LOOP_SET_FD, 3 [pid 5489] <... mmap resumed>) = 0x7f12a0a40000 [pid 5485] <... ioctl resumed>) = 0 [pid 5485] close(3) = 0 [pid 5485] mkdir("./file1", 0777) = 0 [ 129.875878][ T5485] loop2: detected capacity change from 0 to 8192 [pid 5485] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5488] <... write resumed>) = 4194304 [pid 5488] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5488] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 129.940620][ T5485] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5488] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5488] close(3 [pid 5095] <... umount2 resumed>) = 0 [pid 5488] <... close resumed>) = 0 [pid 5095] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5488] mkdir("./file1", 0777 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 129.993714][ T5488] loop4: detected capacity change from 0 to 8192 [ 130.002442][ T5485] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 130.012376][ T5485] REISERFS (device loop2): using ordered data mode [ 130.019506][ T5485] reiserfs: using flush barriers [pid 5488] <... mkdir resumed>) = 0 [ 130.027657][ T5485] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5095] lstat("./31/file1", [pid 5489] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5488] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5487] <... write resumed>) = 4194304 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./31/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./31") = 0 [pid 5095] mkdir("./32", 0777 [pid 5487] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5487] <... munmap resumed>) = 0 [ 130.067528][ T5485] REISERFS (device loop2): checking transaction log (loop2) [pid 5095] close(3 [pid 5487] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5487] <... openat resumed>) = 4 [pid 5487] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5492 [pid 5487] <... ioctl resumed>) = 0 [pid 5487] close(3./strace-static-x86_64: Process 5492 attached [pid 5492] chdir("./32") = 0 [pid 5492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5492] setpgid(0, 0 [pid 5487] <... close resumed>) = 0 [pid 5492] <... setpgid resumed>) = 0 [pid 5487] mkdir("./file1", 0777 [ 130.133751][ T5488] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 130.156733][ T5487] loop1: detected capacity change from 0 to 8192 [ 130.164140][ T5488] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 130.174634][ T5488] REISERFS (device loop4): using ordered data mode [pid 5492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5487] <... mkdir resumed>) = 0 [pid 5492] <... openat resumed>) = 3 [pid 5489] <... write resumed>) = 4194304 [ 130.216226][ T5482] REISERFS (device loop3): Using r5 hash to sort names [ 130.227347][ T5488] reiserfs: using flush barriers [ 130.228705][ T5487] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5487] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5492] write(3, "1000", 4 [pid 5489] munmap(0x7f12a0a40000, 4194304 [pid 5492] <... write resumed>) = 4 [pid 5492] close(3) = 0 [pid 5492] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5492] memfd_create("syzkaller", 0 [pid 5489] <... munmap resumed>) = 0 [pid 5492] <... memfd_create resumed>) = 3 [pid 5489] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5489] <... openat resumed>) = 4 [pid 5492] <... mmap resumed>) = 0x7f12a0a40000 [ 130.251099][ T5488] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 130.267718][ T5488] REISERFS (device loop4): checking transaction log (loop4) [pid 5489] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5489] close(3) = 0 [ 130.312165][ T5489] loop0: detected capacity change from 0 to 8192 [ 130.327483][ T5482] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 130.332906][ T5487] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 130.345885][ T5487] REISERFS (device loop1): using ordered data mode [ 130.352504][ T5487] reiserfs: using flush barriers [pid 5489] mkdir("./file1", 0777) = 0 [ 130.358965][ T5487] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 130.362867][ T5488] REISERFS (device loop4): Using r5 hash to sort names [ 130.375959][ T5487] REISERFS (device loop1): checking transaction log (loop1) [pid 5489] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5482] <... mount resumed>) = 0 [pid 5482] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5482] chdir("./file1") = 0 [ 130.404569][ T5489] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5482] ioctl(4, LOOP_CLR_FD) = 0 [pid 5482] close(4) = 0 [pid 5482] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5482] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5482] ioctl(4, FS_IOC_GETVERSION [pid 5492] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5482] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5482] exit_group(0) = ? [pid 5482] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5482, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5093] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 130.435633][ T5489] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 130.465068][ T5489] REISERFS (device loop0): using ordered data mode [pid 5093] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./31/binderfs") = 0 [pid 5093] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5488] <... mount resumed>) = 0 [pid 5488] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5488] chdir("./file1") = 0 [pid 5488] ioctl(4, LOOP_CLR_FD) = 0 [pid 5488] close(4) = 0 [pid 5488] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 130.482233][ T5488] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 130.492259][ T5489] reiserfs: using flush barriers [ 130.500435][ T5489] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 130.509243][ T5485] REISERFS (device loop2): Using r5 hash to sort names [ 130.521355][ T5489] REISERFS (device loop0): checking transaction log (loop0) [pid 5488] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5488] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5488] exit_group(0) = ? [pid 5488] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5488, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5094] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./33/binderfs", [pid 5093] <... umount2 resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./33/binderfs" [pid 5093] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... unlink resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] lstat("./31/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./31/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./31") = 0 [pid 5093] mkdir("./32", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5485] <... mount resumed>) = 0 [pid 5485] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5485] chdir("./file1") = 0 [pid 5485] ioctl(4, LOOP_CLR_FD) = 0 [ 130.607468][ T5485] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5485] close(4) = 0 [pid 5485] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5485] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5485] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5485] exit_group(0) = ? [pid 5485] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5485, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] close(3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5492] <... write resumed>) = 4194304 [pid 5093] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... openat resumed>) = 3 [pid 5092] fstat(3, [pid 5492] munmap(0x7f12a0a40000, 4194304 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5495 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5492] <... munmap resumed>) = 0 [pid 5092] getdents64(3, [pid 5492] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5495 attached [pid 5492] <... openat resumed>) = 4 [pid 5092] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5495] chdir("./32" [ 130.686899][ T5487] REISERFS (device loop1): Using r5 hash to sort names [ 130.703033][ T5487] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5492] ioctl(4, LOOP_SET_FD, 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5495] <... chdir resumed>) = 0 [pid 5487] <... mount resumed>) = 0 [pid 5092] lstat("./31/binderfs", [pid 5495] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5487] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5495] <... prctl resumed>) = 0 [pid 5487] <... openat resumed>) = 3 [pid 5092] unlink("./31/binderfs" [pid 5495] setpgid(0, 0 [pid 5487] chdir("./file1" [pid 5092] <... unlink resumed>) = 0 [pid 5495] <... setpgid resumed>) = 0 [pid 5487] <... chdir resumed>) = 0 [pid 5092] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5495] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5487] ioctl(4, LOOP_CLR_FD [pid 5495] <... openat resumed>) = 3 [pid 5495] write(3, "1000", 4 [pid 5487] <... ioctl resumed>) = 0 [pid 5495] <... write resumed>) = 4 [pid 5487] close(4 [pid 5495] close(3 [pid 5487] <... close resumed>) = 0 [pid 5495] <... close resumed>) = 0 [pid 5487] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5495] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5487] <... openat resumed>) = 4 [pid 5495] memfd_create("syzkaller", 0 [pid 5492] <... ioctl resumed>) = 0 [pid 5487] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5495] <... memfd_create resumed>) = 3 [pid 5492] close(3 [pid 5495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5492] <... close resumed>) = 0 [pid 5495] <... mmap resumed>) = 0x7f12a0a40000 [pid 5492] mkdir("./file1", 0777 [pid 5487] <... mmap resumed>) = 0x20000000 [pid 5492] <... mkdir resumed>) = 0 [pid 5487] ioctl(4, FS_IOC_GETVERSION [pid 5492] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5487] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5487] exit_group(0) = ? [pid 5487] +++ exited with 0 +++ [ 130.745945][ T5492] loop5: detected capacity change from 0 to 8192 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5487, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5091] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./31/binderfs") = 0 [pid 5091] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5495] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... umount2 resumed>) = 0 [ 130.829009][ T5492] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 130.861127][ T5489] REISERFS (device loop0): Using r5 hash to sort names [pid 5094] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./33/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./33/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5489] <... mount resumed>) = 0 [pid 5094] rmdir("./33") = 0 [pid 5489] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] mkdir("./34", 0777) = 0 [pid 5489] <... openat resumed>) = 3 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5489] chdir("./file1" [pid 5094] <... openat resumed>) = 3 [ 130.891404][ T5489] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 130.913098][ T5492] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5489] <... chdir resumed>) = 0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5489] ioctl(4, LOOP_CLR_FD [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5489] <... ioctl resumed>) = 0 [pid 5489] close(4) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5497 [pid 5489] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5489] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5489] ioctl(4, FS_IOC_GETVERSION./strace-static-x86_64: Process 5497 attached [pid 5497] chdir("./34") = 0 [pid 5489] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5497] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5497] setpgid(0, 0 [pid 5489] exit_group(0 [pid 5497] <... setpgid resumed>) = 0 [pid 5489] <... exit_group resumed>) = ? [pid 5497] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5497] write(3, "1000", 4 [pid 5489] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5489, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5497] <... write resumed>) = 4 [pid 5497] close(3) = 0 [pid 5497] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5497] memfd_create("syzkaller", 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5090] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5497] <... memfd_create resumed>) = 3 [pid 5497] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 130.962434][ T5492] REISERFS (device loop5): using ordered data mode [ 130.992328][ T5492] reiserfs: using flush barriers [pid 5092] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./31/file1", [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./31/binderfs", [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] unlink("./31/binderfs") = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./31/file1" [pid 5495] <... write resumed>) = 4194304 [pid 5092] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5495] munmap(0x7f12a0a40000, 4194304 [pid 5092] close(3 [pid 5495] <... munmap resumed>) = 0 [ 131.044285][ T5492] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5495] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] <... close resumed>) = 0 [pid 5495] <... openat resumed>) = 4 [pid 5495] ioctl(4, LOOP_SET_FD, 3 [pid 5092] rmdir("./31") = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5092] mkdir("./32", 0777) = 0 [pid 5091] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5495] <... ioctl resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5091] lstat("./31/file1", [pid 5495] close(3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5497] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5495] <... close resumed>) = 0 [pid 5495] mkdir("./file1", 0777 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5495] <... mkdir resumed>) = 0 [pid 5092] close(3 [pid 5091] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5495] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5499 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, ./strace-static-x86_64: Process 5499 attached 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5499] chdir("./32" [pid 5091] close(4 [pid 5499] <... chdir resumed>) = 0 [ 131.107079][ T5495] loop3: detected capacity change from 0 to 8192 [ 131.118387][ T5492] REISERFS (device loop5): checking transaction log (loop5) [pid 5091] <... close resumed>) = 0 [pid 5499] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5091] rmdir("./31/file1" [pid 5499] setpgid(0, 0) = 0 [pid 5499] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5499] write(3, "1000", 4) = 4 [pid 5499] close(3) = 0 [pid 5499] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5499] memfd_create("syzkaller", 0) = 3 [pid 5499] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... rmdir resumed>) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./31") = 0 [pid 5091] mkdir("./32", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5500 [ 131.168323][ T5495] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 ./strace-static-x86_64: Process 5500 attached [pid 5500] chdir("./32") = 0 [pid 5500] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5500] setpgid(0, 0 [pid 5499] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5500] <... setpgid resumed>) = 0 [pid 5090] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5500] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5500] write(3, "1000", 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5500] <... write resumed>) = 4 [pid 5090] lstat("./31/file1", [pid 5500] close(3) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5500] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5090] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5500] memfd_create("syzkaller", 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5500] <... memfd_create resumed>) = 3 [pid 5090] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 131.221176][ T5495] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 131.230572][ T5495] REISERFS (device loop3): using ordered data mode [ 131.237381][ T5495] reiserfs: using flush barriers [ 131.244564][ T5495] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5500] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... openat resumed>) = 4 [pid 5497] <... write resumed>) = 4194304 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5499] <... write resumed>) = 4194304 [pid 5090] getdents64(4, [pid 5499] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5499] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] getdents64(4, [pid 5499] <... openat resumed>) = 4 [pid 5497] munmap(0x7f12a0a40000, 4194304 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5499] ioctl(4, LOOP_SET_FD, 3 [pid 5497] <... munmap resumed>) = 0 [pid 5497] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] close(4 [pid 5497] <... openat resumed>) = 4 [pid 5497] ioctl(4, LOOP_SET_FD, 3 [pid 5499] <... ioctl resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5499] close(3 [pid 5090] rmdir("./31/file1" [pid 5499] <... close resumed>) = 0 [pid 5499] mkdir("./file1", 0777 [pid 5090] <... rmdir resumed>) = 0 [pid 5499] <... mkdir resumed>) = 0 [pid 5090] getdents64(3, [pid 5499] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3 [pid 5497] <... ioctl resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5497] close(3 [pid 5090] rmdir("./31" [pid 5497] <... close resumed>) = 0 [pid 5497] mkdir("./file1", 0777) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5497] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] mkdir("./32", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 131.334024][ T5495] REISERFS (device loop3): checking transaction log (loop3) [ 131.356933][ T5499] loop2: detected capacity change from 0 to 8192 [ 131.359708][ T5497] loop4: detected capacity change from 0 to 8192 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5500] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 131.407190][ T5499] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 131.421381][ T5497] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5503 [ 131.451200][ T5499] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 131.461746][ T5499] REISERFS (device loop2): using ordered data mode [ 131.468455][ T5499] reiserfs: using flush barriers [ 131.472703][ T5492] REISERFS (device loop5): Using r5 hash to sort names [ 131.478045][ T5497] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 131.491903][ T5499] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 ./strace-static-x86_64: Process 5503 attached [pid 5503] chdir("./32") = 0 [ 131.502461][ T5492] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 131.528595][ T5495] REISERFS (device loop3): Using r5 hash to sort names [ 131.537036][ T5497] REISERFS (device loop4): using ordered data mode [ 131.544404][ T5499] REISERFS (device loop2): checking transaction log (loop2) [pid 5503] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5503] setpgid(0, 0) = 0 [pid 5503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5503] write(3, "1000", 4) = 4 [pid 5503] close(3) = 0 [pid 5503] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5503] memfd_create("syzkaller", 0) = 3 [pid 5503] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5492] <... mount resumed>) = 0 [pid 5492] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5492] chdir("./file1") = 0 [pid 5492] ioctl(4, LOOP_CLR_FD) = 0 [ 131.547169][ T5495] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5492] close(4) = 0 [pid 5492] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5492] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5492] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5492] exit_group(0) = ? [pid 5495] <... mount resumed>) = 0 [pid 5492] +++ exited with 0 +++ [pid 5495] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5492, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=16 /* 0.16 s */} --- [pid 5495] <... openat resumed>) = 3 [pid 5495] chdir("./file1" [pid 5503] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5495] <... chdir resumed>) = 0 [ 131.604557][ T5497] reiserfs: using flush barriers [pid 5495] ioctl(4, LOOP_CLR_FD) = 0 [pid 5495] close(4 [pid 5095] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5495] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./32/binderfs", [pid 5495] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5495] <... openat resumed>) = 4 [pid 5095] unlink("./32/binderfs" [pid 5495] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5495] <... mmap resumed>) = 0x20000000 [pid 5495] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5495] exit_group(0) = ? [pid 5500] <... write resumed>) = 4194304 [pid 5495] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5495, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5500] munmap(0x7f12a0a40000, 4194304 [pid 5093] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 131.653498][ T5497] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] fstat(3, [pid 5500] <... munmap resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5500] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5500] <... openat resumed>) = 4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5500] ioctl(4, LOOP_SET_FD, 3 [pid 5093] lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./32/binderfs") = 0 [pid 5093] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5500] <... ioctl resumed>) = 0 [pid 5500] close(3) = 0 [pid 5500] mkdir("./file1", 0777) = 0 [ 131.735365][ T5500] loop1: detected capacity change from 0 to 8192 [ 131.748092][ T5497] REISERFS (device loop4): checking transaction log (loop4) [pid 5500] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5503] <... write resumed>) = 4194304 [pid 5499] <... mount resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [ 131.781106][ T5499] REISERFS (device loop2): Using r5 hash to sort names [ 131.788775][ T5499] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 131.799589][ T5500] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5503] munmap(0x7f12a0a40000, 4194304 [pid 5499] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5503] <... munmap resumed>) = 0 [pid 5499] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5503] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5499] chdir("./file1" [pid 5095] lstat("./32/file1", [pid 5503] <... openat resumed>) = 4 [pid 5499] <... chdir resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5503] ioctl(4, LOOP_SET_FD, 3 [pid 5499] ioctl(4, LOOP_CLR_FD [pid 5095] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5503] <... ioctl resumed>) = 0 [pid 5499] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5503] close(3 [pid 5499] close(4 [pid 5095] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5503] <... close resumed>) = 0 [pid 5499] <... close resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5503] mkdir("./file1", 0777 [ 131.828376][ T5500] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 131.838376][ T5500] REISERFS (device loop1): using ordered data mode [ 131.846726][ T5500] reiserfs: using flush barriers [ 131.854723][ T5500] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 131.874372][ T5503] loop0: detected capacity change from 0 to 8192 [pid 5499] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] fstat(4, [pid 5503] <... mkdir resumed>) = 0 [pid 5499] <... openat resumed>) = 4 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5503] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5499] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] getdents64(4, [pid 5499] <... mmap resumed>) = 0x20000000 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5499] ioctl(4, FS_IOC_GETVERSION [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5499] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] close(4 [pid 5499] exit_group(0 [pid 5095] <... close resumed>) = 0 [pid 5499] <... exit_group resumed>) = ? [pid 5095] rmdir("./32/file1" [pid 5499] +++ exited with 0 +++ [pid 5095] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5499, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5095] close(3 [pid 5092] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] <... close resumed>) = 0 [ 131.926956][ T5500] REISERFS (device loop1): checking transaction log (loop1) [ 131.950955][ T5503] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 131.964998][ T5497] REISERFS (device loop4): Using r5 hash to sort names [pid 5092] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] rmdir("./32" [pid 5092] <... openat resumed>) = 3 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] fstat(3, [pid 5095] mkdir("./33", 0777 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] <... openat resumed>) = 3 [pid 5092] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] lstat("./32/binderfs", [pid 5095] close(3 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] <... close resumed>) = 0 [pid 5092] unlink("./32/binderfs" [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5506 attached [ 131.978621][ T5497] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 131.982453][ T5503] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5092] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5506 [pid 5506] chdir("./33") = 0 [pid 5506] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5497] <... mount resumed>) = 0 [pid 5497] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5497] chdir("./file1") = 0 [pid 5497] ioctl(4, LOOP_CLR_FD) = 0 [pid 5497] close(4) = 0 [pid 5497] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5506] <... prctl resumed>) = 0 [pid 5497] <... openat resumed>) = 4 [pid 5497] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5506] setpgid(0, 0 [pid 5497] <... mmap resumed>) = 0x20000000 [pid 5497] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5506] <... setpgid resumed>) = 0 [pid 5497] exit_group(0 [pid 5506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5497] <... exit_group resumed>) = ? [pid 5506] <... openat resumed>) = 3 [pid 5497] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5497, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5506] write(3, "1000", 4) = 4 [pid 5506] close(3) = 0 [pid 5506] symlink("/dev/binderfs", "./binderfs" [pid 5094] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 132.047135][ T5503] REISERFS (device loop0): using ordered data mode [ 132.074449][ T5503] reiserfs: using flush barriers [pid 5094] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5506] <... symlink resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./34/binderfs") = 0 [pid 5094] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./32/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5506] memfd_create("syzkaller", 0) = 3 [pid 5506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./32/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./32") = 0 [pid 5093] mkdir("./33", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 132.097722][ T5503] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5507 ./strace-static-x86_64: Process 5507 attached [pid 5507] chdir("./33") = 0 [pid 5507] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5507] setpgid(0, 0) = 0 [pid 5507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5507] write(3, "1000", 4) = 4 [pid 5507] close(3) = 0 [pid 5507] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5507] memfd_create("syzkaller", 0) = 3 [pid 5507] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 132.180001][ T5500] REISERFS (device loop1): Using r5 hash to sort names [ 132.208322][ T5503] REISERFS (device loop0): checking transaction log (loop0) [ 132.210422][ T5500] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5506] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5500] <... mount resumed>) = 0 [pid 5500] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5500] chdir("./file1") = 0 [pid 5500] ioctl(4, LOOP_CLR_FD) = 0 [pid 5500] close(4) = 0 [pid 5500] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5500] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5500] ioctl(4, FS_IOC_GETVERSION [pid 5507] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5500] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5500] exit_group(0) = ? [pid 5500] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5500, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5091] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = 0 [pid 5091] lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./32/binderfs") = 0 [pid 5091] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] lstat("./34/file1", [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] lstat("./32/file1", [pid 5094] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 4 [pid 5094] fstat(4, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, [pid 5092] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5094] close(4) = 0 [pid 5092] fstat(4, [pid 5094] rmdir("./34/file1") = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, [pid 5092] getdents64(4, [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, [pid 5094] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] rmdir("./34" [pid 5092] close(4 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5094] mkdir("./35", 0777 [pid 5092] rmdir("./32/file1") = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5506] <... write resumed>) = 4194304 [pid 5092] close(3 [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./32" [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./33", 0777 [pid 5094] <... close resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5506] munmap(0x7f12a0a40000, 4194304 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5506] <... munmap resumed>) = 0 [pid 5506] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] <... openat resumed>) = 3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5508 [pid 5506] <... openat resumed>) = 4 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5506] ioctl(4, LOOP_SET_FD, 3 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5508 attached [pid 5506] <... ioctl resumed>) = 0 [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5506] close(3 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5509 [pid 5508] chdir("./35") = 0 [pid 5506] <... close resumed>) = 0 [pid 5508] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5506] mkdir("./file1", 0777./strace-static-x86_64: Process 5509 attached [pid 5508] <... prctl resumed>) = 0 [pid 5506] <... mkdir resumed>) = 0 [ 132.476677][ T5506] loop5: detected capacity change from 0 to 8192 [pid 5509] chdir("./33" [pid 5508] setpgid(0, 0 [pid 5506] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5509] <... chdir resumed>) = 0 [pid 5508] <... setpgid resumed>) = 0 [pid 5509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5509] setpgid(0, 0 [pid 5508] <... openat resumed>) = 3 [pid 5509] <... setpgid resumed>) = 0 [pid 5508] write(3, "1000", 4 [pid 5509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5508] <... write resumed>) = 4 [pid 5509] <... openat resumed>) = 3 [pid 5508] close(3 [pid 5507] <... write resumed>) = 4194304 [pid 5507] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5507] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 132.519428][ T5503] REISERFS (device loop0): Using r5 hash to sort names [ 132.534139][ T5503] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 132.544498][ T5506] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 132.550158][ T5507] loop3: detected capacity change from 0 to 8192 [pid 5507] ioctl(4, LOOP_SET_FD, 3 [pid 5509] write(3, "1000", 4 [pid 5508] <... close resumed>) = 0 [pid 5509] <... write resumed>) = 4 [pid 5508] symlink("/dev/binderfs", "./binderfs" [pid 5507] <... ioctl resumed>) = 0 [pid 5503] <... mount resumed>) = 0 [pid 5509] close(3 [pid 5508] <... symlink resumed>) = 0 [pid 5503] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5509] <... close resumed>) = 0 [pid 5509] symlink("/dev/binderfs", "./binderfs" [pid 5503] <... openat resumed>) = 3 [pid 5508] memfd_create("syzkaller", 0 [pid 5507] close(3 [pid 5509] <... symlink resumed>) = 0 [pid 5508] <... memfd_create resumed>) = 3 [pid 5507] <... close resumed>) = 0 [pid 5503] chdir("./file1" [pid 5509] memfd_create("syzkaller", 0 [pid 5508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5507] mkdir("./file1", 0777 [pid 5503] <... chdir resumed>) = 0 [pid 5509] <... memfd_create resumed>) = 3 [pid 5508] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] <... umount2 resumed>) = 0 [pid 5507] <... mkdir resumed>) = 0 [pid 5503] ioctl(4, LOOP_CLR_FD [pid 5091] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./32/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./32/file1") = 0 [pid 5509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5507] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5503] <... ioctl resumed>) = 0 [pid 5509] <... mmap resumed>) = 0x7f12a0a40000 [ 132.560209][ T5506] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 132.575419][ T5506] REISERFS (device loop5): using ordered data mode [ 132.584929][ T5506] reiserfs: using flush barriers [ 132.602077][ T5506] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5503] close(4) = 0 [pid 5091] getdents64(3, [pid 5503] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5503] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5091] close(3 [pid 5509] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5503] ioctl(4, FS_IOC_GETVERSION [pid 5091] <... close resumed>) = 0 [pid 5503] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5503] exit_group(0) = ? [pid 5091] rmdir("./32" [pid 5503] +++ exited with 0 +++ [pid 5091] <... rmdir resumed>) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5503, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5091] mkdir("./33", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [ 132.619883][ T5506] REISERFS (device loop5): checking transaction log (loop5) [ 132.642826][ T5507] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5508] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5512 [pid 5090] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [ 132.715892][ T5507] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 132.726114][ T5507] REISERFS (device loop3): using ordered data mode [ 132.734872][ T5507] reiserfs: using flush barriers [pid 5090] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5512 attached [pid 5090] lstat("./32/binderfs", [pid 5512] chdir("./33") = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5512] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] unlink("./32/binderfs" [pid 5512] setpgid(0, 0) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5512] write(3, "1000", 4) = 4 [pid 5512] close(3) = 0 [pid 5512] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5512] memfd_create("syzkaller", 0) = 3 [pid 5512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 132.750396][ T5507] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 132.751256][ T5506] REISERFS (device loop5): Using r5 hash to sort names [ 132.767286][ T5507] REISERFS (device loop3): checking transaction log (loop3) [pid 5512] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5506] <... mount resumed>) = 0 [pid 5506] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5506] chdir("./file1") = 0 [pid 5506] ioctl(4, LOOP_CLR_FD) = 0 [pid 5506] close(4) = 0 [pid 5506] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5506] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5506] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5506] exit_group(0) = ? [pid 5506] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5506, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [ 132.877513][ T5506] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5509] <... write resumed>) = 4194304 [pid 5095] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./33/binderfs", [pid 5508] <... write resumed>) = 4194304 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./33/binderfs" [pid 5508] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5508] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5508] ioctl(4, LOOP_SET_FD, 3 [pid 5512] <... write resumed>) = 4194304 [pid 5509] munmap(0x7f12a0a40000, 4194304 [pid 5512] munmap(0x7f12a0a40000, 4194304 [pid 5509] <... munmap resumed>) = 0 [pid 5509] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5509] ioctl(4, LOOP_SET_FD, 3 [pid 5508] <... ioctl resumed>) = 0 [pid 5508] close(3) = 0 [pid 5508] mkdir("./file1", 0777 [pid 5512] <... munmap resumed>) = 0 [pid 5512] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5512] ioctl(4, LOOP_SET_FD, 3 [pid 5508] <... mkdir resumed>) = 0 [pid 5508] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5512] <... ioctl resumed>) = 0 [ 132.981934][ T5508] loop4: detected capacity change from 0 to 8192 [ 133.000416][ T5509] loop2: detected capacity change from 0 to 8192 [ 133.013383][ T5512] loop1: detected capacity change from 0 to 8192 [pid 5512] close(3) = 0 [pid 5512] mkdir("./file1", 0777 [pid 5509] <... ioctl resumed>) = 0 [pid 5509] close(3) = 0 [pid 5509] mkdir("./file1", 0777 [pid 5512] <... mkdir resumed>) = 0 [pid 5509] <... mkdir resumed>) = 0 [pid 5512] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 133.025910][ T5508] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 133.054692][ T5508] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 133.067803][ T5508] REISERFS (device loop4): using ordered data mode [ 133.069466][ T5509] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 133.075765][ T5508] reiserfs: using flush barriers [ 133.093921][ T5512] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 133.107686][ T5512] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5509] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./32/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./32/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [ 133.119036][ T5508] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 133.135374][ T5512] REISERFS (device loop1): using ordered data mode [ 133.143842][ T5512] reiserfs: using flush barriers [ 133.154694][ T5512] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 133.174954][ T5512] REISERFS (device loop1): checking transaction log (loop1) [pid 5090] rmdir("./32") = 0 [pid 5090] mkdir("./33", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5516 ./strace-static-x86_64: Process 5516 attached [pid 5516] chdir("./33") = 0 [pid 5516] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5516] setpgid(0, 0) = 0 [ 133.216702][ T5509] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 133.226973][ T5507] REISERFS (device loop3): Using r5 hash to sort names [ 133.234790][ T5508] REISERFS (device loop4): checking transaction log (loop4) [pid 5516] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5516] write(3, "1000", 4) = 4 [pid 5516] close(3) = 0 [pid 5516] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5516] memfd_create("syzkaller", 0) = 3 [pid 5516] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./33/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, [pid 5507] <... mount resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, [pid 5507] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5507] <... openat resumed>) = 3 [pid 5095] close(4 [pid 5507] chdir("./file1" [pid 5095] <... close resumed>) = 0 [pid 5507] <... chdir resumed>) = 0 [pid 5095] rmdir("./33/file1" [pid 5507] ioctl(4, LOOP_CLR_FD [pid 5095] <... rmdir resumed>) = 0 [pid 5507] <... ioctl resumed>) = 0 [pid 5095] getdents64(3, [pid 5507] close(4 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5507] <... close resumed>) = 0 [pid 5095] close(3 [pid 5507] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] <... close resumed>) = 0 [pid 5507] <... openat resumed>) = 4 [pid 5095] rmdir("./33" [pid 5507] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5507] <... mmap resumed>) = 0x20000000 [pid 5095] mkdir("./34", 0777 [ 133.275005][ T5507] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 133.293945][ T5509] REISERFS (device loop2): using ordered data mode [ 133.300601][ T5509] reiserfs: using flush barriers [pid 5507] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... mkdir resumed>) = 0 [pid 5507] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5507] exit_group(0 [pid 5095] <... openat resumed>) = 3 [pid 5507] <... exit_group resumed>) = ? [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5507] +++ exited with 0 +++ [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5507, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5517 [pid 5093] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 5517 attached [pid 5093] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5517] chdir("./34" [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5517] <... chdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5517] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] <... openat resumed>) = 3 [pid 5517] <... prctl resumed>) = 0 [pid 5093] fstat(3, [pid 5517] setpgid(0, 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5517] <... setpgid resumed>) = 0 [pid 5093] getdents64(3, [pid 5517] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5517] write(3, "1000", 4 [pid 5093] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5517] <... write resumed>) = 4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5517] close(3 [pid 5093] lstat("./33/binderfs", [pid 5517] <... close resumed>) = 0 [pid 5517] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5517] <... symlink resumed>) = 0 [pid 5517] memfd_create("syzkaller", 0 [pid 5093] unlink("./33/binderfs" [pid 5517] <... memfd_create resumed>) = 3 [pid 5093] <... unlink resumed>) = 0 [pid 5517] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 133.347151][ T5509] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5517] <... mmap resumed>) = 0x7f12a0a40000 [pid 5516] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5517] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5512] <... mount resumed>) = 0 [ 133.441425][ T5509] REISERFS (device loop2): checking transaction log (loop2) [ 133.449932][ T5512] REISERFS (device loop1): Using r5 hash to sort names [ 133.478834][ T5512] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5512] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5512] chdir("./file1") = 0 [pid 5512] ioctl(4, LOOP_CLR_FD) = 0 [pid 5512] close(4) = 0 [pid 5512] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5512] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5512] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5512] exit_group(0) = ? [pid 5512] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5512, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, [pid 5516] <... write resumed>) = 4194304 [pid 5508] <... mount resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5516] munmap(0x7f12a0a40000, 4194304 [pid 5508] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5516] <... munmap resumed>) = 0 [pid 5508] <... openat resumed>) = 3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5516] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5508] chdir("./file1" [pid 5516] <... openat resumed>) = 4 [pid 5508] <... chdir resumed>) = 0 [pid 5091] lstat("./33/binderfs", [pid 5516] ioctl(4, LOOP_SET_FD, 3 [pid 5508] ioctl(4, LOOP_CLR_FD [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 133.565261][ T5508] REISERFS (device loop4): Using r5 hash to sort names [ 133.601601][ T5508] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5516] <... ioctl resumed>) = 0 [pid 5508] <... ioctl resumed>) = 0 [pid 5091] unlink("./33/binderfs") = 0 [pid 5508] close(4 [pid 5091] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5508] <... close resumed>) = 0 [pid 5508] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5508] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5508] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5516] close(3) = 0 [pid 5508] exit_group(0 [pid 5516] mkdir("./file1", 0777) = 0 [pid 5508] <... exit_group resumed>) = ? [pid 5516] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5508] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5508, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 133.641729][ T5516] loop0: detected capacity change from 0 to 8192 [pid 5094] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] <... umount2 resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5517] <... write resumed>) = 4194304 [pid 5094] <... openat resumed>) = 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5517] munmap(0x7f12a0a40000, 4194304 [pid 5094] fstat(3, [pid 5517] <... munmap resumed>) = 0 [pid 5093] lstat("./33/file1", [pid 5517] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5517] <... openat resumed>) = 4 [pid 5094] getdents64(3, [pid 5093] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5517] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5517] <... ioctl resumed>) = 0 [pid 5094] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... openat resumed>) = 4 [pid 5094] lstat("./35/binderfs", [pid 5093] fstat(4, [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] unlink("./35/binderfs" [ 133.713531][ T5516] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 133.742117][ T5517] loop5: detected capacity change from 0 to 8192 [pid 5093] getdents64(4, [pid 5517] close(3 [pid 5094] <... unlink resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5517] <... close resumed>) = 0 [pid 5517] mkdir("./file1", 0777 [pid 5094] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] getdents64(4, [pid 5517] <... mkdir resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5517] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] close(4) = 0 [pid 5093] rmdir("./33/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [ 133.763252][ T5516] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 133.773961][ T5516] REISERFS (device loop0): using ordered data mode [ 133.787974][ T5516] reiserfs: using flush barriers [ 133.796782][ T5516] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] rmdir("./33") = 0 [pid 5093] mkdir("./34", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [ 133.814224][ T5516] REISERFS (device loop0): checking transaction log (loop0) [ 133.840576][ T5517] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5520 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5520 attached [pid 5091] lstat("./33/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5520] chdir("./34" [pid 5091] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5520] <... chdir resumed>) = 0 [pid 5520] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... openat resumed>) = 4 [pid 5520] <... prctl resumed>) = 0 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5520] setpgid(0, 0 [pid 5091] getdents64(4, [pid 5520] <... setpgid resumed>) = 0 [pid 5520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5520] <... openat resumed>) = 3 [pid 5520] write(3, "1000", 4) = 4 [pid 5091] close(4) = 0 [pid 5520] close(3) = 0 [pid 5520] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5091] rmdir("./33/file1" [pid 5520] memfd_create("syzkaller", 0) = 3 [pid 5091] <... rmdir resumed>) = 0 [pid 5520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./33" [pid 5509] <... mount resumed>) = 0 [pid 5509] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] <... rmdir resumed>) = 0 [pid 5091] mkdir("./34", 0777 [pid 5509] <... openat resumed>) = 3 [pid 5509] chdir("./file1") = 0 [pid 5509] ioctl(4, LOOP_CLR_FD) = 0 [pid 5509] close(4 [pid 5091] <... mkdir resumed>) = 0 [pid 5509] <... close resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5509] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] <... openat resumed>) = 3 [pid 5509] <... openat resumed>) = 4 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5509] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] close(3 [pid 5509] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5091] <... close resumed>) = 0 [pid 5509] exit_group(0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5509] <... exit_group resumed>) = ? [pid 5509] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5509, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [ 133.870460][ T5509] REISERFS (device loop2): Using r5 hash to sort names [ 133.879027][ T5509] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5521 [pid 5092] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5521 attached ) = 3 [pid 5092] fstat(3, [pid 5521] chdir("./34" [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5521] <... chdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./33/binderfs", [pid 5521] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./33/binderfs" [pid 5521] <... prctl resumed>) = 0 [pid 5521] setpgid(0, 0) = 0 [pid 5521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... unlink resumed>) = 0 [pid 5521] <... openat resumed>) = 3 [pid 5092] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5521] write(3, "1000", 4) = 4 [pid 5521] close(3) = 0 [pid 5521] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5521] memfd_create("syzkaller", 0) = 3 [pid 5521] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 133.932091][ T5517] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 133.999510][ T5517] REISERFS (device loop5): using ordered data mode [pid 5520] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 134.044564][ T5517] reiserfs: using flush barriers [ 134.082738][ T5517] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5521] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5520] <... write resumed>) = 4194304 [pid 5520] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5520] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5520] ioctl(4, LOOP_SET_FD, 3) = 0 [ 134.125897][ T5516] REISERFS (device loop0): Using r5 hash to sort names [ 134.140398][ T5516] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 134.162498][ T5520] loop3: detected capacity change from 0 to 8192 [pid 5520] close(3) = 0 [pid 5520] mkdir("./file1", 0777) = 0 [pid 5520] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5516] <... mount resumed>) = 0 [pid 5516] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5516] chdir("./file1") = 0 [pid 5516] ioctl(4, LOOP_CLR_FD) = 0 [ 134.170010][ T5517] REISERFS (device loop5): checking transaction log (loop5) [pid 5516] close(4 [pid 5521] <... write resumed>) = 4194304 [pid 5516] <... close resumed>) = 0 [pid 5516] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5516] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5521] munmap(0x7f12a0a40000, 4194304 [pid 5516] <... mmap resumed>) = 0x20000000 [pid 5521] <... munmap resumed>) = 0 [pid 5516] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5516] exit_group(0 [pid 5521] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5516] <... exit_group resumed>) = ? [pid 5521] <... openat resumed>) = 4 [pid 5521] ioctl(4, LOOP_SET_FD, 3 [pid 5516] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5516, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 134.208387][ T5520] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 134.247023][ T5521] loop1: detected capacity change from 0 to 8192 [pid 5090] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./33/binderfs") = 0 [pid 5090] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5521] <... ioctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5521] close(3) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5521] mkdir("./file1", 0777 [pid 5092] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5521] <... mkdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5521] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 134.261130][ T5520] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 134.271571][ T5520] REISERFS (device loop3): using ordered data mode [ 134.278234][ T5520] reiserfs: using flush barriers [ 134.288173][ T5520] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5092] lstat("./33/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] lstat("./35/file1", [pid 5092] <... openat resumed>) = 4 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] fstat(4, [pid 5094] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] getdents64(4, [pid 5094] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... openat resumed>) = 4 [pid 5092] getdents64(4, [pid 5094] fstat(4, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] close(4 [pid 5094] getdents64(4, [pid 5092] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] rmdir("./33/file1" [pid 5094] getdents64(4, [pid 5092] <... rmdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] getdents64(3, [pid 5094] close(4 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] close(3 [pid 5094] rmdir("./35/file1" [pid 5092] <... close resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [ 134.330717][ T5520] REISERFS (device loop3): checking transaction log (loop3) [ 134.342640][ T5521] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5092] rmdir("./33" [pid 5094] getdents64(3, [pid 5092] <... rmdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] mkdir("./34", 0777 [pid 5094] close(3 [pid 5092] <... mkdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] rmdir("./35" [pid 5092] <... openat resumed>) = 3 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5094] mkdir("./36", 0777 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] <... mkdir resumed>) = 0 [ 134.394429][ T5521] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 134.405228][ T5517] REISERFS (device loop5): Using r5 hash to sort names [ 134.414342][ T5517] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 134.426472][ T5521] REISERFS (device loop1): using ordered data mode [ 134.434032][ T5521] reiserfs: using flush barriers [pid 5092] close(3 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... close resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5090] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5524 attached [pid 5517] <... mount resumed>) = 0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5524 [pid 5090] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5524] chdir("./34" [pid 5517] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] close(3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5524] <... chdir resumed>) = 0 [pid 5517] <... openat resumed>) = 3 [pid 5094] <... close resumed>) = 0 [pid 5090] lstat("./33/file1", [pid 5524] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5517] chdir("./file1" [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5524] <... prctl resumed>) = 0 [pid 5517] <... chdir resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5525 attached [pid 5524] setpgid(0, 0 [pid 5517] ioctl(4, LOOP_CLR_FD [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5525 [pid 5090] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5525] chdir("./36" [pid 5524] <... setpgid resumed>) = 0 [pid 5517] <... ioctl resumed>) = 0 [pid 5525] <... chdir resumed>) = 0 [pid 5524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 134.454629][ T5521] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5517] close(4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5525] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5524] <... openat resumed>) = 3 [pid 5517] <... close resumed>) = 0 [pid 5517] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5517] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5525] <... prctl resumed>) = 0 [pid 5524] write(3, "1000", 4 [pid 5517] <... mmap resumed>) = 0x20000000 [pid 5090] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5525] setpgid(0, 0 [pid 5524] <... write resumed>) = 4 [pid 5517] ioctl(4, FS_IOC_GETVERSION [pid 5525] <... setpgid resumed>) = 0 [pid 5524] close(3 [pid 5517] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] <... openat resumed>) = 4 [pid 5525] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5524] <... close resumed>) = 0 [pid 5517] exit_group(0 [pid 5090] fstat(4, [pid 5525] <... openat resumed>) = 3 [pid 5524] symlink("/dev/binderfs", "./binderfs" [pid 5517] <... exit_group resumed>) = ? [pid 5525] write(3, "1000", 4 [pid 5524] <... symlink resumed>) = 0 [pid 5517] +++ exited with 0 +++ [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5525] <... write resumed>) = 4 [pid 5524] memfd_create("syzkaller", 0 [pid 5090] getdents64(4, [pid 5525] close(3 [pid 5524] <... memfd_create resumed>) = 3 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5517, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [ 134.512000][ T5521] REISERFS (device loop1): checking transaction log (loop1) [ 134.543330][ T5520] REISERFS (device loop3): Using r5 hash to sort names [pid 5525] <... close resumed>) = 0 [pid 5524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5525] symlink("/dev/binderfs", "./binderfs" [pid 5524] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] getdents64(4, [pid 5525] <... symlink resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5525] memfd_create("syzkaller", 0 [pid 5095] <... openat resumed>) = 3 [pid 5090] close(4 [pid 5525] <... memfd_create resumed>) = 3 [pid 5095] fstat(3, [pid 5525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... close resumed>) = 0 [pid 5525] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] getdents64(3, [pid 5090] rmdir("./33/file1" [pid 5520] <... mount resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... rmdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] getdents64(3, [pid 5095] lstat("./34/binderfs", [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] close(3 [pid 5095] unlink("./34/binderfs") = 0 [pid 5090] <... close resumed>) = 0 [pid 5095] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] rmdir("./33") = 0 [pid 5090] mkdir("./34", 0777) = 0 [ 134.574703][ T5520] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5520] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5520] <... openat resumed>) = 3 [pid 5520] chdir("./file1" [pid 5090] <... openat resumed>) = 3 [pid 5520] <... chdir resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5520] ioctl(4, LOOP_CLR_FD) = 0 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5520] close(4 [pid 5090] close(3 [pid 5520] <... close resumed>) = 0 [pid 5520] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5520] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5520] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5520] exit_group(0) = ? [pid 5520] +++ exited with 0 +++ [pid 5090] <... close resumed>) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5520, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... restart_syscall resumed>) = 0 [pid 5093] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5526 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, ./strace-static-x86_64: Process 5526 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5526] chdir("./34" [pid 5093] getdents64(3, [pid 5526] <... chdir resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5526] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5526] <... prctl resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 134.655049][ T5521] REISERFS (device loop1): Using r5 hash to sort names [pid 5526] setpgid(0, 0 [pid 5093] lstat("./34/binderfs", [pid 5526] <... setpgid resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] unlink("./34/binderfs" [pid 5526] <... openat resumed>) = 3 [pid 5093] <... unlink resumed>) = 0 [pid 5526] write(3, "1000", 4 [pid 5093] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5526] <... write resumed>) = 4 [pid 5524] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5526] close(3) = 0 [pid 5526] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5525] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5526] memfd_create("syzkaller", 0) = 3 [pid 5526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5521] <... mount resumed>) = 0 [ 134.697398][ T5521] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5521] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5521] chdir("./file1") = 0 [pid 5521] ioctl(4, LOOP_CLR_FD) = 0 [pid 5521] close(4) = 0 [pid 5521] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5521] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5521] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5521] exit_group(0) = ? [pid 5521] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5521, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5091] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./34/binderfs") = 0 [pid 5091] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5526] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5525] <... write resumed>) = 4194304 [pid 5524] <... write resumed>) = 4194304 [pid 5525] munmap(0x7f12a0a40000, 4194304 [pid 5524] munmap(0x7f12a0a40000, 4194304 [pid 5525] <... munmap resumed>) = 0 [pid 5524] <... munmap resumed>) = 0 [pid 5525] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5524] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5525] <... openat resumed>) = 4 [pid 5525] ioctl(4, LOOP_SET_FD, 3 [pid 5524] <... openat resumed>) = 4 [pid 5524] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5525] <... ioctl resumed>) = 0 [pid 5524] close(3 [pid 5525] close(3 [pid 5524] <... close resumed>) = 0 [pid 5525] <... close resumed>) = 0 [pid 5524] mkdir("./file1", 0777 [pid 5525] mkdir("./file1", 0777) = 0 [pid 5524] <... mkdir resumed>) = 0 [pid 5525] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5524] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./34/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5095] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [ 134.921404][ T5525] loop4: detected capacity change from 0 to 8192 [ 134.931713][ T5524] loop2: detected capacity change from 0 to 8192 [ 134.951144][ T5525] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./34/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./34") = 0 [pid 5095] mkdir("./35", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5529 [pid 5093] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./34/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5529 attached [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./34/file1") = 0 [pid 5093] getdents64(3, [pid 5529] chdir("./35" [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./34" [pid 5529] <... chdir resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] mkdir("./35", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5529] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5529] <... prctl resumed>) = 0 [pid 5526] <... write resumed>) = 4194304 [pid 5093] <... close resumed>) = 0 [pid 5529] setpgid(0, 0 [pid 5526] munmap(0x7f12a0a40000, 4194304 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5529] <... setpgid resumed>) = 0 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5530 [pid 5529] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5529] write(3, "1000", 4 [pid 5526] <... munmap resumed>) = 0 [pid 5529] <... write resumed>) = 4 [pid 5529] close(3 [pid 5526] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5529] <... close resumed>) = 0 [pid 5529] symlink("/dev/binderfs", "./binderfs" [pid 5526] <... openat resumed>) = 4 [ 134.975269][ T5524] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 134.997034][ T5525] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal ./strace-static-x86_64: Process 5530 attached [pid 5530] chdir("./35") = 0 [pid 5530] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5530] setpgid(0, 0) = 0 [pid 5530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5530] write(3, "1000", 4) = 4 [pid 5530] close(3) = 0 [pid 5530] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5529] <... symlink resumed>) = 0 [pid 5526] ioctl(4, LOOP_SET_FD, 3 [pid 5530] memfd_create("syzkaller", 0 [pid 5529] memfd_create("syzkaller", 0 [pid 5530] <... memfd_create resumed>) = 3 [pid 5530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5529] <... memfd_create resumed>) = 3 [pid 5529] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5526] <... ioctl resumed>) = 0 [pid 5526] close(3) = 0 [pid 5526] mkdir("./file1", 0777) = 0 [ 135.045213][ T5524] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 135.057947][ T5526] loop0: detected capacity change from 0 to 8192 [ 135.081413][ T5525] REISERFS (device loop4): using ordered data mode [ 135.087996][ T5525] reiserfs: using flush barriers [pid 5526] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5530] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 135.107374][ T5524] REISERFS (device loop2): using ordered data mode [ 135.114874][ T5525] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 135.128053][ T5526] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 135.150001][ T5524] reiserfs: using flush barriers [pid 5091] lstat("./34/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5529] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 135.158065][ T5524] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 135.175626][ T5524] REISERFS (device loop2): checking transaction log (loop2) [ 135.185844][ T5526] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./34/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./34") = 0 [pid 5091] mkdir("./35", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [ 135.213639][ T5525] REISERFS (device loop4): checking transaction log (loop4) [ 135.223399][ T5526] REISERFS (device loop0): using ordered data mode [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5532 ./strace-static-x86_64: Process 5532 attached [pid 5532] chdir("./35") = 0 [pid 5530] <... write resumed>) = 4194304 [pid 5532] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5530] munmap(0x7f12a0a40000, 4194304 [pid 5532] <... prctl resumed>) = 0 [pid 5532] setpgid(0, 0 [pid 5530] <... munmap resumed>) = 0 [pid 5532] <... setpgid resumed>) = 0 [pid 5530] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5532] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5530] <... openat resumed>) = 4 [pid 5532] <... openat resumed>) = 3 [pid 5530] ioctl(4, LOOP_SET_FD, 3 [ 135.262065][ T5526] reiserfs: using flush barriers [ 135.273577][ T5526] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5532] write(3, "1000", 4) = 4 [pid 5532] close(3) = 0 [pid 5530] <... ioctl resumed>) = 0 [pid 5532] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5532] memfd_create("syzkaller", 0 [pid 5530] close(3 [pid 5529] <... write resumed>) = 4194304 [pid 5532] <... memfd_create resumed>) = 3 [pid 5530] <... close resumed>) = 0 [pid 5529] munmap(0x7f12a0a40000, 4194304 [pid 5532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5530] mkdir("./file1", 0777 [ 135.312977][ T5530] loop3: detected capacity change from 0 to 8192 [ 135.329514][ T5526] REISERFS (device loop0): checking transaction log (loop0) [pid 5532] <... mmap resumed>) = 0x7f12a0a40000 [pid 5529] <... munmap resumed>) = 0 [pid 5530] <... mkdir resumed>) = 0 [pid 5529] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5530] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5529] <... openat resumed>) = 4 [pid 5529] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5529] close(3) = 0 [pid 5529] mkdir("./file1", 0777) = 0 [ 135.355183][ T5529] loop5: detected capacity change from 0 to 8192 [ 135.376606][ T5530] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 135.376805][ T5529] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5529] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 135.418841][ T5524] REISERFS (device loop2): Using r5 hash to sort names [ 135.437645][ T5524] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5532] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5532] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5532] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5532] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5532] close(3) = 0 [pid 5532] mkdir("./file1", 0777) = 0 [ 135.484787][ T5530] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 135.487023][ T5532] loop1: detected capacity change from 0 to 8192 [ 135.506599][ T5529] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 135.506824][ T5532] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5532] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5524] <... mount resumed>) = 0 [pid 5524] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5524] chdir("./file1") = 0 [pid 5524] ioctl(4, LOOP_CLR_FD) = 0 [ 135.517166][ T5529] REISERFS (device loop5): using ordered data mode [pid 5524] close(4) = 0 [pid 5524] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5524] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5524] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5524] exit_group(0) = ? [pid 5524] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5524, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5092] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./34/binderfs") = 0 [ 135.557839][ T5530] REISERFS (device loop3): using ordered data mode [ 135.581669][ T5529] reiserfs: using flush barriers [ 135.587332][ T5530] reiserfs: using flush barriers [ 135.595837][ T5525] REISERFS (device loop4): Using r5 hash to sort names [ 135.604549][ T5529] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 135.617332][ T5525] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 135.623472][ T5529] REISERFS (device loop5): checking transaction log (loop5) [ 135.639460][ T5530] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5092] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5525] <... mount resumed>) = 0 [pid 5525] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5525] chdir("./file1") = 0 [pid 5525] ioctl(4, LOOP_CLR_FD) = 0 [pid 5525] close(4) = 0 [pid 5525] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5525] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5525] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 135.639670][ T5532] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 135.658969][ T5530] REISERFS (device loop3): checking transaction log (loop3) [ 135.685397][ T5526] REISERFS (device loop0): Using r5 hash to sort names [pid 5525] exit_group(0) = ? [pid 5525] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5525, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5094] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./36/binderfs") = 0 [ 135.703282][ T5526] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5526] <... mount resumed>) = 0 [pid 5526] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5526] chdir("./file1") = 0 [pid 5526] ioctl(4, LOOP_CLR_FD) = 0 [pid 5526] close(4) = 0 [ 135.760793][ T5532] REISERFS (device loop1): using ordered data mode [pid 5526] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5526] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5526] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5526] exit_group(0) = ? [pid 5526] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5526, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5090] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 135.804579][ T5532] reiserfs: using flush barriers [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = 0 [pid 5090] lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./34/binderfs") = 0 [ 135.856830][ T5532] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5090] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./34/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./34/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./34") = 0 [pid 5092] mkdir("./35", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 135.949121][ T5532] REISERFS (device loop1): checking transaction log (loop1) [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5536 [pid 5094] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5536 attached [pid 5094] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5536] chdir("./35") = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5536] prctl(PR_SET_PDEATHSIG, SIGKILL [ 136.003528][ T5529] REISERFS (device loop5): Using r5 hash to sort names [ 136.010773][ T5529] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 136.028877][ T5530] REISERFS (device loop3): Using r5 hash to sort names [pid 5094] lstat("./36/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5536] <... prctl resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5094] fstat(4, [pid 5536] setpgid(0, 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5536] <... setpgid resumed>) = 0 [pid 5094] getdents64(4, [pid 5536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5536] <... openat resumed>) = 3 [pid 5094] getdents64(4, [pid 5536] write(3, "1000", 4 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5536] <... write resumed>) = 4 [pid 5094] close(4 [pid 5536] close(3 [pid 5094] <... close resumed>) = 0 [pid 5536] <... close resumed>) = 0 [pid 5094] rmdir("./36/file1" [pid 5536] symlink("/dev/binderfs", "./binderfs" [pid 5530] <... mount resumed>) = 0 [pid 5529] <... mount resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5536] <... symlink resumed>) = 0 [pid 5530] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5529] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] getdents64(3, [pid 5090] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5536] memfd_create("syzkaller", 0 [pid 5530] <... openat resumed>) = 3 [pid 5529] <... openat resumed>) = 3 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5536] <... memfd_create resumed>) = 3 [pid 5530] chdir("./file1" [pid 5529] chdir("./file1" [pid 5094] close(3 [pid 5090] lstat("./34/file1", [pid 5536] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5530] <... chdir resumed>) = 0 [pid 5529] <... chdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5536] <... mmap resumed>) = 0x7f12a0a40000 [pid 5530] ioctl(4, LOOP_CLR_FD [pid 5529] ioctl(4, LOOP_CLR_FD [pid 5094] rmdir("./36" [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5530] <... ioctl resumed>) = 0 [pid 5529] <... ioctl resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [ 136.055821][ T5530] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5529] close(4 [pid 5094] mkdir("./37", 0777 [pid 5530] close(4 [pid 5090] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5529] <... close resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5530] <... close resumed>) = 0 [pid 5529] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5530] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5529] <... openat resumed>) = 4 [pid 5094] <... openat resumed>) = 3 [pid 5090] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5530] <... openat resumed>) = 4 [pid 5529] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5530] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5529] <... mmap resumed>) = 0x20000000 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... openat resumed>) = 4 [pid 5530] <... mmap resumed>) = 0x20000000 [pid 5529] ioctl(4, FS_IOC_GETVERSION [pid 5094] close(3 [pid 5090] fstat(4, [pid 5530] ioctl(4, FS_IOC_GETVERSION [pid 5529] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... close resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5530] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5529] exit_group(0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] getdents64(4, [pid 5530] exit_group(0 [pid 5529] <... exit_group resumed>) = ? [pid 5530] <... exit_group resumed>) = ? [pid 5529] +++ exited with 0 +++ [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5537 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5530] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5529, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5090] getdents64(4, [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5530, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5537 attached [pid 5095] <... restart_syscall resumed>) = 0 [pid 5090] close(4 [pid 5537] chdir("./37") = 0 [pid 5093] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... close resumed>) = 0 [pid 5537] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] rmdir("./34/file1" [pid 5537] <... prctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5537] setpgid(0, 0 [pid 5095] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... openat resumed>) = 3 [pid 5090] <... rmdir resumed>) = 0 [pid 5537] <... setpgid resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5093] fstat(3, [pid 5090] getdents64(3, [pid 5537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] fstat(3, [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5537] <... openat resumed>) = 3 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5537] write(3, "1000", 4 [pid 5095] getdents64(3, [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] close(3 [pid 5537] <... write resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5537] close(3 [pid 5095] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... close resumed>) = 0 [pid 5537] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./35/binderfs", [pid 5090] rmdir("./34" [pid 5537] symlink("/dev/binderfs", "./binderfs" [pid 5095] lstat("./35/binderfs", [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5537] <... symlink resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./35/binderfs" [pid 5090] <... rmdir resumed>) = 0 [pid 5537] memfd_create("syzkaller", 0 [pid 5536] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] unlink("./35/binderfs" [pid 5093] <... unlink resumed>) = 0 [pid 5090] mkdir("./35", 0777 [pid 5537] <... memfd_create resumed>) = 3 [pid 5095] <... unlink resumed>) = 0 [pid 5093] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... mkdir resumed>) = 0 [pid 5537] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5538 ./strace-static-x86_64: Process 5538 attached [pid 5538] chdir("./35") = 0 [pid 5538] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5538] setpgid(0, 0) = 0 [pid 5538] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5538] write(3, "1000", 4) = 4 [ 136.248303][ T5532] REISERFS (device loop1): Using r5 hash to sort names [pid 5538] close(3) = 0 [pid 5538] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5537] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... umount2 resumed>) = 0 [pid 5538] memfd_create("syzkaller", 0) = 3 [pid 5093] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5538] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./35/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 136.296214][ T5532] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5532] <... mount resumed>) = 0 [pid 5093] fstat(4, [pid 5532] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5532] <... openat resumed>) = 3 [pid 5093] getdents64(4, [pid 5532] chdir("./file1" [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5532] <... chdir resumed>) = 0 [pid 5093] getdents64(4, [pid 5536] <... write resumed>) = 4194304 [pid 5532] ioctl(4, LOOP_CLR_FD [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5536] munmap(0x7f12a0a40000, 4194304 [pid 5532] <... ioctl resumed>) = 0 [pid 5093] close(4 [pid 5536] <... munmap resumed>) = 0 [pid 5532] close(4 [pid 5093] <... close resumed>) = 0 [pid 5536] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5532] <... close resumed>) = 0 [pid 5532] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] rmdir("./35/file1" [pid 5532] <... openat resumed>) = 4 [pid 5093] <... rmdir resumed>) = 0 [pid 5536] <... openat resumed>) = 4 [pid 5532] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] getdents64(3, [pid 5536] ioctl(4, LOOP_SET_FD, 3 [pid 5532] <... mmap resumed>) = 0x20000000 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5532] ioctl(4, FS_IOC_GETVERSION [pid 5536] <... ioctl resumed>) = 0 [pid 5532] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] close(3 [pid 5536] close(3 [pid 5532] exit_group(0 [pid 5093] <... close resumed>) = 0 [pid 5536] <... close resumed>) = 0 [pid 5532] <... exit_group resumed>) = ? [pid 5093] rmdir("./35" [pid 5536] mkdir("./file1", 0777 [pid 5532] +++ exited with 0 +++ [pid 5536] <... mkdir resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5532, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5536] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] mkdir("./36", 0777 [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5093] <... mkdir resumed>) = 0 [pid 5091] <... restart_syscall resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5091] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5091] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] close(3 [pid 5091] lstat("./35/binderfs", [pid 5093] <... close resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./35/binderfs") = 0 [pid 5091] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5540 [ 136.401656][ T5536] loop2: detected capacity change from 0 to 8192 [ 136.438690][ T5536] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5538] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304./strace-static-x86_64: Process 5540 attached [pid 5540] chdir("./36") = 0 [pid 5540] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... umount2 resumed>) = 0 [pid 5540] <... prctl resumed>) = 0 [pid 5095] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5540] setpgid(0, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5540] <... setpgid resumed>) = 0 [pid 5095] lstat("./35/file1", [pid 5540] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5540] <... openat resumed>) = 3 [pid 5095] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5540] write(3, "1000", 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5540] <... write resumed>) = 4 [pid 5095] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5540] close(3 [pid 5095] <... openat resumed>) = 4 [pid 5540] <... close resumed>) = 0 [pid 5095] fstat(4, [pid 5540] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5540] <... symlink resumed>) = 0 [ 136.480331][ T5536] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 136.503832][ T5536] REISERFS (device loop2): using ordered data mode [pid 5095] getdents64(4, [pid 5540] memfd_create("syzkaller", 0 [pid 5538] <... write resumed>) = 4194304 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5540] <... memfd_create resumed>) = 3 [pid 5538] munmap(0x7f12a0a40000, 4194304 [pid 5537] <... write resumed>) = 4194304 [pid 5095] getdents64(4, [pid 5540] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5538] <... munmap resumed>) = 0 [pid 5537] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5540] <... mmap resumed>) = 0x7f12a0a40000 [pid 5538] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5537] <... munmap resumed>) = 0 [pid 5095] close(4 [pid 5538] <... openat resumed>) = 4 [pid 5537] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] <... close resumed>) = 0 [pid 5538] ioctl(4, LOOP_SET_FD, 3 [pid 5537] <... openat resumed>) = 4 [pid 5095] rmdir("./35/file1") = 0 [ 136.545512][ T5536] reiserfs: using flush barriers [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./35") = 0 [pid 5537] ioctl(4, LOOP_SET_FD, 3 [pid 5095] mkdir("./36", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5538] <... ioctl resumed>) = 0 [pid 5537] <... ioctl resumed>) = 0 [pid 5095] close(3 [pid 5538] close(3 [pid 5537] close(3 [pid 5095] <... close resumed>) = 0 [pid 5538] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5538] mkdir("./file1", 0777) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5541 [pid 5538] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5537] <... close resumed>) = 0 ./strace-static-x86_64: Process 5541 attached [pid 5537] mkdir("./file1", 0777 [ 136.574910][ T5538] loop0: detected capacity change from 0 to 8192 [ 136.582218][ T5537] loop4: detected capacity change from 0 to 8192 [ 136.587713][ T5536] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5541] chdir("./36") = 0 [pid 5537] <... mkdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5541] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5537] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5541] <... prctl resumed>) = 0 [pid 5541] setpgid(0, 0) = 0 [pid 5541] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5541] write(3, "1000", 4) = 4 [pid 5091] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5541] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5541] <... close resumed>) = 0 [pid 5541] symlink("/dev/binderfs", "./binderfs" [pid 5091] lstat("./35/file1", [pid 5541] <... symlink resumed>) = 0 [ 136.627662][ T5538] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 136.641764][ T5536] REISERFS (device loop2): checking transaction log (loop2) [ 136.656632][ T5537] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5541] memfd_create("syzkaller", 0) = 3 [pid 5541] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 136.661522][ T5538] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 136.679360][ T5538] REISERFS (device loop0): using ordered data mode [ 136.686222][ T5538] reiserfs: using flush barriers [ 136.692525][ T5537] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 136.692701][ T5538] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 136.701841][ T5537] REISERFS (device loop4): using ordered data mode [pid 5091] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5540] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./35/file1") = 0 [ 136.724671][ T5537] reiserfs: using flush barriers [ 136.733437][ T5537] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 136.738882][ T5538] REISERFS (device loop0): checking transaction log (loop0) [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5541] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] close(3) = 0 [pid 5091] rmdir("./35") = 0 [pid 5091] mkdir("./36", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5544 attached , child_tidptr=0x555556fb25d0) = 5544 [pid 5544] chdir("./36") = 0 [ 136.832073][ T5537] REISERFS (device loop4): checking transaction log (loop4) [ 136.869766][ T5538] REISERFS (device loop0): Using r5 hash to sort names [pid 5544] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5544] setpgid(0, 0 [pid 5541] <... write resumed>) = 4194304 [pid 5538] <... mount resumed>) = 0 [pid 5544] <... setpgid resumed>) = 0 [pid 5541] munmap(0x7f12a0a40000, 4194304 [pid 5538] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5544] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5538] <... openat resumed>) = 3 [pid 5544] <... openat resumed>) = 3 [pid 5541] <... munmap resumed>) = 0 [pid 5538] chdir("./file1" [pid 5544] write(3, "1000", 4 [pid 5541] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5538] <... chdir resumed>) = 0 [pid 5544] <... write resumed>) = 4 [pid 5541] <... openat resumed>) = 4 [pid 5538] ioctl(4, LOOP_CLR_FD [pid 5544] close(3 [pid 5541] ioctl(4, LOOP_SET_FD, 3 [pid 5538] <... ioctl resumed>) = 0 [pid 5544] <... close resumed>) = 0 [ 136.900381][ T5538] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 136.911715][ T5536] REISERFS (device loop2): Using r5 hash to sort names [ 136.934276][ T5536] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5536] <... mount resumed>) = 0 [pid 5536] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5538] close(4 [pid 5544] symlink("/dev/binderfs", "./binderfs" [pid 5538] <... close resumed>) = 0 [pid 5538] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5544] <... symlink resumed>) = 0 [pid 5538] <... openat resumed>) = 4 [pid 5544] memfd_create("syzkaller", 0 [pid 5538] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5544] <... memfd_create resumed>) = 3 [pid 5538] <... mmap resumed>) = 0x20000000 [pid 5544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5538] ioctl(4, FS_IOC_GETVERSION [pid 5544] <... mmap resumed>) = 0x7f12a0a40000 [pid 5538] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5536] <... openat resumed>) = 3 [pid 5536] chdir("./file1") = 0 [pid 5536] ioctl(4, LOOP_CLR_FD) = 0 [pid 5536] close(4 [pid 5538] exit_group(0 [pid 5536] <... close resumed>) = 0 [pid 5541] <... ioctl resumed>) = 0 [pid 5538] <... exit_group resumed>) = ? [pid 5536] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5541] close(3 [pid 5538] +++ exited with 0 +++ [pid 5536] <... openat resumed>) = 4 [pid 5541] <... close resumed>) = 0 [pid 5536] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5538, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} --- [pid 5541] mkdir("./file1", 0777 [pid 5536] <... mmap resumed>) = 0x20000000 [pid 5541] <... mkdir resumed>) = 0 [pid 5536] ioctl(4, FS_IOC_GETVERSION [pid 5541] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5536] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5536] exit_group(0) = ? [pid 5536] +++ exited with 0 +++ [pid 5090] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5536, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 136.967059][ T5541] loop5: detected capacity change from 0 to 8192 [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5090] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... restart_syscall resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] getdents64(3, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... openat resumed>) = 3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] fstat(3, [pid 5090] lstat("./35/binderfs", [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] getdents64(3, [pid 5090] unlink("./35/binderfs" [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] <... unlink resumed>) = 0 [pid 5092] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5540] <... write resumed>) = 4194304 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5540] munmap(0x7f12a0a40000, 4194304 [pid 5092] unlink("./35/binderfs") = 0 [pid 5092] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5540] <... munmap resumed>) = 0 [pid 5540] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 137.035779][ T5541] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 137.074142][ T5541] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5540] ioctl(4, LOOP_SET_FD, 3 [pid 5544] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5540] <... ioctl resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5540] close(3) = 0 [pid 5540] mkdir("./file1", 0777) = 0 [pid 5540] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./35/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 137.084131][ T5541] REISERFS (device loop5): using ordered data mode [ 137.088902][ T5540] loop3: detected capacity change from 0 to 8192 [ 137.090863][ T5541] reiserfs: using flush barriers [ 137.104276][ T5541] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 137.121475][ T5541] REISERFS (device loop5): checking transaction log (loop5) [ 137.122036][ T5537] REISERFS (device loop4): Using r5 hash to sort names [pid 5092] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./35/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./35") = 0 [pid 5092] mkdir("./36", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5537] <... mount resumed>) = 0 [ 137.169188][ T5540] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 137.200663][ T5537] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5537] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5537] chdir("./file1") = 0 [pid 5537] ioctl(4, LOOP_CLR_FD) = 0 [pid 5537] close(4) = 0 [pid 5537] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5537] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5537] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5537] exit_group(0) = ? [pid 5537] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5537, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5094] umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 137.231241][ T5540] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 137.240524][ T5540] REISERFS (device loop3): using ordered data mode [ 137.248416][ T5540] reiserfs: using flush barriers [ 137.256635][ T5540] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 137.273615][ T5540] REISERFS (device loop3): checking transaction log (loop3) [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./37/binderfs") = 0 [pid 5094] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5547 ./strace-static-x86_64: Process 5547 attached [pid 5547] chdir("./36") = 0 [pid 5547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5547] setpgid(0, 0) = 0 [pid 5547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... umount2 resumed>) = 0 [pid 5547] <... openat resumed>) = 3 [pid 5547] write(3, "1000", 4) = 4 [pid 5544] <... write resumed>) = 4194304 [pid 5547] close(3 [pid 5544] munmap(0x7f12a0a40000, 4194304 [pid 5547] <... close resumed>) = 0 [pid 5544] <... munmap resumed>) = 0 [pid 5547] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5544] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5540] <... mount resumed>) = 0 [pid 5547] memfd_create("syzkaller", 0 [pid 5544] <... openat resumed>) = 4 [pid 5540] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5547] <... memfd_create resumed>) = 3 [pid 5544] ioctl(4, LOOP_SET_FD, 3 [pid 5540] <... openat resumed>) = 3 [ 137.342301][ T5540] REISERFS (device loop3): Using r5 hash to sort names [ 137.371781][ T5540] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5544] <... ioctl resumed>) = 0 [pid 5540] chdir("./file1" [pid 5547] <... mmap resumed>) = 0x7f12a0a40000 [pid 5540] <... chdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5540] ioctl(4, LOOP_CLR_FD [pid 5090] lstat("./35/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5540] <... ioctl resumed>) = 0 [pid 5090] close(4 [pid 5540] close(4 [pid 5090] <... close resumed>) = 0 [pid 5540] <... close resumed>) = 0 [pid 5090] rmdir("./35/file1" [pid 5544] close(3 [pid 5540] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] <... rmdir resumed>) = 0 [pid 5544] <... close resumed>) = 0 [pid 5540] <... openat resumed>) = 4 [pid 5090] getdents64(3, [pid 5544] mkdir("./file1", 0777 [pid 5540] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5544] <... mkdir resumed>) = 0 [pid 5540] <... mmap resumed>) = 0x20000000 [pid 5090] close(3 [pid 5544] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5540] ioctl(4, FS_IOC_GETVERSION [pid 5090] <... close resumed>) = 0 [pid 5541] <... mount resumed>) = 0 [pid 5540] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] rmdir("./35" [pid 5541] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5540] exit_group(0 [pid 5090] <... rmdir resumed>) = 0 [pid 5540] <... exit_group resumed>) = ? [pid 5090] mkdir("./36", 0777 [pid 5541] <... openat resumed>) = 3 [pid 5540] +++ exited with 0 +++ [pid 5090] <... mkdir resumed>) = 0 [pid 5541] chdir("./file1" [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5541] <... chdir resumed>) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5540, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [ 137.414519][ T5544] loop1: detected capacity change from 0 to 8192 [ 137.425007][ T5541] REISERFS (device loop5): Using r5 hash to sort names [ 137.432507][ T5541] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5541] ioctl(4, LOOP_CLR_FD [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5541] <... ioctl resumed>) = 0 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5549 [pid 5541] close(4) = 0 ./strace-static-x86_64: Process 5549 attached [pid 5541] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5549] chdir("./36" [pid 5541] <... openat resumed>) = 4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5549] <... chdir resumed>) = 0 [pid 5541] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5549] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5541] <... mmap resumed>) = 0x20000000 [pid 5093] <... openat resumed>) = 3 [pid 5549] <... prctl resumed>) = 0 [pid 5541] ioctl(4, FS_IOC_GETVERSION [pid 5093] fstat(3, [pid 5549] setpgid(0, 0 [pid 5541] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5549] <... setpgid resumed>) = 0 [pid 5541] exit_group(0 [pid 5093] getdents64(3, [pid 5549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5541] <... exit_group resumed>) = ? [pid 5549] <... openat resumed>) = 3 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5549] write(3, "1000", 4) = 4 [pid 5541] +++ exited with 0 +++ [pid 5093] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5549] close(3 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5541, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5549] <... close resumed>) = 0 [pid 5093] lstat("./36/binderfs", [pid 5549] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5549] <... symlink resumed>) = 0 [pid 5095] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] unlink("./36/binderfs" [pid 5549] memfd_create("syzkaller", 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... unlink resumed>) = 0 [ 137.500490][ T5544] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5549] <... memfd_create resumed>) = 3 [pid 5095] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... openat resumed>) = 3 [pid 5549] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./36/binderfs") = 0 [pid 5095] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = 0 [pid 5547] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 137.541717][ T5544] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 137.564582][ T5544] REISERFS (device loop1): using ordered data mode [pid 5094] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./37/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./37/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 137.601132][ T5544] reiserfs: using flush barriers [pid 5095] <... umount2 resumed>) = 0 [pid 5094] fstat(4, [pid 5095] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] getdents64(4, [pid 5095] lstat("./36/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5549] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] getdents64(4, [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] close(4 [pid 5095] <... openat resumed>) = 4 [pid 5095] fstat(4, [pid 5094] <... close resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 137.628584][ T5544] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5094] rmdir("./37/file1" [pid 5095] getdents64(4, [pid 5094] <... rmdir resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(3, [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(4 [pid 5094] close(3 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./36/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./36") = 0 [pid 5094] <... close resumed>) = 0 [pid 5095] mkdir("./37", 0777 [pid 5094] rmdir("./37" [pid 5095] <... mkdir resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] mkdir("./38", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5550 ./strace-static-x86_64: Process 5550 attached [pid 5550] chdir("./38") = 0 [pid 5550] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5547] <... write resumed>) = 4194304 [pid 5550] setpgid(0, 0) = 0 [pid 5550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5550] write(3, "1000", 4) = 4 [pid 5550] close(3) = 0 [pid 5550] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5550] memfd_create("syzkaller", 0) = 3 [ 137.706343][ T5544] REISERFS (device loop1): checking transaction log (loop1) [pid 5547] munmap(0x7f12a0a40000, 4194304 [pid 5550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5547] <... munmap resumed>) = 0 [pid 5547] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] <... openat resumed>) = 3 [pid 5547] <... openat resumed>) = 4 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5547] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] close(3 [pid 5547] <... ioctl resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5547] close(3 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5547] <... close resumed>) = 0 [pid 5547] mkdir("./file1", 0777 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5551 [pid 5547] <... mkdir resumed>) = 0 [pid 5547] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5551 attached [pid 5551] chdir("./37") = 0 [ 137.791654][ T5547] loop2: detected capacity change from 0 to 8192 [pid 5551] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5549] <... write resumed>) = 4194304 [pid 5551] <... prctl resumed>) = 0 [pid 5549] munmap(0x7f12a0a40000, 4194304 [pid 5551] setpgid(0, 0 [pid 5549] <... munmap resumed>) = 0 [pid 5551] <... setpgid resumed>) = 0 [pid 5549] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5549] <... openat resumed>) = 4 [pid 5551] <... openat resumed>) = 3 [pid 5549] ioctl(4, LOOP_SET_FD, 3 [pid 5551] write(3, "1000", 4) = 4 [pid 5551] close(3) = 0 [pid 5551] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5551] memfd_create("syzkaller", 0) = 3 [pid 5551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5549] <... ioctl resumed>) = 0 [pid 5549] close(3) = 0 [ 137.833019][ T5547] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 137.860548][ T5549] loop0: detected capacity change from 0 to 8192 [pid 5549] mkdir("./file1", 0777) = 0 [pid 5549] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5550] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./36/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 137.888647][ T5547] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 137.907531][ T5549] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./36/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./36") = 0 [pid 5093] mkdir("./37", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5551] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 137.944907][ T5547] REISERFS (device loop2): using ordered data mode [ 137.957999][ T5549] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 137.971243][ T5544] REISERFS (device loop1): Using r5 hash to sort names [ 137.978499][ T5544] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5554 ./strace-static-x86_64: Process 5554 attached [pid 5554] chdir("./37") = 0 [pid 5554] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5554] setpgid(0, 0) = 0 [pid 5554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5554] write(3, "1000", 4) = 4 [pid 5554] close(3) = 0 [pid 5554] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5554] memfd_create("syzkaller", 0) = 3 [pid 5554] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5544] <... mount resumed>) = 0 [ 137.991110][ T5547] reiserfs: using flush barriers [ 138.012607][ T5549] REISERFS (device loop0): using ordered data mode [ 138.019209][ T5549] reiserfs: using flush barriers [ 138.024672][ T5547] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5544] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5544] chdir("./file1" [pid 5550] <... write resumed>) = 4194304 [pid 5544] <... chdir resumed>) = 0 [pid 5550] munmap(0x7f12a0a40000, 4194304 [pid 5544] ioctl(4, LOOP_CLR_FD [pid 5550] <... munmap resumed>) = 0 [pid 5544] <... ioctl resumed>) = 0 [pid 5550] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5544] close(4 [pid 5554] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5550] <... openat resumed>) = 4 [pid 5544] <... close resumed>) = 0 [pid 5550] ioctl(4, LOOP_SET_FD, 3 [ 138.062673][ T5549] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 138.080078][ T5547] REISERFS (device loop2): checking transaction log (loop2) [ 138.096651][ T5549] REISERFS (device loop0): checking transaction log (loop0) [pid 5544] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5544] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5544] ioctl(4, FS_IOC_GETVERSION [pid 5550] <... ioctl resumed>) = 0 [pid 5544] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5550] close(3 [pid 5544] exit_group(0 [pid 5550] <... close resumed>) = 0 [pid 5544] <... exit_group resumed>) = ? [pid 5550] mkdir("./file1", 0777 [pid 5544] +++ exited with 0 +++ [pid 5550] <... mkdir resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5544, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5550] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5091] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 138.126222][ T5550] loop4: detected capacity change from 0 to 8192 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./36/binderfs") = 0 [pid 5551] <... write resumed>) = 4194304 [pid 5091] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5551] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5551] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 138.171544][ T5550] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5551] ioctl(4, LOOP_SET_FD, 3) = 0 [ 138.214206][ T5551] loop5: detected capacity change from 0 to 8192 [ 138.216384][ T5550] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5551] close(3) = 0 [pid 5551] mkdir("./file1", 0777) = 0 [pid 5551] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5554] <... write resumed>) = 4194304 [pid 5554] munmap(0x7f12a0a40000, 4194304 [pid 5547] <... mount resumed>) = 0 [ 138.268183][ T5547] REISERFS (device loop2): Using r5 hash to sort names [ 138.286350][ T5547] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 138.292037][ T5551] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 138.296807][ T5550] REISERFS (device loop4): using ordered data mode [pid 5547] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5554] <... munmap resumed>) = 0 [pid 5547] <... openat resumed>) = 3 [pid 5554] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5547] chdir("./file1" [pid 5554] <... openat resumed>) = 4 [pid 5547] <... chdir resumed>) = 0 [pid 5554] ioctl(4, LOOP_SET_FD, 3 [pid 5547] ioctl(4, LOOP_CLR_FD [pid 5554] <... ioctl resumed>) = 0 [pid 5547] <... ioctl resumed>) = 0 [pid 5554] close(3 [pid 5547] close(4 [pid 5554] <... close resumed>) = 0 [pid 5547] <... close resumed>) = 0 [pid 5554] mkdir("./file1", 0777 [pid 5547] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5554] <... mkdir resumed>) = 0 [pid 5547] <... openat resumed>) = 4 [pid 5554] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5547] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5547] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5547] exit_group(0) = ? [pid 5547] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5547, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 138.315445][ T5550] reiserfs: using flush barriers [ 138.323217][ T5550] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 138.340468][ T5550] REISERFS (device loop4): checking transaction log (loop4) [ 138.352031][ T5554] loop3: detected capacity change from 0 to 8192 [ 138.354210][ T5551] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5092] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./36/binderfs") = 0 [ 138.401704][ T5551] REISERFS (device loop5): using ordered data mode [ 138.408305][ T5551] reiserfs: using flush barriers [ 138.414678][ T5551] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 138.415100][ T5554] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 138.431333][ T5551] REISERFS (device loop5): checking transaction log (loop5) [ 138.489527][ T5554] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 138.536856][ T5554] REISERFS (device loop3): using ordered data mode [ 138.543561][ T5554] reiserfs: using flush barriers [ 138.549546][ T5551] REISERFS (device loop5): Using r5 hash to sort names [ 138.558520][ T5554] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5092] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./36/file1", [pid 5551] <... mount resumed>) = 0 [pid 5551] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5551] <... openat resumed>) = 3 [pid 5091] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5551] chdir("./file1" [pid 5091] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5551] <... chdir resumed>) = 0 [pid 5551] ioctl(4, LOOP_CLR_FD [pid 5091] <... openat resumed>) = 4 [pid 5551] <... ioctl resumed>) = 0 [pid 5091] fstat(4, [pid 5551] close(4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5551] <... close resumed>) = 0 [ 138.598315][ T5554] REISERFS (device loop3): checking transaction log (loop3) [ 138.603782][ T5549] REISERFS (device loop0): Using r5 hash to sort names [ 138.611914][ T5551] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 138.629267][ T5550] REISERFS (device loop4): Using r5 hash to sort names [pid 5551] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5550] <... mount resumed>) = 0 [pid 5091] getdents64(4, [pid 5551] <... openat resumed>) = 4 [pid 5550] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5551] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5550] <... openat resumed>) = 3 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5551] <... mmap resumed>) = 0x20000000 [pid 5550] chdir("./file1" [pid 5551] ioctl(4, FS_IOC_GETVERSION [pid 5550] <... chdir resumed>) = 0 [pid 5551] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5550] ioctl(4, LOOP_CLR_FD [pid 5551] exit_group(0 [pid 5550] <... ioctl resumed>) = 0 [pid 5091] getdents64(4, [pid 5551] <... exit_group resumed>) = ? [pid 5550] close(4 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5551] +++ exited with 0 +++ [pid 5550] <... close resumed>) = 0 [pid 5091] rmdir("./36/file1" [pid 5550] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5551, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5091] <... rmdir resumed>) = 0 [pid 5091] getdents64(3, [pid 5550] <... openat resumed>) = 4 [pid 5095] umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5550] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] close(3) = 0 [pid 5550] <... mmap resumed>) = 0x20000000 [pid 5095] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] rmdir("./36" [pid 5550] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... openat resumed>) = 3 [pid 5091] <... rmdir resumed>) = 0 [ 138.651451][ T5550] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 138.659403][ T5549] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5550] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] fstat(3, [pid 5091] mkdir("./37", 0777 [pid 5550] exit_group(0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5550] <... exit_group resumed>) = ? [pid 5095] getdents64(3, [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5550] +++ exited with 0 +++ [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... openat resumed>) = 3 [pid 5549] <... mount resumed>) = 0 [pid 5095] umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5550, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5549] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5549] <... openat resumed>) = 3 [pid 5095] lstat("./37/binderfs", [pid 5091] close(3 [pid 5549] chdir("./file1" [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5549] <... chdir resumed>) = 0 [pid 5095] unlink("./37/binderfs" [pid 5092] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5558 ./strace-static-x86_64: Process 5558 attached [pid 5558] chdir("./37") = 0 [pid 5558] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5549] ioctl(4, LOOP_CLR_FD [pid 5095] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5549] <... ioctl resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5549] close(4 [pid 5094] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5549] <... close resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5092] lstat("./36/file1", [pid 5549] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] fstat(3, [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5558] setpgid(0, 0 [pid 5549] <... openat resumed>) = 4 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5558] <... setpgid resumed>) = 0 [pid 5558] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5558] write(3, "1000", 4) = 4 [pid 5558] close(3) = 0 [pid 5558] symlink("/dev/binderfs", "./binderfs" [pid 5549] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] getdents64(3, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5558] <... symlink resumed>) = 0 [pid 5549] <... mmap resumed>) = 0x20000000 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5558] memfd_create("syzkaller", 0 [pid 5549] ioctl(4, FS_IOC_GETVERSION [pid 5094] umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... openat resumed>) = 4 [pid 5558] <... memfd_create resumed>) = 3 [pid 5549] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] fstat(4, [pid 5558] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5549] exit_group(0 [pid 5094] lstat("./38/binderfs", [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5558] <... mmap resumed>) = 0x7f12a0a40000 [pid 5549] <... exit_group resumed>) = ? [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] getdents64(4, [pid 5549] +++ exited with 0 +++ [pid 5094] unlink("./38/binderfs" [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... unlink resumed>) = 0 [pid 5092] getdents64(4, [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5549, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5554] <... mount resumed>) = 0 [pid 5094] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5554] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] close(4 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5554] <... openat resumed>) = 3 [pid 5092] <... close resumed>) = 0 [pid 5554] chdir("./file1" [pid 5092] rmdir("./36/file1" [pid 5554] <... chdir resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5554] ioctl(4, LOOP_CLR_FD) = 0 [pid 5092] getdents64(3, [pid 5090] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5554] close(4 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5554] <... close resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5554] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] close(3 [pid 5090] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5554] <... openat resumed>) = 4 [pid 5090] <... openat resumed>) = 3 [pid 5092] <... close resumed>) = 0 [ 138.738890][ T5554] REISERFS (device loop3): Using r5 hash to sort names [ 138.757004][ T5554] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5554] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5092] rmdir("./36" [pid 5090] fstat(3, [pid 5554] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... rmdir resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5554] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] mkdir("./37", 0777 [pid 5554] exit_group(0 [pid 5090] getdents64(3, [pid 5554] <... exit_group resumed>) = ? [pid 5092] <... mkdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5554] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5554, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... openat resumed>) = 3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5090] lstat("./36/binderfs", [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] close(3 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5092] <... close resumed>) = 0 [pid 5090] unlink("./36/binderfs" [pid 5093] fstat(3, [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5093] getdents64(3, [pid 5090] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5559 [pid 5093] umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./37/binderfs") = 0 [pid 5093] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5559 attached [pid 5559] chdir("./37") = 0 [pid 5559] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5559] setpgid(0, 0) = 0 [pid 5559] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5558] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5559] write(3, "1000", 4) = 4 [pid 5559] close(3) = 0 [pid 5559] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5559] memfd_create("syzkaller", 0) = 3 [pid 5559] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./37/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./37/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, [pid 5090] <... umount2 resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] getdents64(4, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] lstat("./36/file1", [pid 5095] getdents64(4, [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] close(4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... close resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] rmdir("./37/file1" [pid 5090] <... openat resumed>) = 4 [pid 5095] <... rmdir resumed>) = 0 [pid 5090] fstat(4, [pid 5095] getdents64(3, [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] getdents64(4, [pid 5095] close(3 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] <... close resumed>) = 0 [pid 5090] getdents64(4, [pid 5095] rmdir("./37" [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5090] close(4 [pid 5095] mkdir("./38", 0777 [pid 5090] <... close resumed>) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5090] rmdir("./36/file1" [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5090] <... rmdir resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5090] getdents64(3, [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] <... umount2 resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] close(3 [pid 5095] close(3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5090] rmdir("./36" [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... rmdir resumed>) = 0 [pid 5090] mkdir("./37", 0777 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5561 [pid 5090] <... mkdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] lstat("./38/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5562 ./strace-static-x86_64: Process 5561 attached [pid 5094] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5561] chdir("./38" [pid 5094] openat(AT_FDCWD, "./38/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5562 attached [pid 5562] chdir("./37") = 0 [pid 5562] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... openat resumed>) = 4 [pid 5562] <... prctl resumed>) = 0 [pid 5561] <... chdir resumed>) = 0 [pid 5094] fstat(4, [pid 5562] setpgid(0, 0 [pid 5561] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5562] <... setpgid resumed>) = 0 [pid 5561] <... prctl resumed>) = 0 [pid 5559] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] getdents64(4, [pid 5562] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5561] setpgid(0, 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5562] <... openat resumed>) = 3 [pid 5561] <... setpgid resumed>) = 0 [pid 5094] getdents64(4, [pid 5562] write(3, "1000", 4 [pid 5561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5558] <... write resumed>) = 4194304 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5562] <... write resumed>) = 4 [pid 5561] <... openat resumed>) = 3 [pid 5558] munmap(0x7f12a0a40000, 4194304 [pid 5094] close(4 [pid 5562] close(3) = 0 [pid 5562] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5562] memfd_create("syzkaller", 0) = 3 [pid 5562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5561] write(3, "1000", 4 [pid 5558] <... munmap resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5561] <... write resumed>) = 4 [pid 5558] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] rmdir("./38/file1" [pid 5561] close(3 [pid 5558] <... openat resumed>) = 4 [pid 5094] <... rmdir resumed>) = 0 [pid 5561] <... close resumed>) = 0 [pid 5558] ioctl(4, LOOP_SET_FD, 3 [pid 5094] getdents64(3, [pid 5561] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5558] <... ioctl resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5561] memfd_create("syzkaller", 0 [pid 5558] close(3 [pid 5094] close(3 [pid 5561] <... memfd_create resumed>) = 3 [pid 5558] <... close resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5558] mkdir("./file1", 0777 [pid 5094] rmdir("./38" [pid 5561] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] <... rmdir resumed>) = 0 [pid 5558] <... mkdir resumed>) = 0 [pid 5094] mkdir("./39", 0777 [pid 5558] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... mkdir resumed>) = 0 [ 139.158145][ T5558] loop1: detected capacity change from 0 to 8192 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5564 ./strace-static-x86_64: Process 5564 attached [pid 5564] chdir("./39" [pid 5093] <... umount2 resumed>) = 0 [pid 5564] <... chdir resumed>) = 0 [pid 5093] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5564] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5564] <... prctl resumed>) = 0 [pid 5093] lstat("./37/file1", [pid 5564] setpgid(0, 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5564] <... setpgid resumed>) = 0 [pid 5093] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5564] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5564] <... openat resumed>) = 3 [pid 5093] openat(AT_FDCWD, "./37/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5564] write(3, "1000", 4 [pid 5093] <... openat resumed>) = 4 [pid 5564] <... write resumed>) = 4 [pid 5093] fstat(4, [pid 5564] close(3 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5564] <... close resumed>) = 0 [ 139.199530][ T5558] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] getdents64(4, [pid 5564] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5564] <... symlink resumed>) = 0 [pid 5093] getdents64(4, [pid 5564] memfd_create("syzkaller", 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5564] <... memfd_create resumed>) = 3 [pid 5093] close(4 [pid 5564] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... close resumed>) = 0 [pid 5564] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] rmdir("./37/file1" [pid 5562] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./37") = 0 [pid 5093] mkdir("./38", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5561] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5565 ./strace-static-x86_64: Process 5565 attached [pid 5565] chdir("./38") = 0 [pid 5565] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5559] <... write resumed>) = 4194304 [pid 5565] <... prctl resumed>) = 0 [pid 5565] setpgid(0, 0) = 0 [pid 5565] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5565] write(3, "1000", 4) = 4 [pid 5565] close(3) = 0 [pid 5565] symlink("/dev/binderfs", "./binderfs") = 0 [ 139.256557][ T5558] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 139.282227][ T5558] REISERFS (device loop1): using ordered data mode [ 139.288814][ T5558] reiserfs: using flush barriers [pid 5565] memfd_create("syzkaller", 0) = 3 [pid 5559] munmap(0x7f12a0a40000, 4194304 [pid 5565] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5559] <... munmap resumed>) = 0 [pid 5565] <... mmap resumed>) = 0x7f12a0a40000 [pid 5559] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5559] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5559] close(3) = 0 [pid 5559] mkdir("./file1", 0777) = 0 [pid 5564] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 139.353022][ T5559] loop2: detected capacity change from 0 to 8192 [ 139.361927][ T5558] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5559] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5565] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5562] <... write resumed>) = 4194304 [ 139.393942][ T5559] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 139.416463][ T5558] REISERFS (device loop1): checking transaction log (loop1) [ 139.432048][ T5559] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5564] <... write resumed>) = 4194304 [pid 5562] munmap(0x7f12a0a40000, 4194304 [pid 5564] munmap(0x7f12a0a40000, 4194304 [pid 5562] <... munmap resumed>) = 0 [pid 5564] <... munmap resumed>) = 0 [pid 5564] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5562] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5564] <... openat resumed>) = 4 [pid 5561] <... write resumed>) = 4194304 [pid 5562] <... openat resumed>) = 4 [pid 5564] ioctl(4, LOOP_SET_FD, 3 [ 139.442032][ T5559] REISERFS (device loop2): using ordered data mode [ 139.448722][ T5559] reiserfs: using flush barriers [ 139.455852][ T5559] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5562] ioctl(4, LOOP_SET_FD, 3 [pid 5564] <... ioctl resumed>) = 0 [pid 5564] close(3 [pid 5562] <... ioctl resumed>) = 0 [pid 5564] <... close resumed>) = 0 [pid 5562] close(3 [pid 5564] mkdir("./file1", 0777 [pid 5562] <... close resumed>) = 0 [pid 5564] <... mkdir resumed>) = 0 [pid 5562] mkdir("./file1", 0777 [pid 5564] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5562] <... mkdir resumed>) = 0 [pid 5561] munmap(0x7f12a0a40000, 4194304 [pid 5562] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5561] <... munmap resumed>) = 0 [pid 5561] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5565] <... write resumed>) = 4194304 [pid 5561] <... openat resumed>) = 4 [ 139.493784][ T5564] loop4: detected capacity change from 0 to 8192 [ 139.501520][ T5562] loop0: detected capacity change from 0 to 8192 [ 139.528326][ T5559] REISERFS (device loop2): checking transaction log (loop2) [ 139.532688][ T5561] loop5: detected capacity change from 0 to 8192 [pid 5561] ioctl(4, LOOP_SET_FD, 3 [pid 5565] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5565] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5565] ioctl(4, LOOP_SET_FD, 3 [pid 5561] <... ioctl resumed>) = 0 [pid 5561] close(3) = 0 [pid 5565] <... ioctl resumed>) = 0 [pid 5561] mkdir("./file1", 0777 [pid 5565] close(3 [pid 5561] <... mkdir resumed>) = 0 [ 139.546130][ T5564] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 139.560149][ T5562] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 139.578374][ T5565] loop3: detected capacity change from 0 to 8192 [pid 5561] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5565] <... close resumed>) = 0 [pid 5565] mkdir("./file1", 0777) = 0 [ 139.590725][ T5562] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 139.602095][ T5564] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 139.608284][ T5561] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 139.615772][ T5562] REISERFS (device loop0): using ordered data mode [ 139.641150][ T5564] REISERFS (device loop4): using ordered data mode [ 139.648072][ T5564] reiserfs: using flush barriers [ 139.654438][ T5565] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 139.658586][ T5562] reiserfs: using flush barriers [ 139.667617][ T5565] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 139.676828][ T5564] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 139.681832][ T5565] REISERFS (device loop3): using ordered data mode [ 139.704522][ T5565] reiserfs: using flush barriers [ 139.707077][ T5561] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 139.715721][ T5564] REISERFS (device loop4): checking transaction log (loop4) [ 139.721079][ T5562] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 139.725948][ T5565] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 139.758620][ T5565] REISERFS (device loop3): checking transaction log (loop3) [ 139.813238][ T5558] REISERFS (device loop1): Using r5 hash to sort names [ 139.817485][ T5561] REISERFS (device loop5): using ordered data mode [ 139.820445][ T5558] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 139.839194][ T5561] reiserfs: using flush barriers [ 139.851291][ T5559] REISERFS (device loop2): Using r5 hash to sort names [pid 5565] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5559] <... mount resumed>) = 0 [pid 5559] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5559] chdir("./file1") = 0 [ 139.858537][ T5559] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 139.860601][ T5561] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 139.871458][ T5562] REISERFS (device loop0): checking transaction log (loop0) [pid 5559] ioctl(4, LOOP_CLR_FD) = 0 [pid 5558] <... mount resumed>) = 0 [pid 5559] close(4) = 0 [pid 5559] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5558] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5559] <... openat resumed>) = 4 [pid 5558] <... openat resumed>) = 3 [pid 5558] chdir("./file1") = 0 [pid 5558] ioctl(4, LOOP_CLR_FD) = 0 [pid 5558] close(4) = 0 [pid 5558] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5559] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5558] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5559] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5559] exit_group(0) = ? [pid 5559] +++ exited with 0 +++ [pid 5558] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5558] exit_group(0) = ? [pid 5558] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5559, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5558, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5092] umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5092] fstat(3, [pid 5091] fstat(3, [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./37/binderfs", [pid 5091] lstat("./37/binderfs", [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./37/binderfs" [pid 5091] unlink("./37/binderfs" [pid 5092] <... unlink resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5091] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 139.925207][ T5565] REISERFS (device loop3): Using r5 hash to sort names [pid 5092] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5565] <... mount resumed>) = 0 [ 139.971587][ T5565] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 139.986550][ T5561] REISERFS (device loop5): checking transaction log (loop5) [pid 5565] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5091] <... umount2 resumed>) = 0 [pid 5565] chdir("./file1" [pid 5091] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5565] <... chdir resumed>) = 0 [pid 5565] ioctl(4, LOOP_CLR_FD [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5565] <... ioctl resumed>) = 0 [pid 5091] lstat("./37/file1", [pid 5565] close(4 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5565] <... close resumed>) = 0 [pid 5565] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5565] <... openat resumed>) = 4 [pid 5565] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5565] <... mmap resumed>) = 0x20000000 [pid 5565] ioctl(4, FS_IOC_GETVERSION [pid 5091] openat(AT_FDCWD, "./37/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5565] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, [pid 5565] exit_group(0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5565] <... exit_group resumed>) = ? [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5565] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5565, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5091] getdents64(4, [pid 5093] umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] close(4 [pid 5093] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... close resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5093] fstat(3, [pid 5091] rmdir("./37/file1" [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, [pid 5091] getdents64(3, [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./38/binderfs", [pid 5091] close(3 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./38/binderfs" [pid 5091] <... close resumed>) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5091] rmdir("./37" [pid 5093] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... rmdir resumed>) = 0 [pid 5091] mkdir("./38", 0777) = 0 [ 140.068923][ T5564] REISERFS (device loop4): Using r5 hash to sort names [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5564] <... mount resumed>) = 0 [pid 5564] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5564] chdir("./file1") = 0 [pid 5564] ioctl(4, LOOP_CLR_FD) = 0 [pid 5564] close(4) = 0 [pid 5564] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5564] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 140.109461][ T5564] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5564] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5564] exit_group(0) = ? [pid 5564] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5564, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=16 /* 0.16 s */} --- [pid 5094] umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./39/binderfs") = 0 [pid 5094] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5571 ./strace-static-x86_64: Process 5571 attached [pid 5571] chdir("./38") = 0 [pid 5571] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 140.245205][ T5562] REISERFS (device loop0): Using r5 hash to sort names [pid 5571] setpgid(0, 0) = 0 [pid 5571] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5571] write(3, "1000", 4) = 4 [pid 5571] close(3) = 0 [pid 5571] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5571] memfd_create("syzkaller", 0) = 3 [pid 5571] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5562] <... mount resumed>) = 0 [pid 5562] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5562] chdir("./file1") = 0 [pid 5562] ioctl(4, LOOP_CLR_FD) = 0 [pid 5562] close(4) = 0 [pid 5562] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5092] <... umount2 resumed>) = 0 [pid 5562] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5092] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5562] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5562] exit_group(0) = ? [pid 5562] +++ exited with 0 +++ [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5562, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=24 /* 0.24 s */} --- [pid 5092] lstat("./37/file1", [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 140.321702][ T5562] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 140.356961][ T5561] REISERFS (device loop5): Using r5 hash to sort names [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./37/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] fstat(3, [pid 5092] <... openat resumed>) = 4 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, [pid 5092] fstat(4, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] getdents64(4, [pid 5090] lstat("./37/binderfs", [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] close(4 [pid 5090] unlink("./37/binderfs" [pid 5092] <... close resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5092] rmdir("./37/file1") = 0 [pid 5090] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./37") = 0 [pid 5092] mkdir("./38", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = 0 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5561] <... mount resumed>) = 0 [pid 5561] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5093] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5572 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5561] chdir("./file1" [pid 5093] lstat("./38/file1", [pid 5561] <... chdir resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5561] ioctl(4, LOOP_CLR_FD) = 0 [pid 5093] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5561] close(4) = 0 [pid 5093] openat(AT_FDCWD, "./38/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5561] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... openat resumed>) = 4 [ 140.402573][ T5561] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. ./strace-static-x86_64: Process 5572 attached [pid 5571] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5561] <... openat resumed>) = 4 [pid 5093] fstat(4, [pid 5561] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5572] chdir("./38" [pid 5561] <... mmap resumed>) = 0x20000000 [pid 5093] getdents64(4, [pid 5572] <... chdir resumed>) = 0 [pid 5561] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5572] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5561] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] getdents64(4, [pid 5572] <... prctl resumed>) = 0 [pid 5561] exit_group(0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5561] <... exit_group resumed>) = ? [pid 5093] close(4 [pid 5572] setpgid(0, 0 [pid 5561] +++ exited with 0 +++ [pid 5093] <... close resumed>) = 0 [pid 5572] <... setpgid resumed>) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5561, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5093] rmdir("./38/file1" [pid 5572] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, [pid 5572] <... openat resumed>) = 3 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5572] write(3, "1000", 4 [pid 5093] close(3) = 0 [pid 5093] rmdir("./38" [pid 5572] <... write resumed>) = 4 [pid 5095] umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... rmdir resumed>) = 0 [pid 5093] mkdir("./39", 0777 [pid 5572] close(3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5572] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5572] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... openat resumed>) = 3 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5573 [pid 5572] <... symlink resumed>) = 0 [pid 5095] fstat(3, [pid 5572] memfd_create("syzkaller", 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, [pid 5572] <... memfd_create resumed>) = 3 [pid 5572] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5572] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./38/binderfs"./strace-static-x86_64: Process 5573 attached ) = 0 [pid 5095] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5573] chdir("./39" [pid 5094] <... umount2 resumed>) = 0 [pid 5573] <... chdir resumed>) = 0 [pid 5094] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5573] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5573] <... prctl resumed>) = 0 [pid 5094] lstat("./39/file1", [pid 5573] setpgid(0, 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5573] <... setpgid resumed>) = 0 [pid 5094] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./39/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5573] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5573] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5573] write(3, "1000", 4 [pid 5094] fstat(4, [pid 5090] lstat("./37/file1", [pid 5573] <... write resumed>) = 4 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5573] close(3 [pid 5094] getdents64(4, [pid 5090] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5573] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5573] symlink("/dev/binderfs", "./binderfs" [pid 5094] getdents64(4, [pid 5090] openat(AT_FDCWD, "./37/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5094] close(4 [pid 5090] fstat(4, [pid 5573] <... symlink resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] rmdir("./39/file1" [pid 5090] getdents64(4, [pid 5573] memfd_create("syzkaller", 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5573] <... memfd_create resumed>) = 3 [pid 5094] getdents64(3, [pid 5090] getdents64(4, [pid 5573] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5573] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] close(3 [pid 5090] close(4 [pid 5094] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5094] rmdir("./39" [pid 5090] rmdir("./37/file1" [pid 5094] <... rmdir resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5094] mkdir("./40", 0777 [pid 5090] getdents64(3, [pid 5094] <... mkdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] close(3 [pid 5094] <... openat resumed>) = 3 [pid 5090] <... close resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5090] rmdir("./37" [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... rmdir resumed>) = 0 [pid 5094] close(3 [pid 5090] mkdir("./38", 0777 [pid 5094] <... close resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5574 ./strace-static-x86_64: Process 5574 attached [pid 5574] chdir("./40") = 0 [pid 5574] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5574] setpgid(0, 0) = 0 [pid 5574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5574] write(3, "1000", 4) = 4 [pid 5574] close(3) = 0 [pid 5574] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5574] memfd_create("syzkaller", 0) = 3 [pid 5574] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5572] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5571] <... write resumed>) = 4194304 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5575 ./strace-static-x86_64: Process 5575 attached [pid 5575] chdir("./38") = 0 [pid 5575] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5575] setpgid(0, 0) = 0 [pid 5575] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5575] write(3, "1000", 4) = 4 [pid 5575] close(3) = 0 [pid 5575] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5575] memfd_create("syzkaller", 0) = 3 [pid 5575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5573] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5571] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5571] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5571] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5571] close(3) = 0 [pid 5571] mkdir("./file1", 0777) = 0 [ 140.718983][ T5571] loop1: detected capacity change from 0 to 8192 [pid 5571] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5574] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5575] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... umount2 resumed>) = 0 [ 140.783929][ T5571] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 140.810508][ T5571] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 140.820016][ T5571] REISERFS (device loop1): using ordered data mode [ 140.827477][ T5571] reiserfs: using flush barriers [pid 5095] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./38/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 140.851087][ T5571] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5575] <... write resumed>) = 4194304 [pid 5572] <... write resumed>) = 4194304 [pid 5095] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5575] munmap(0x7f12a0a40000, 4194304 [pid 5572] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5575] <... munmap resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./38/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5572] <... munmap resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5575] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5572] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5575] <... openat resumed>) = 4 [pid 5095] getdents64(4, [pid 5572] <... openat resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5575] ioctl(4, LOOP_SET_FD, 3 [pid 5095] getdents64(4, [pid 5572] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4 [pid 5575] <... ioctl resumed>) = 0 [pid 5572] <... ioctl resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5575] close(3 [pid 5572] close(3 [pid 5095] rmdir("./38/file1" [pid 5575] <... close resumed>) = 0 [pid 5572] <... close resumed>) = 0 [pid 5575] mkdir("./file1", 0777 [pid 5572] mkdir("./file1", 0777 [pid 5095] <... rmdir resumed>) = 0 [pid 5575] <... mkdir resumed>) = 0 [pid 5572] <... mkdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5575] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5572] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [ 140.893108][ T5571] REISERFS (device loop1): checking transaction log (loop1) [ 140.912854][ T5575] loop0: detected capacity change from 0 to 8192 [ 140.919724][ T5572] loop2: detected capacity change from 0 to 8192 [pid 5574] <... write resumed>) = 4194304 [pid 5573] <... write resumed>) = 4194304 [pid 5095] close(3 [pid 5574] munmap(0x7f12a0a40000, 4194304 [pid 5573] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... close resumed>) = 0 [pid 5574] <... munmap resumed>) = 0 [pid 5095] rmdir("./38" [pid 5573] <... munmap resumed>) = 0 [ 140.950793][ T5572] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 140.964608][ T5572] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 140.973923][ T5575] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 140.988687][ T5575] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5574] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5573] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] <... rmdir resumed>) = 0 [pid 5574] <... openat resumed>) = 4 [pid 5573] <... openat resumed>) = 4 [pid 5095] mkdir("./39", 0777 [pid 5574] ioctl(4, LOOP_SET_FD, 3 [pid 5573] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5579 [pid 5573] <... ioctl resumed>) = 0 [pid 5573] close(3) = 0 [pid 5573] mkdir("./file1", 0777) = 0 [pid 5573] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5579 attached [pid 5579] chdir("./39") = 0 [ 140.998455][ T5572] REISERFS (device loop2): using ordered data mode [ 141.001447][ T5574] loop4: detected capacity change from 0 to 8192 [ 141.006480][ T5572] reiserfs: using flush barriers [ 141.015946][ T5573] loop3: detected capacity change from 0 to 8192 [ 141.020122][ T5572] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 141.041436][ T5572] REISERFS (device loop2): checking transaction log (loop2) [pid 5579] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5574] <... ioctl resumed>) = 0 [pid 5579] setpgid(0, 0 [pid 5574] close(3 [pid 5579] <... setpgid resumed>) = 0 [pid 5574] <... close resumed>) = 0 [pid 5579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5574] mkdir("./file1", 0777 [pid 5579] <... openat resumed>) = 3 [pid 5574] <... mkdir resumed>) = 0 [pid 5579] write(3, "1000", 4 [pid 5574] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5579] <... write resumed>) = 4 [pid 5579] close(3) = 0 [pid 5579] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5579] memfd_create("syzkaller", 0) = 3 [pid 5579] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 141.050234][ T5573] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 141.054759][ T5575] REISERFS (device loop0): using ordered data mode [ 141.070119][ T5575] reiserfs: using flush barriers [ 141.095053][ T5574] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 141.096626][ T5575] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 141.144124][ T5573] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 141.157752][ T5575] REISERFS (device loop0): checking transaction log (loop0) [ 141.165733][ T5574] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 141.182306][ T5573] REISERFS (device loop3): using ordered data mode [ 141.190411][ T5573] reiserfs: using flush barriers [ 141.203086][ T5573] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 141.203146][ T5574] REISERFS (device loop4): using ordered data mode [ 141.227736][ T5574] reiserfs: using flush barriers [ 141.240851][ T5574] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 141.253663][ T5573] REISERFS (device loop3): checking transaction log (loop3) [ 141.265368][ T5574] REISERFS (device loop4): checking transaction log (loop4) [ 141.314799][ T5571] REISERFS (device loop1): Using r5 hash to sort names [ 141.331621][ T5572] REISERFS (device loop2): Using r5 hash to sort names [pid 5579] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5571] <... mount resumed>) = 0 [pid 5572] <... mount resumed>) = 0 [pid 5571] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5572] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5571] <... openat resumed>) = 3 [pid 5572] <... openat resumed>) = 3 [pid 5571] chdir("./file1" [pid 5572] chdir("./file1" [pid 5571] <... chdir resumed>) = 0 [pid 5572] <... chdir resumed>) = 0 [ 141.359957][ T5571] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 141.374040][ T5572] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5571] ioctl(4, LOOP_CLR_FD [pid 5572] ioctl(4, LOOP_CLR_FD [pid 5571] <... ioctl resumed>) = 0 [pid 5572] <... ioctl resumed>) = 0 [pid 5571] close(4 [pid 5579] <... write resumed>) = 4194304 [pid 5572] close(4 [pid 5571] <... close resumed>) = 0 [pid 5579] munmap(0x7f12a0a40000, 4194304 [pid 5572] <... close resumed>) = 0 [pid 5571] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5579] <... munmap resumed>) = 0 [pid 5572] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5579] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5572] <... openat resumed>) = 4 [pid 5571] <... openat resumed>) = 4 [pid 5579] <... openat resumed>) = 4 [pid 5572] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5571] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5579] ioctl(4, LOOP_SET_FD, 3 [pid 5572] <... mmap resumed>) = 0x20000000 [pid 5571] <... mmap resumed>) = 0x20000000 [pid 5572] ioctl(4, FS_IOC_GETVERSION [pid 5571] ioctl(4, FS_IOC_GETVERSION [pid 5572] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5571] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5572] exit_group(0) = ? [pid 5571] exit_group(0 [pid 5579] <... ioctl resumed>) = 0 [pid 5572] +++ exited with 0 +++ [pid 5571] <... exit_group resumed>) = ? [pid 5579] close(3 [pid 5571] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5572, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5571, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5092] <... restart_syscall resumed>) = 0 [pid 5091] <... restart_syscall resumed>) = 0 [pid 5092] umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5092] fstat(3, [pid 5091] fstat(3, [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5091] getdents64(3, [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./38/binderfs", [pid 5091] lstat("./38/binderfs", [pid 5579] <... close resumed>) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 141.460775][ T5575] REISERFS (device loop0): Using r5 hash to sort names [ 141.470592][ T5579] loop5: detected capacity change from 0 to 8192 [ 141.495507][ T5575] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5579] mkdir("./file1", 0777 [pid 5092] unlink("./38/binderfs" [pid 5091] unlink("./38/binderfs" [pid 5579] <... mkdir resumed>) = 0 [pid 5575] <... mount resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5579] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5575] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5575] <... openat resumed>) = 3 [pid 5575] chdir("./file1") = 0 [pid 5575] ioctl(4, LOOP_CLR_FD) = 0 [pid 5575] close(4) = 0 [pid 5575] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5575] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5575] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 141.512954][ T5574] REISERFS (device loop4): Using r5 hash to sort names [ 141.536618][ T5579] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 141.537781][ T5574] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5575] exit_group(0) = ? [pid 5575] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5575, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5090] umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5574] <... mount resumed>) = 0 [ 141.581331][ T5579] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 141.590794][ T5579] REISERFS (device loop5): using ordered data mode [ 141.594931][ T5573] REISERFS (device loop3): Using r5 hash to sort names [ 141.598250][ T5579] reiserfs: using flush barriers [ 141.617401][ T5573] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5574] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5573] <... mount resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5574] <... openat resumed>) = 3 [pid 5573] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] fstat(3, [pid 5574] chdir("./file1" [pid 5573] <... openat resumed>) = 3 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5574] <... chdir resumed>) = 0 [pid 5573] chdir("./file1" [pid 5090] getdents64(3, [pid 5574] ioctl(4, LOOP_CLR_FD [pid 5573] <... chdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5574] <... ioctl resumed>) = 0 [pid 5573] ioctl(4, LOOP_CLR_FD [pid 5090] umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5574] close(4 [pid 5573] <... ioctl resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5574] <... close resumed>) = 0 [pid 5573] close(4 [pid 5090] lstat("./38/binderfs", [pid 5574] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5573] <... close resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5574] <... openat resumed>) = 4 [pid 5573] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] unlink("./38/binderfs" [pid 5574] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5573] <... openat resumed>) = 4 [pid 5090] <... unlink resumed>) = 0 [pid 5574] <... mmap resumed>) = 0x20000000 [pid 5573] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5574] ioctl(4, FS_IOC_GETVERSION [pid 5573] <... mmap resumed>) = 0x20000000 [pid 5574] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5573] ioctl(4, FS_IOC_GETVERSION [pid 5574] exit_group(0 [pid 5573] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5574] <... exit_group resumed>) = ? [pid 5573] exit_group(0 [pid 5574] +++ exited with 0 +++ [pid 5573] <... exit_group resumed>) = ? [pid 5573] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5574, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5573, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5094] umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./40/binderfs", [pid 5093] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5094] unlink("./40/binderfs" [pid 5093] fstat(3, [pid 5094] <... unlink resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./39/binderfs") = 0 [ 141.622585][ T5579] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 141.697477][ T5579] REISERFS (device loop5): checking transaction log (loop5) [pid 5093] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5093] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./39/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./39/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./39/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./39") = 0 [pid 5093] mkdir("./40", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = 0 [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5583 ./strace-static-x86_64: Process 5583 attached [pid 5583] chdir("./40") = 0 [pid 5583] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5583] setpgid(0, 0) = 0 [pid 5583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5583] write(3, "1000", 4) = 4 [pid 5583] close(3) = 0 [pid 5583] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5583] memfd_create("syzkaller", 0) = 3 [pid 5583] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5094] <... umount2 resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./38/file1", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./38/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] openat(AT_FDCWD, "./38/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, [pid 5092] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... umount2 resumed>) = 0 [pid 5091] getdents64(4, [pid 5090] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5090] lstat("./38/file1", [pid 5091] rmdir("./38/file1" [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... rmdir resumed>) = 0 [pid 5090] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] openat(AT_FDCWD, "./38/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] getdents64(3, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] openat(AT_FDCWD, "./38/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... openat resumed>) = 4 [pid 5091] close(3 [pid 5090] <... openat resumed>) = 4 [pid 5579] <... mount resumed>) = 0 [pid 5094] lstat("./40/file1", [pid 5092] fstat(4, [pid 5091] <... close resumed>) = 0 [pid 5090] fstat(4, [pid 5579] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] rmdir("./38" [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5579] <... openat resumed>) = 3 [pid 5094] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5091] <... rmdir resumed>) = 0 [pid 5090] getdents64(4, [pid 5579] chdir("./file1" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] mkdir("./39", 0777 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5579] <... chdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./40/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] getdents64(4, [pid 5091] <... mkdir resumed>) = 0 [ 141.917168][ T5579] REISERFS (device loop5): Using r5 hash to sort names [ 141.954055][ T5579] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] getdents64(4, [pid 5579] ioctl(4, LOOP_CLR_FD [pid 5094] <... openat resumed>) = 4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5579] <... ioctl resumed>) = 0 [pid 5094] fstat(4, [pid 5092] close(4 [pid 5091] <... openat resumed>) = 3 [pid 5090] close(4 [pid 5579] close(4 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... close resumed>) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... close resumed>) = 0 [pid 5579] <... close resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] rmdir("./38/file1" [pid 5579] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] close(3 [pid 5090] <... rmdir resumed>) = 0 [pid 5579] <... openat resumed>) = 4 [pid 5091] <... close resumed>) = 0 [pid 5090] getdents64(3, [pid 5579] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5579] <... mmap resumed>) = 0x20000000 [pid 5094] getdents64(4, [pid 5092] rmdir("./38/file1" [pid 5090] close(3 [pid 5579] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5584 [pid 5090] <... close resumed>) = 0 [pid 5579] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] getdents64(4, [pid 5092] <... rmdir resumed>) = 0 [pid 5090] rmdir("./38" [pid 5579] exit_group(0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] getdents64(3, [pid 5090] <... rmdir resumed>) = 0 [pid 5579] <... exit_group resumed>) = ? [pid 5094] close(4 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] mkdir("./39", 0777 [pid 5579] +++ exited with 0 +++ [pid 5094] <... close resumed>) = 0 [pid 5092] close(3 [pid 5090] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5584 attached [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5579, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5094] rmdir("./40/file1" [pid 5092] <... close resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5584] chdir("./39" [pid 5090] <... openat resumed>) = 3 [pid 5584] <... chdir resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] rmdir("./38" [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5584] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] getdents64(3, [pid 5092] <... rmdir resumed>) = 0 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5584] <... prctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] mkdir("./39", 0777 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3 [pid 5584] setpgid(0, 0 [pid 5583] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] close(3 [pid 5092] <... mkdir resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5584] <... setpgid resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] fstat(3, [pid 5584] <... openat resumed>) = 3 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5585 [pid 5584] write(3, "1000", 4 [pid 5095] getdents64(3, [pid 5584] <... write resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5584] close(3 [pid 5095] umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5584] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5584] symlink("/dev/binderfs", "./binderfs" [pid 5095] lstat("./39/binderfs", [pid 5094] rmdir("./40"./strace-static-x86_64: Process 5585 attached [pid 5584] <... symlink resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5585] chdir("./39" [pid 5584] memfd_create("syzkaller", 0 [pid 5095] unlink("./39/binderfs" [pid 5094] <... rmdir resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5585] <... chdir resumed>) = 0 [pid 5584] <... memfd_create resumed>) = 3 [pid 5095] <... unlink resumed>) = 0 [pid 5094] mkdir("./41", 0777 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5585] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5584] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5585] <... prctl resumed>) = 0 [pid 5584] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] close(3 [pid 5585] setpgid(0, 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5585] <... setpgid resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5585] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5585] write(3, "1000", 4) = 4 [pid 5585] close(3 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5585] <... close resumed>) = 0 [pid 5094] close(3 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5586 [pid 5585] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... close resumed>) = 0 [pid 5585] <... symlink resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5586 attached [pid 5585] memfd_create("syzkaller", 0 [pid 5586] chdir("./39" [pid 5585] <... memfd_create resumed>) = 3 [pid 5586] <... chdir resumed>) = 0 [pid 5585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5586] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5585] <... mmap resumed>) = 0x7f12a0a40000 ./strace-static-x86_64: Process 5587 attached [pid 5586] <... prctl resumed>) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5587 [pid 5586] setpgid(0, 0) = 0 [pid 5586] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5586] write(3, "1000", 4 [pid 5587] chdir("./41" [pid 5586] <... write resumed>) = 4 [pid 5586] close(3) = 0 [pid 5586] symlink("/dev/binderfs", "./binderfs" [pid 5587] <... chdir resumed>) = 0 [pid 5586] <... symlink resumed>) = 0 [pid 5587] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5586] memfd_create("syzkaller", 0 [pid 5587] <... prctl resumed>) = 0 [pid 5586] <... memfd_create resumed>) = 3 [pid 5586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5587] setpgid(0, 0) = 0 [pid 5587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5587] write(3, "1000", 4) = 4 [pid 5587] close(3) = 0 [pid 5587] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5587] memfd_create("syzkaller", 0) = 3 [pid 5587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5583] <... write resumed>) = 4194304 [pid 5583] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5583] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5584] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5583] <... openat resumed>) = 4 [pid 5583] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5583] close(3) = 0 [pid 5583] mkdir("./file1", 0777 [pid 5585] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5583] <... mkdir resumed>) = 0 [pid 5583] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5586] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 142.186631][ T5583] loop3: detected capacity change from 0 to 8192 [ 142.242442][ T5583] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5587] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5584] <... write resumed>) = 4194304 [pid 5584] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5584] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 142.301737][ T5583] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 142.314113][ T5583] REISERFS (device loop3): using ordered data mode [ 142.323182][ T5583] reiserfs: using flush barriers [pid 5584] ioctl(4, LOOP_SET_FD, 3 [pid 5587] <... write resumed>) = 4194304 [pid 5584] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5587] munmap(0x7f12a0a40000, 4194304 [pid 5584] close(3 [pid 5095] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5587] <... munmap resumed>) = 0 [pid 5584] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5587] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5584] mkdir("./file1", 0777 [pid 5095] lstat("./39/file1", [pid 5587] <... openat resumed>) = 4 [pid 5586] <... write resumed>) = 4194304 [pid 5584] <... mkdir resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5587] ioctl(4, LOOP_SET_FD, 3 [pid 5586] munmap(0x7f12a0a40000, 4194304 [ 142.360405][ T5584] loop1: detected capacity change from 0 to 8192 [ 142.368414][ T5583] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5584] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./39/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, [pid 5586] <... munmap resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5586] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] getdents64(4, [pid 5587] <... ioctl resumed>) = 0 [pid 5586] <... openat resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5587] close(3 [pid 5586] ioctl(4, LOOP_SET_FD, 3 [pid 5095] close(4 [pid 5587] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./39/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5587] mkdir("./file1", 0777 [pid 5095] rmdir("./39" [pid 5586] <... ioctl resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5095] mkdir("./40", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3 [pid 5587] <... mkdir resumed>) = 0 [pid 5586] close(3 [pid 5585] <... write resumed>) = 4194304 [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5590 [ 142.408454][ T5587] loop4: detected capacity change from 0 to 8192 [ 142.422874][ T5586] loop2: detected capacity change from 0 to 8192 [ 142.430180][ T5584] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5587] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5586] <... close resumed>) = 0 [pid 5585] munmap(0x7f12a0a40000, 4194304./strace-static-x86_64: Process 5590 attached [pid 5590] chdir("./40" [pid 5586] mkdir("./file1", 0777 [pid 5585] <... munmap resumed>) = 0 [pid 5590] <... chdir resumed>) = 0 [pid 5586] <... mkdir resumed>) = 0 [pid 5585] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5590] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5586] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5585] <... openat resumed>) = 4 [pid 5590] <... prctl resumed>) = 0 [ 142.450824][ T5584] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 142.462243][ T5584] REISERFS (device loop1): using ordered data mode [ 142.462375][ T5583] REISERFS (device loop3): checking transaction log (loop3) [ 142.468777][ T5584] reiserfs: using flush barriers [ 142.470022][ T5584] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 142.494823][ T5585] loop0: detected capacity change from 0 to 8192 [pid 5585] ioctl(4, LOOP_SET_FD, 3 [pid 5590] setpgid(0, 0 [pid 5585] <... ioctl resumed>) = 0 [pid 5585] close(3) = 0 [pid 5585] mkdir("./file1", 0777) = 0 [pid 5585] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5590] <... setpgid resumed>) = 0 [pid 5590] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 142.505220][ T5584] REISERFS (device loop1): checking transaction log (loop1) [ 142.505743][ T5587] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 142.531763][ T5586] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 142.545771][ T5586] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5590] write(3, "1000", 4) = 4 [pid 5590] close(3) = 0 [pid 5590] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5590] memfd_create("syzkaller", 0) = 3 [pid 5590] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 142.555127][ T5586] REISERFS (device loop2): using ordered data mode [ 142.562739][ T5586] reiserfs: using flush barriers [ 142.569512][ T5587] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 142.579255][ T5586] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 142.579341][ T5587] REISERFS (device loop4): using ordered data mode [ 142.602015][ T5587] reiserfs: using flush barriers [ 142.608519][ T5587] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 142.608782][ T5585] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 142.638190][ T5587] REISERFS (device loop4): checking transaction log (loop4) [ 142.669751][ T5586] REISERFS (device loop2): checking transaction log (loop2) [ 142.702273][ T5585] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 142.711675][ T5585] REISERFS (device loop0): using ordered data mode [ 142.718233][ T5585] reiserfs: using flush barriers [ 142.730027][ T5585] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5590] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5590] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5590] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5590] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5590] close(3) = 0 [pid 5590] mkdir("./file1", 0777) = 0 [ 142.813690][ T5585] REISERFS (device loop0): checking transaction log (loop0) [ 142.832320][ T5590] loop5: detected capacity change from 0 to 8192 [ 142.867925][ T5590] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 142.886454][ T5590] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 142.901317][ T5586] REISERFS (device loop2): Using r5 hash to sort names [ 142.908600][ T5586] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 142.915289][ T5590] REISERFS (device loop5): using ordered data mode [ 142.925484][ T5584] REISERFS (device loop1): Using r5 hash to sort names [ 142.938650][ T5587] REISERFS (device loop4): Using r5 hash to sort names [ 142.945711][ T5590] reiserfs: using flush barriers [ 142.946666][ T5584] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5590] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5586] <... mount resumed>) = 0 [pid 5586] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5586] chdir("./file1") = 0 [pid 5586] ioctl(4, LOOP_CLR_FD) = 0 [pid 5586] close(4) = 0 [pid 5586] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 142.954418][ T5590] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 142.961906][ T5587] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 142.989061][ T5583] REISERFS (device loop3): Using r5 hash to sort names [pid 5586] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5586] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5586] exit_group(0) = ? [pid 5586] +++ exited with 0 +++ [pid 5584] <... mount resumed>) = 0 [pid 5584] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5584] chdir("./file1") = 0 [pid 5584] ioctl(4, LOOP_CLR_FD [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5586, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5584] <... ioctl resumed>) = 0 [pid 5584] close(4) = 0 [pid 5584] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5584] <... openat resumed>) = 4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5584] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... openat resumed>) = 3 [pid 5092] fstat(3, [pid 5584] <... mmap resumed>) = 0x20000000 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5584] ioctl(4, FS_IOC_GETVERSION [pid 5092] getdents64(3, [pid 5584] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5584] exit_group(0 [pid 5092] umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5584] <... exit_group resumed>) = ? [pid 5092] lstat("./39/binderfs", [pid 5584] +++ exited with 0 +++ [pid 5583] <... mount resumed>) = 0 [pid 5583] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5583] chdir("./file1") = 0 [pid 5583] ioctl(4, LOOP_CLR_FD) = 0 [pid 5583] close(4) = 0 [pid 5583] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5584, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5583] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] unlink("./39/binderfs" [pid 5583] <... mmap resumed>) = 0x20000000 [pid 5092] <... unlink resumed>) = 0 [pid 5092] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5583] ioctl(4, FS_IOC_GETVERSION [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5583] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5583] exit_group(0 [pid 5091] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5583] <... exit_group resumed>) = ? [pid 5091] <... openat resumed>) = 3 [pid 5583] +++ exited with 0 +++ [pid 5091] fstat(3, [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5583, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] lstat("./39/binderfs", [pid 5093] <... openat resumed>) = 3 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] fstat(3, [pid 5091] unlink("./39/binderfs" [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5093] getdents64(3, [pid 5091] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./40/binderfs") = 0 [pid 5093] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5587] <... mount resumed>) = 0 [ 143.022835][ T5583] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 143.031719][ T5590] REISERFS (device loop5): checking transaction log (loop5) [ 143.058409][ T5585] REISERFS (device loop0): Using r5 hash to sort names [pid 5587] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5587] chdir("./file1") = 0 [pid 5587] ioctl(4, LOOP_CLR_FD) = 0 [pid 5587] close(4) = 0 [pid 5587] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5587] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5587] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5587] exit_group(0) = ? [pid 5587] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5587, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5094] umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./41/binderfs") = 0 [pid 5094] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5585] <... mount resumed>) = 0 [pid 5585] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 143.113664][ T5585] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5585] chdir("./file1") = 0 [pid 5585] ioctl(4, LOOP_CLR_FD) = 0 [pid 5585] close(4) = 0 [pid 5585] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5585] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5585] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5585] exit_group(0) = ? [pid 5585] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5585, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=24 /* 0.24 s */} --- [pid 5090] umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./39/binderfs") = 0 [pid 5090] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5090] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./39/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./39/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... umount2 resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5091] <... umount2 resumed>) = 0 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, [pid 5092] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] getdents64(4, [pid 5092] lstat("./39/file1", [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... close resumed>) = 0 [pid 5092] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] rmdir("./39/file1" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... rmdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./39/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] getdents64(3, [pid 5092] <... openat resumed>) = 4 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3 [pid 5093] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] fstat(4, [pid 5091] lstat("./39/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./39/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... close resumed>) = 0 [pid 5093] lstat("./40/file1", [pid 5091] getdents64(4, [pid 5090] rmdir("./39" [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5093] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5091] close(4 [pid 5090] mkdir("./40", 0777 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./40/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] rmdir("./39/file1" [pid 5090] <... mkdir resumed>) = 0 [pid 5093] <... openat resumed>) = 4 [pid 5092] getdents64(4, [pid 5091] <... rmdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5093] fstat(4, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] getdents64(3, [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] close(4 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] getdents64(4, [pid 5092] <... close resumed>) = 0 [pid 5091] close(3 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] rmdir("./39/file1" [pid 5091] <... close resumed>) = 0 [pid 5093] getdents64(4, [pid 5091] rmdir("./39" [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5093] close(4 [pid 5092] getdents64(3, [pid 5091] mkdir("./40", 0777 [pid 5093] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5093] rmdir("./40/file1" [pid 5092] close(3 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5093] getdents64(3, [pid 5092] rmdir("./39" [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] <... umount2 resumed>) = 0 [pid 5093] close(3 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] close(3 [pid 5590] <... mount resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] mkdir("./40", 0777 [pid 5091] <... close resumed>) = 0 [pid 5590] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] rmdir("./40" [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5590] <... openat resumed>) = 3 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5590] chdir("./file1" [pid 5093] mkdir("./41", 0777 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5595 ./strace-static-x86_64: Process 5595 attached [pid 5590] <... chdir resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5595] chdir("./40" [pid 5590] ioctl(4, LOOP_CLR_FD [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5595] <... chdir resumed>) = 0 [pid 5590] <... ioctl resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5595] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5590] close(4 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5595] <... prctl resumed>) = 0 [pid 5590] <... close resumed>) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5595] setpgid(0, 0 [pid 5590] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] close(3 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5595] <... setpgid resumed>) = 0 [pid 5590] <... openat resumed>) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... close resumed>) = 0 [ 143.420598][ T5590] REISERFS (device loop5): Using r5 hash to sort names [ 143.440500][ T5590] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] close(3 [pid 5595] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5590] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] lstat("./41/file1", [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5595] <... openat resumed>) = 3 [pid 5590] <... mmap resumed>) = 0x20000000 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5595] write(3, "1000", 4 [pid 5590] ioctl(4, FS_IOC_GETVERSION [pid 5094] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5596 [pid 5595] <... write resumed>) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5596 attached [pid 5595] close(3 [pid 5590] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] openat(AT_FDCWD, "./41/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5597 [pid 5090] close(3 [pid 5596] chdir("./41" [pid 5595] <... close resumed>) = 0 [pid 5590] exit_group(0 [pid 5094] <... openat resumed>) = 4 [pid 5090] <... close resumed>) = 0 ./strace-static-x86_64: Process 5597 attached [pid 5596] <... chdir resumed>) = 0 [pid 5595] symlink("/dev/binderfs", "./binderfs" [pid 5590] <... exit_group resumed>) = ? [pid 5094] fstat(4, [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5596] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5595] <... symlink resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5596] <... prctl resumed>) = 0 [pid 5094] getdents64(4, [pid 5596] setpgid(0, 0 [pid 5590] +++ exited with 0 +++ [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5597] chdir("./40" [pid 5596] <... setpgid resumed>) = 0 [pid 5595] memfd_create("syzkaller", 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5590, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5094] getdents64(4, [pid 5597] <... chdir resumed>) = 0 [pid 5596] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5595] <... memfd_create resumed>) = 3 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5598 [pid 5597] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5596] <... openat resumed>) = 3 [pid 5595] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] close(4 [pid 5597] <... prctl resumed>) = 0 [pid 5596] write(3, "1000", 4 [pid 5595] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... close resumed>) = 0 ./strace-static-x86_64: Process 5598 attached [pid 5597] setpgid(0, 0 [pid 5596] <... write resumed>) = 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] rmdir("./41/file1" [pid 5598] chdir("./40" [pid 5597] <... setpgid resumed>) = 0 [pid 5596] close(3 [pid 5095] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... rmdir resumed>) = 0 [pid 5598] <... chdir resumed>) = 0 [pid 5597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5596] <... close resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5094] getdents64(3, [pid 5598] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5597] <... openat resumed>) = 3 [pid 5596] symlink("/dev/binderfs", "./binderfs" [pid 5095] fstat(3, [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5598] <... prctl resumed>) = 0 [pid 5597] write(3, "1000", 4 [pid 5596] <... symlink resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] close(3 [pid 5598] setpgid(0, 0 [pid 5597] <... write resumed>) = 4 [pid 5596] memfd_create("syzkaller", 0 [pid 5095] getdents64(3, [pid 5094] <... close resumed>) = 0 [pid 5598] <... setpgid resumed>) = 0 [pid 5597] close(3 [pid 5596] <... memfd_create resumed>) = 3 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] rmdir("./41" [pid 5598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5597] <... close resumed>) = 0 [pid 5596] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... rmdir resumed>) = 0 [pid 5598] <... openat resumed>) = 3 [pid 5597] symlink("/dev/binderfs", "./binderfs" [pid 5596] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] mkdir("./42", 0777 [pid 5598] write(3, "1000", 4 [pid 5597] <... symlink resumed>) = 0 [pid 5095] lstat("./40/binderfs", [pid 5094] <... mkdir resumed>) = 0 [pid 5598] <... write resumed>) = 4 [pid 5597] memfd_create("syzkaller", 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5598] close(3 [pid 5597] <... memfd_create resumed>) = 3 [pid 5095] unlink("./40/binderfs" [pid 5094] <... openat resumed>) = 3 [pid 5598] <... close resumed>) = 0 [pid 5597] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... unlink resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5598] symlink("/dev/binderfs", "./binderfs" [pid 5597] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5598] <... symlink resumed>) = 0 [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5599 [pid 5598] memfd_create("syzkaller", 0) = 3 [pid 5598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 ./strace-static-x86_64: Process 5599 attached [pid 5599] chdir("./42") = 0 [pid 5599] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5599] setpgid(0, 0) = 0 [pid 5599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5599] write(3, "1000", 4) = 4 [pid 5599] close(3) = 0 [pid 5599] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5599] memfd_create("syzkaller", 0) = 3 [pid 5599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5595] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5596] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5597] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5598] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5599] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5595] <... write resumed>) = 4194304 [pid 5595] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5595] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5595] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5595] close(3) = 0 [pid 5595] mkdir("./file1", 0777) = 0 [pid 5598] <... write resumed>) = 4194304 [pid 5596] <... write resumed>) = 4194304 [pid 5595] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5598] munmap(0x7f12a0a40000, 4194304 [pid 5597] <... write resumed>) = 4194304 [pid 5598] <... munmap resumed>) = 0 [pid 5597] munmap(0x7f12a0a40000, 4194304 [pid 5095] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./40/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5596] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5596] <... munmap resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./40/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5596] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] <... openat resumed>) = 4 [pid 5596] <... openat resumed>) = 4 [pid 5095] fstat(4, [pid 5596] ioctl(4, LOOP_SET_FD, 3 [ 143.865588][ T5595] loop1: detected capacity change from 0 to 8192 [ 143.902808][ T5595] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5598] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5597] <... munmap resumed>) = 0 [pid 5095] getdents64(4, [pid 5598] <... openat resumed>) = 4 [pid 5597] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5598] ioctl(4, LOOP_SET_FD, 3 [pid 5597] <... openat resumed>) = 4 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./40/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5597] ioctl(4, LOOP_SET_FD, 3 [pid 5095] rmdir("./40") = 0 [pid 5095] mkdir("./41", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5596] <... ioctl resumed>) = 0 [pid 5095] close(3 [pid 5598] <... ioctl resumed>) = 0 [pid 5597] <... ioctl resumed>) = 0 [pid 5596] close(3 [pid 5095] <... close resumed>) = 0 [pid 5598] close(3 [pid 5597] close(3 [pid 5596] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5598] <... close resumed>) = 0 [pid 5597] <... close resumed>) = 0 [pid 5596] mkdir("./file1", 0777./strace-static-x86_64: Process 5601 attached [pid 5598] mkdir("./file1", 0777 [pid 5597] mkdir("./file1", 0777 [pid 5596] <... mkdir resumed>) = 0 [ 143.916433][ T5596] loop3: detected capacity change from 0 to 8192 [ 143.923826][ T5595] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 143.945684][ T5598] loop0: detected capacity change from 0 to 8192 [ 143.953555][ T5597] loop2: detected capacity change from 0 to 8192 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5601 [pid 5601] chdir("./41" [pid 5598] <... mkdir resumed>) = 0 [pid 5597] <... mkdir resumed>) = 0 [pid 5596] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5601] <... chdir resumed>) = 0 [pid 5598] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5597] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5601] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5599] <... write resumed>) = 4194304 [pid 5599] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5599] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 143.985541][ T5595] REISERFS (device loop1): using ordered data mode [ 144.010158][ T5596] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.021524][ T5597] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5599] ioctl(4, LOOP_SET_FD, 3 [pid 5601] <... prctl resumed>) = 0 [ 144.035173][ T5599] loop4: detected capacity change from 0 to 8192 [ 144.037500][ T5598] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.045668][ T5595] reiserfs: using flush barriers [ 144.061664][ T5597] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 144.071955][ T5597] REISERFS (device loop2): using ordered data mode [pid 5601] setpgid(0, 0) = 0 [pid 5601] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5601] write(3, "1000", 4) = 4 [pid 5601] close(3) = 0 [pid 5601] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5601] memfd_create("syzkaller", 0) = 3 [pid 5601] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5599] <... ioctl resumed>) = 0 [pid 5599] close(3) = 0 [pid 5599] mkdir("./file1", 0777) = 0 [ 144.076325][ T5596] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 144.078653][ T5597] reiserfs: using flush barriers [ 144.097851][ T5598] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 144.098146][ T5599] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.107247][ T5597] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.137326][ T5598] REISERFS (device loop0): using ordered data mode [ 144.137866][ T5595] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.144702][ T5598] reiserfs: using flush barriers [ 144.164298][ T5597] REISERFS (device loop2): checking transaction log (loop2) [ 144.166930][ T5596] REISERFS (device loop3): using ordered data mode [ 144.173207][ T5598] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.179367][ T5596] reiserfs: using flush barriers [ 144.202450][ T5599] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 144.203873][ T5596] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.211965][ T5599] REISERFS (device loop4): using ordered data mode [pid 5599] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 144.236797][ T5599] reiserfs: using flush barriers [ 144.243796][ T5599] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.260671][ T5595] REISERFS (device loop1): checking transaction log (loop1) [ 144.273160][ T5599] REISERFS (device loop4): checking transaction log (loop4) [ 144.301932][ T5598] REISERFS (device loop0): checking transaction log (loop0) [ 144.337347][ T5596] REISERFS (device loop3): checking transaction log (loop3) [pid 5601] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5601] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5601] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5601] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5601] close(3) = 0 [pid 5601] mkdir("./file1", 0777) = 0 [ 144.527473][ T5601] loop5: detected capacity change from 0 to 8192 [ 144.549954][ T5597] REISERFS (device loop2): Using r5 hash to sort names [ 144.581634][ T5595] REISERFS (device loop1): Using r5 hash to sort names [ 144.588885][ T5595] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 144.600219][ T5601] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.616649][ T5598] REISERFS (device loop0): Using r5 hash to sort names [pid 5601] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5598] <... mount resumed>) = 0 [pid 5598] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5598] chdir("./file1") = 0 [pid 5598] ioctl(4, LOOP_CLR_FD) = 0 [pid 5598] close(4) = 0 [pid 5598] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 144.619655][ T5597] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 144.631418][ T5598] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 144.646202][ T5599] REISERFS (device loop4): Using r5 hash to sort names [ 144.661293][ T5601] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 144.670601][ T5601] REISERFS (device loop5): using ordered data mode [pid 5598] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5598] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5598] exit_group(0) = ? [pid 5599] <... mount resumed>) = 0 [pid 5598] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5598, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5090] umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5595] <... mount resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5597] <... mount resumed>) = 0 [pid 5595] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5597] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 144.700354][ T5596] REISERFS (device loop3): Using r5 hash to sort names [ 144.731291][ T5599] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5595] <... openat resumed>) = 3 [pid 5090] <... openat resumed>) = 3 [pid 5597] <... openat resumed>) = 3 [pid 5595] chdir("./file1" [pid 5597] chdir("./file1" [pid 5595] <... chdir resumed>) = 0 [pid 5090] fstat(3, [pid 5597] <... chdir resumed>) = 0 [pid 5595] ioctl(4, LOOP_CLR_FD [pid 5597] ioctl(4, LOOP_CLR_FD [pid 5595] <... ioctl resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5597] <... ioctl resumed>) = 0 [pid 5595] close(4 [pid 5597] close(4 [pid 5595] <... close resumed>) = 0 [pid 5090] getdents64(3, [pid 5597] <... close resumed>) = 0 [pid 5595] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5597] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5595] <... openat resumed>) = 4 [pid 5597] <... openat resumed>) = 4 [pid 5595] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5597] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5595] <... mmap resumed>) = 0x20000000 [pid 5599] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5597] <... mmap resumed>) = 0x20000000 [pid 5595] ioctl(4, FS_IOC_GETVERSION [pid 5599] <... openat resumed>) = 3 [pid 5597] ioctl(4, FS_IOC_GETVERSION [pid 5595] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5599] chdir("./file1" [pid 5597] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5595] exit_group(0 [pid 5599] <... chdir resumed>) = 0 [pid 5597] exit_group(0 [pid 5595] <... exit_group resumed>) = ? [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5599] ioctl(4, LOOP_CLR_FD [pid 5597] <... exit_group resumed>) = ? [pid 5595] +++ exited with 0 +++ [pid 5090] umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5599] <... ioctl resumed>) = 0 [pid 5597] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5595, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5599] close(4 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5597, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5090] lstat("./40/binderfs", [pid 5599] <... close resumed>) = 0 [ 144.754237][ T5596] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 144.768750][ T5601] reiserfs: using flush barriers [ 144.782629][ T5601] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5599] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... restart_syscall resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5599] <... openat resumed>) = 4 [pid 5090] unlink("./40/binderfs" [pid 5599] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5596] <... mount resumed>) = 0 [pid 5599] <... mmap resumed>) = 0x20000000 [pid 5596] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] <... unlink resumed>) = 0 [pid 5599] ioctl(4, FS_IOC_GETVERSION [pid 5596] <... openat resumed>) = 3 [pid 5092] umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5599] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5596] chdir("./file1" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5599] exit_group(0 [pid 5596] <... chdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5599] <... exit_group resumed>) = ? [pid 5596] ioctl(4, LOOP_CLR_FD [pid 5599] +++ exited with 0 +++ [pid 5596] <... ioctl resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5596] close(4 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5599, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=25 /* 0.25 s */} --- [pid 5092] fstat(3, [pid 5091] fstat(3, [pid 5596] <... close resumed>) = 0 [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5596] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... restart_syscall resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5596] <... openat resumed>) = 4 [pid 5092] getdents64(3, [pid 5596] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] getdents64(3, [pid 5596] <... mmap resumed>) = 0x20000000 [pid 5094] umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5596] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5596] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5596] exit_group(0 [pid 5094] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5596] <... exit_group resumed>) = ? [pid 5094] fstat(3, [pid 5092] lstat("./40/binderfs", [pid 5091] umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5596] +++ exited with 0 +++ [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 144.821496][ T5601] REISERFS (device loop5): checking transaction log (loop5) [pid 5094] getdents64(3, [pid 5092] unlink("./40/binderfs" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5596, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5094] umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... unlink resumed>) = 0 [pid 5091] lstat("./40/binderfs", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./42/binderfs", [pid 5093] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5094] unlink("./42/binderfs" [pid 5093] fstat(3, [pid 5091] unlink("./40/binderfs" [pid 5094] <... unlink resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] getdents64(3, [pid 5091] <... unlink resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./41/binderfs") = 0 [pid 5093] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 145.056639][ T5601] REISERFS (device loop5): Using r5 hash to sort names [pid 5094] lstat("./42/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5601] <... mount resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./42/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... umount2 resumed>) = 0 [pid 5601] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... openat resumed>) = 4 [pid 5601] <... openat resumed>) = 3 [pid 5094] fstat(4, [pid 5601] chdir("./file1" [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5601] <... chdir resumed>) = 0 [pid 5601] ioctl(4, LOOP_CLR_FD [pid 5094] getdents64(4, [pid 5092] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5601] <... ioctl resumed>) = 0 [pid 5601] close(4 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5601] <... close resumed>) = 0 [pid 5094] getdents64(4, [pid 5092] lstat("./40/file1", [pid 5601] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5601] <... openat resumed>) = 4 [ 145.101759][ T5601] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] close(4 [pid 5092] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... close resumed>) = 0 [pid 5601] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] rmdir("./42/file1" [pid 5092] openat(AT_FDCWD, "./40/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5601] <... mmap resumed>) = 0x20000000 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5601] ioctl(4, FS_IOC_GETVERSION [pid 5094] getdents64(3, [pid 5092] fstat(4, [pid 5601] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5601] exit_group(0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5601] <... exit_group resumed>) = ? [pid 5094] close(3 [pid 5092] getdents64(4, [pid 5601] +++ exited with 0 +++ [pid 5094] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5601, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5094] rmdir("./42" [pid 5092] getdents64(4, [pid 5095] umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... rmdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] mkdir("./43", 0777 [pid 5095] <... openat resumed>) = 3 [pid 5092] close(4 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5092] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] rmdir("./40/file1" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./41/binderfs" [pid 5092] <... rmdir resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./40") = 0 [pid 5092] mkdir("./41", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./40/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./40/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5607 [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5608 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./40/file1"./strace-static-x86_64: Process 5608 attached [pid 5608] chdir("./43"./strace-static-x86_64: Process 5607 attached [pid 5607] chdir("./41" [pid 5608] <... chdir resumed>) = 0 [pid 5608] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5607] <... chdir resumed>) = 0 [pid 5608] <... prctl resumed>) = 0 [pid 5607] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5608] setpgid(0, 0 [pid 5607] <... prctl resumed>) = 0 [pid 5608] <... setpgid resumed>) = 0 [pid 5608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5607] setpgid(0, 0) = 0 [pid 5608] <... openat resumed>) = 3 [pid 5607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5608] write(3, "1000", 4 [pid 5607] <... openat resumed>) = 3 [pid 5608] <... write resumed>) = 4 [pid 5607] write(3, "1000", 4) = 4 [pid 5607] close(3) = 0 [pid 5607] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5607] memfd_create("syzkaller", 0) = 3 [pid 5607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5608] close(3 [pid 5607] <... mmap resumed>) = 0x7f12a0a40000 [pid 5608] <... close resumed>) = 0 [pid 5608] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5608] memfd_create("syzkaller", 0) = 3 [pid 5608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./40") = 0 [pid 5090] mkdir("./41", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./40/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./40/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5609 [pid 5091] getdents64(4, ./strace-static-x86_64: Process 5609 attached 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5609] chdir("./41" [pid 5091] <... close resumed>) = 0 [pid 5091] rmdir("./40/file1" [pid 5609] <... chdir resumed>) = 0 [pid 5609] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... rmdir resumed>) = 0 [pid 5609] <... prctl resumed>) = 0 [pid 5091] getdents64(3, [pid 5609] setpgid(0, 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5609] <... setpgid resumed>) = 0 [pid 5091] close(3 [pid 5609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... close resumed>) = 0 [pid 5609] <... openat resumed>) = 3 [pid 5091] rmdir("./40" [pid 5609] write(3, "1000", 4 [pid 5093] <... umount2 resumed>) = 0 [pid 5609] <... write resumed>) = 4 [pid 5091] <... rmdir resumed>) = 0 [pid 5609] close(3 [pid 5091] mkdir("./41", 0777 [pid 5609] <... close resumed>) = 0 [pid 5609] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5093] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... mkdir resumed>) = 0 [pid 5609] memfd_create("syzkaller", 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5609] <... memfd_create resumed>) = 3 [pid 5093] lstat("./41/file1", [pid 5091] <... openat resumed>) = 3 [pid 5609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5609] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] close(3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./41/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5610 attached [pid 5608] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] getdents64(4, [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5610 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4 [pid 5610] chdir("./41" [pid 5093] <... close resumed>) = 0 [pid 5610] <... chdir resumed>) = 0 [pid 5093] rmdir("./41/file1" [pid 5610] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] <... rmdir resumed>) = 0 [pid 5610] <... prctl resumed>) = 0 [pid 5093] getdents64(3, [pid 5610] setpgid(0, 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5610] <... setpgid resumed>) = 0 [pid 5093] close(3 [pid 5610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] <... close resumed>) = 0 [pid 5610] <... openat resumed>) = 3 [pid 5093] rmdir("./41" [pid 5610] write(3, "1000", 4 [pid 5093] <... rmdir resumed>) = 0 [pid 5610] <... write resumed>) = 4 [pid 5093] mkdir("./42", 0777 [pid 5610] close(3 [pid 5093] <... mkdir resumed>) = 0 [pid 5610] <... close resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5610] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... openat resumed>) = 3 [pid 5610] <... symlink resumed>) = 0 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5610] memfd_create("syzkaller", 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5610] <... memfd_create resumed>) = 3 [pid 5607] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] close(3 [pid 5610] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... close resumed>) = 0 [pid 5610] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5611 [pid 5095] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5611 attached [pid 5095] lstat("./41/file1", [pid 5611] chdir("./42" [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5611] <... chdir resumed>) = 0 [pid 5095] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5611] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5611] <... prctl resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./41/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5611] setpgid(0, 0 [pid 5095] <... openat resumed>) = 4 [pid 5611] <... setpgid resumed>) = 0 [pid 5095] fstat(4, [pid 5611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5611] write(3, "1000", 4 [pid 5095] getdents64(4, [pid 5611] <... write resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5611] close(3 [pid 5095] getdents64(4, [pid 5611] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5611] symlink("/dev/binderfs", "./binderfs" [pid 5095] close(4 [pid 5611] <... symlink resumed>) = 0 [pid 5609] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... close resumed>) = 0 [pid 5611] memfd_create("syzkaller", 0 [pid 5095] rmdir("./41/file1" [pid 5611] <... memfd_create resumed>) = 3 [pid 5611] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5611] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./41") = 0 [pid 5095] mkdir("./42", 0777 [pid 5610] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5608] <... write resumed>) = 4194304 [pid 5095] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5612 [pid 5608] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5608] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5608] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5612 attached [pid 5612] chdir("./42") = 0 [pid 5612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5612] setpgid(0, 0 [pid 5611] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5608] <... ioctl resumed>) = 0 [pid 5612] <... setpgid resumed>) = 0 [pid 5612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5612] write(3, "1000", 4) = 4 [pid 5612] close(3) = 0 [pid 5612] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5612] memfd_create("syzkaller", 0) = 3 [pid 5608] close(3 [pid 5612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5608] <... close resumed>) = 0 [pid 5612] <... mmap resumed>) = 0x7f12a0a40000 [pid 5608] mkdir("./file1", 0777) = 0 [ 145.626096][ T5608] loop4: detected capacity change from 0 to 8192 [pid 5608] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5607] <... write resumed>) = 4194304 [pid 5607] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5607] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5607] ioctl(4, LOOP_SET_FD, 3 [pid 5610] <... write resumed>) = 4194304 [pid 5610] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5610] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5610] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5609] <... write resumed>) = 4194304 [pid 5610] close(3 [pid 5609] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5610] <... close resumed>) = 0 [pid 5610] mkdir("./file1", 0777) = 0 [ 145.701983][ T5608] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 145.723194][ T5607] loop2: detected capacity change from 0 to 8192 [ 145.733216][ T5610] loop1: detected capacity change from 0 to 8192 [pid 5610] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5609] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5607] <... ioctl resumed>) = 0 [pid 5609] <... openat resumed>) = 4 [pid 5607] close(3 [pid 5609] ioctl(4, LOOP_SET_FD, 3 [pid 5607] <... close resumed>) = 0 [pid 5607] mkdir("./file1", 0777) = 0 [pid 5607] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5609] <... ioctl resumed>) = 0 [pid 5609] close(3 [pid 5612] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5611] <... write resumed>) = 4194304 [pid 5609] <... close resumed>) = 0 [pid 5611] munmap(0x7f12a0a40000, 4194304 [pid 5609] mkdir("./file1", 0777 [pid 5611] <... munmap resumed>) = 0 [ 145.746593][ T5608] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 145.764751][ T5609] loop0: detected capacity change from 0 to 8192 [ 145.769435][ T5608] REISERFS (device loop4): using ordered data mode [ 145.779138][ T5608] reiserfs: using flush barriers [ 145.786449][ T5607] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5611] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5611] ioctl(4, LOOP_SET_FD, 3 [pid 5609] <... mkdir resumed>) = 0 [pid 5609] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5612] <... write resumed>) = 4194304 [ 145.799846][ T5610] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 145.804698][ T5611] loop3: detected capacity change from 0 to 8192 [ 145.822549][ T5608] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 145.839326][ T5609] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5612] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5612] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5612] ioctl(4, LOOP_SET_FD, 3) = 0 [ 145.844124][ T5607] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 145.854574][ T5610] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 145.862087][ T5607] REISERFS (device loop2): using ordered data mode [ 145.872408][ T5609] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 145.878502][ T5607] reiserfs: using flush barriers [ 145.893982][ T5612] loop5: detected capacity change from 0 to 8192 [pid 5612] close(3 [pid 5611] <... ioctl resumed>) = 0 [pid 5611] close(3) = 0 [pid 5611] mkdir("./file1", 0777) = 0 [pid 5611] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5612] <... close resumed>) = 0 [pid 5612] mkdir("./file1", 0777) = 0 [ 145.901872][ T5607] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 145.902812][ T5610] REISERFS (device loop1): using ordered data mode [ 145.919172][ T5607] REISERFS (device loop2): checking transaction log (loop2) [ 145.937589][ T5611] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 145.943586][ T5608] REISERFS (device loop4): checking transaction log (loop4) [ 145.956420][ T5612] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 146.014658][ T5609] REISERFS (device loop0): using ordered data mode [ 146.017112][ T5610] reiserfs: using flush barriers [ 146.021353][ T5609] reiserfs: using flush barriers [ 146.034507][ T5609] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.037844][ T5608] REISERFS (device loop4): Using r5 hash to sort names [pid 5612] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5608] <... mount resumed>) = 0 [ 146.050718][ T5610] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.066435][ T5612] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 146.074221][ T5610] REISERFS (device loop1): checking transaction log (loop1) [ 146.084966][ T5611] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 146.096022][ T5608] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5608] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5608] chdir("./file1") = 0 [pid 5608] ioctl(4, LOOP_CLR_FD) = 0 [pid 5608] close(4) = 0 [pid 5608] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5608] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 146.129505][ T5609] REISERFS (device loop0): checking transaction log (loop0) [ 146.134321][ T5612] REISERFS (device loop5): using ordered data mode [pid 5608] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5608] exit_group(0) = ? [pid 5608] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5608, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5094] umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 146.172375][ T5612] reiserfs: using flush barriers [ 146.183389][ T5612] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.202292][ T5611] REISERFS (device loop3): using ordered data mode [pid 5094] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [ 146.221503][ T5611] reiserfs: using flush barriers [pid 5094] umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./43/binderfs") = 0 [ 146.244518][ T5611] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.261992][ T5610] REISERFS (device loop1): Using r5 hash to sort names [ 146.269219][ T5610] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 146.279640][ T5612] REISERFS (device loop5): checking transaction log (loop5) [pid 5094] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5610] <... mount resumed>) = 0 [pid 5610] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5610] chdir("./file1") = 0 [pid 5610] ioctl(4, LOOP_CLR_FD) = 0 [pid 5610] close(4) = 0 [pid 5610] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5610] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 146.297526][ T5611] REISERFS (device loop3): checking transaction log (loop3) [pid 5610] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5610] exit_group(0) = ? [pid 5610] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5610, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5091] umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [ 146.364660][ T5607] REISERFS (device loop2): Using r5 hash to sort names [pid 5091] umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./41/binderfs") = 0 [pid 5091] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5607] <... mount resumed>) = 0 [pid 5607] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5607] chdir("./file1") = 0 [pid 5607] ioctl(4, LOOP_CLR_FD) = 0 [ 146.418726][ T5607] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5607] close(4) = 0 [pid 5607] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5607] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5607] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5607] exit_group(0) = ? [pid 5607] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5607, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5092] umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, [pid 5094] <... umount2 resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./41/binderfs" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... unlink resumed>) = 0 [pid 5092] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] lstat("./43/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./43/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 146.514764][ T5612] REISERFS (device loop5): Using r5 hash to sort names [ 146.530617][ T5611] REISERFS (device loop3): Using r5 hash to sort names [ 146.538936][ T5612] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5612] <... mount resumed>) = 0 [pid 5612] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] getdents64(4, [pid 5612] <... openat resumed>) = 3 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5612] chdir("./file1" [pid 5094] close(4 [pid 5612] <... chdir resumed>) = 0 [pid 5611] <... mount resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5612] ioctl(4, LOOP_CLR_FD [pid 5611] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5612] <... ioctl resumed>) = 0 [pid 5612] close(4 [pid 5611] <... openat resumed>) = 3 [pid 5094] rmdir("./43/file1" [pid 5612] <... close resumed>) = 0 [pid 5611] chdir("./file1") = 0 [ 146.568626][ T5611] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5612] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... rmdir resumed>) = 0 [pid 5611] ioctl(4, LOOP_CLR_FD [pid 5612] <... openat resumed>) = 4 [pid 5611] <... ioctl resumed>) = 0 [pid 5094] getdents64(3, [pid 5612] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5611] close(4 [pid 5091] <... umount2 resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5612] <... mmap resumed>) = 0x20000000 [pid 5611] <... close resumed>) = 0 [pid 5091] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5611] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] lstat("./41/file1", [pid 5094] <... close resumed>) = 0 [pid 5611] <... openat resumed>) = 4 [pid 5612] ioctl(4, FS_IOC_GETVERSION [pid 5611] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] rmdir("./43" [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5091] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5611] <... mmap resumed>) = 0x20000000 [pid 5612] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5611] ioctl(4, FS_IOC_GETVERSION [pid 5094] mkdir("./44", 0777 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./41/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] <... mkdir resumed>) = 0 [pid 5091] fstat(4, [pid 5612] exit_group(0 [pid 5611] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5612] <... exit_group resumed>) = ? [pid 5611] exit_group(0 [pid 5094] <... openat resumed>) = 3 [pid 5091] getdents64(4, [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5609] <... mount resumed>) = 0 [pid 5609] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5612] +++ exited with 0 +++ [pid 5611] <... exit_group resumed>) = ? [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5612, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5095] umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5611] +++ exited with 0 +++ [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] close(3 [pid 5091] getdents64(4, [pid 5095] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] <... close resumed>) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5611, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] close(4 [pid 5095] fstat(3, [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [ 146.641667][ T5609] REISERFS (device loop0): Using r5 hash to sort names [ 146.648913][ T5609] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] <... close resumed>) = 0 [pid 5095] umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5619 [pid 5093] umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] rmdir("./41/file1" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./42/binderfs", [pid 5093] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5091] <... rmdir resumed>) = 0 [pid 5095] unlink("./42/binderfs" [pid 5093] fstat(3, [pid 5091] getdents64(3, [pid 5095] <... unlink resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] getdents64(3, [pid 5091] close(3./strace-static-x86_64: Process 5619 attached [pid 5609] <... openat resumed>) = 3 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... close resumed>) = 0 [pid 5619] chdir("./44" [pid 5609] chdir("./file1" [pid 5093] umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] rmdir("./41" [pid 5619] <... chdir resumed>) = 0 [pid 5609] <... chdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5609] ioctl(4, LOOP_CLR_FD [pid 5093] lstat("./42/binderfs", [pid 5619] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5609] <... ioctl resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5619] <... prctl resumed>) = 0 [pid 5609] close(4 [pid 5093] unlink("./42/binderfs" [pid 5091] mkdir("./42", 0777 [pid 5619] setpgid(0, 0 [pid 5609] <... close resumed>) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5609] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5619] <... setpgid resumed>) = 0 [pid 5609] <... openat resumed>) = 4 [pid 5091] <... mkdir resumed>) = 0 [pid 5619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5609] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5619] <... openat resumed>) = 3 [pid 5609] <... mmap resumed>) = 0x20000000 [pid 5092] <... umount2 resumed>) = 0 [pid 5619] write(3, "1000", 4 [pid 5609] ioctl(4, FS_IOC_GETVERSION [pid 5092] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [pid 5619] <... write resumed>) = 4 [pid 5609] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5619] close(3 [pid 5609] exit_group(0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5619] <... close resumed>) = 0 [pid 5609] <... exit_group resumed>) = ? [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5619] symlink("/dev/binderfs", "./binderfs" [pid 5609] +++ exited with 0 +++ [pid 5092] lstat("./41/file1", [pid 5091] close(3 [pid 5619] <... symlink resumed>) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5609, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5619] memfd_create("syzkaller", 0 [pid 5092] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5619] <... memfd_create resumed>) = 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, [pid 5619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] openat(AT_FDCWD, "./41/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5619] <... mmap resumed>) = 0x7f12a0a40000 [pid 5092] <... openat resumed>) = 4 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5620 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./41/binderfs") = 0 [pid 5090] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, ./strace-static-x86_64: Process 5620 attached 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5620] chdir("./42" [pid 5092] getdents64(4, [pid 5620] <... chdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5620] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] close(4) = 0 [pid 5092] rmdir("./41/file1") = 0 [pid 5620] <... prctl resumed>) = 0 [pid 5092] getdents64(3, [pid 5620] setpgid(0, 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5620] <... setpgid resumed>) = 0 [pid 5092] close(3 [pid 5620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./41") = 0 [pid 5620] <... openat resumed>) = 3 [pid 5092] mkdir("./42", 0777 [pid 5620] write(3, "1000", 4 [pid 5092] <... mkdir resumed>) = 0 [pid 5620] <... write resumed>) = 4 [pid 5620] close(3 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5620] <... close resumed>) = 0 [pid 5620] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... openat resumed>) = 3 [pid 5620] <... symlink resumed>) = 0 [pid 5620] memfd_create("syzkaller", 0 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5620] <... memfd_create resumed>) = 3 [pid 5092] close(3 [pid 5620] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] <... close resumed>) = 0 [pid 5620] <... mmap resumed>) = 0x7f12a0a40000 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5621 ./strace-static-x86_64: Process 5621 attached [pid 5621] chdir("./42") = 0 [pid 5621] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5621] setpgid(0, 0) = 0 [pid 5621] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./41/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5621] <... openat resumed>) = 3 [pid 5090] umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./41/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5621] write(3, "1000", 4 [pid 5090] getdents64(4, [pid 5621] <... write resumed>) = 4 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5621] close(3 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4 [pid 5621] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5621] symlink("/dev/binderfs", "./binderfs" [pid 5090] rmdir("./41/file1" [pid 5621] <... symlink resumed>) = 0 [pid 5621] memfd_create("syzkaller", 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5621] <... memfd_create resumed>) = 3 [pid 5090] getdents64(3, [pid 5621] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./41" [pid 5619] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... rmdir resumed>) = 0 [pid 5090] mkdir("./42", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./42/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./42/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5620] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./42/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5093] rmdir("./42" [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5621] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... rmdir resumed>) = 0 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] mkdir("./43", 0777 [pid 5090] close(3 [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] <... close resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... umount2 resumed>) = 0 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5623 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5622 ./strace-static-x86_64: Process 5623 attached ./strace-static-x86_64: Process 5622 attached [pid 5623] chdir("./43" [pid 5622] chdir("./42") = 0 [pid 5623] <... chdir resumed>) = 0 [pid 5095] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5622] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5623] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5622] <... prctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5623] <... prctl resumed>) = 0 [pid 5622] setpgid(0, 0 [pid 5095] lstat("./42/file1", [pid 5623] setpgid(0, 0 [pid 5622] <... setpgid resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5623] <... setpgid resumed>) = 0 [pid 5622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5622] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5623] <... openat resumed>) = 3 [pid 5622] write(3, "1000", 4 [pid 5095] openat(AT_FDCWD, "./42/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5623] write(3, "1000", 4 [pid 5622] <... write resumed>) = 4 [pid 5095] <... openat resumed>) = 4 [pid 5623] <... write resumed>) = 4 [pid 5622] close(3 [pid 5095] fstat(4, [pid 5623] close(3 [pid 5622] <... close resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5623] <... close resumed>) = 0 [pid 5622] symlink("/dev/binderfs", "./binderfs" [pid 5095] getdents64(4, [pid 5623] symlink("/dev/binderfs", "./binderfs" [pid 5622] <... symlink resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5623] <... symlink resumed>) = 0 [pid 5622] memfd_create("syzkaller", 0 [pid 5095] getdents64(4, [pid 5623] memfd_create("syzkaller", 0 [pid 5622] <... memfd_create resumed>) = 3 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5623] <... memfd_create resumed>) = 3 [pid 5622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] close(4 [pid 5623] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5622] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] <... close resumed>) = 0 [pid 5623] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] rmdir("./42/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./42" [pid 5619] <... write resumed>) = 4194304 [pid 5095] <... rmdir resumed>) = 0 [pid 5095] mkdir("./43", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5619] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5619] <... munmap resumed>) = 0 [pid 5095] close(3 [pid 5619] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] <... close resumed>) = 0 [pid 5619] <... openat resumed>) = 4 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5619] ioctl(4, LOOP_SET_FD, 3 [pid 5620] <... write resumed>) = 4194304 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5624 [pid 5620] munmap(0x7f12a0a40000, 4194304./strace-static-x86_64: Process 5624 attached [pid 5624] chdir("./43") = 0 [pid 5624] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5620] <... munmap resumed>) = 0 [pid 5624] <... prctl resumed>) = 0 [pid 5620] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5624] setpgid(0, 0) = 0 [pid 5620] <... openat resumed>) = 4 [pid 5624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5620] ioctl(4, LOOP_SET_FD, 3 [pid 5624] <... openat resumed>) = 3 [pid 5624] write(3, "1000", 4) = 4 [pid 5624] close(3 [pid 5619] <... ioctl resumed>) = 0 [pid 5624] <... close resumed>) = 0 [pid 5624] symlink("/dev/binderfs", "./binderfs" [pid 5619] close(3 [pid 5624] <... symlink resumed>) = 0 [pid 5619] <... close resumed>) = 0 [pid 5624] memfd_create("syzkaller", 0 [pid 5619] mkdir("./file1", 0777 [pid 5624] <... memfd_create resumed>) = 3 [pid 5619] <... mkdir resumed>) = 0 [pid 5624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 147.155528][ T5619] loop4: detected capacity change from 0 to 8192 [ 147.185216][ T5620] loop1: detected capacity change from 0 to 8192 [pid 5619] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5624] <... mmap resumed>) = 0x7f12a0a40000 [pid 5623] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5622] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5621] <... write resumed>) = 4194304 [pid 5620] <... ioctl resumed>) = 0 [pid 5621] munmap(0x7f12a0a40000, 4194304 [pid 5620] close(3 [pid 5621] <... munmap resumed>) = 0 [pid 5620] <... close resumed>) = 0 [pid 5621] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5620] mkdir("./file1", 0777 [pid 5621] <... openat resumed>) = 4 [pid 5620] <... mkdir resumed>) = 0 [pid 5621] ioctl(4, LOOP_SET_FD, 3 [pid 5620] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5621] <... ioctl resumed>) = 0 [pid 5621] close(3) = 0 [ 147.221953][ T5619] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.241448][ T5619] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 147.245815][ T5621] loop2: detected capacity change from 0 to 8192 [ 147.258587][ T5619] REISERFS (device loop4): using ordered data mode [ 147.265370][ T5619] reiserfs: using flush barriers [pid 5621] mkdir("./file1", 0777) = 0 [pid 5621] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5623] <... write resumed>) = 4194304 [pid 5623] munmap(0x7f12a0a40000, 4194304) = 0 [ 147.272518][ T5619] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.294787][ T5620] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5623] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5624] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5623] ioctl(4, LOOP_SET_FD, 3 [pid 5622] <... write resumed>) = 4194304 [pid 5622] munmap(0x7f12a0a40000, 4194304) = 0 [ 147.313781][ T5621] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.326172][ T5620] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 147.329966][ T5621] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 147.341328][ T5623] loop3: detected capacity change from 0 to 8192 [ 147.347464][ T5621] REISERFS (device loop2): using ordered data mode [ 147.360247][ T5621] reiserfs: using flush barriers [ 147.361143][ T5619] REISERFS (device loop4): checking transaction log (loop4) [pid 5623] <... ioctl resumed>) = 0 [pid 5622] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5623] close(3 [pid 5622] <... openat resumed>) = 4 [pid 5623] <... close resumed>) = 0 [pid 5622] ioctl(4, LOOP_SET_FD, 3 [pid 5623] mkdir("./file1", 0777 [pid 5622] <... ioctl resumed>) = 0 [pid 5623] <... mkdir resumed>) = 0 [pid 5623] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5622] close(3) = 0 [pid 5622] mkdir("./file1", 0777) = 0 [ 147.368118][ T5621] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.381168][ T5620] REISERFS (device loop1): using ordered data mode [ 147.390944][ T5621] REISERFS (device loop2): checking transaction log (loop2) [ 147.404288][ T5622] loop0: detected capacity change from 0 to 8192 [ 147.425510][ T5623] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.430524][ T5620] reiserfs: using flush barriers [pid 5622] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5624] <... write resumed>) = 4194304 [ 147.465684][ T5620] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.465843][ T5622] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.485025][ T5620] REISERFS (device loop1): checking transaction log (loop1) [pid 5624] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5624] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5624] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5624] close(3) = 0 [pid 5624] mkdir("./file1", 0777) = 0 [ 147.529764][ T5623] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 147.539821][ T5623] REISERFS (device loop3): using ordered data mode [ 147.546542][ T5621] REISERFS (device loop2): Using r5 hash to sort names [ 147.553552][ T5624] loop5: detected capacity change from 0 to 8192 [ 147.561499][ T5621] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 147.571156][ T5622] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5624] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5621] <... mount resumed>) = 0 [ 147.572135][ T5624] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.580427][ T5622] REISERFS (device loop0): using ordered data mode [ 147.600287][ T5622] reiserfs: using flush barriers [ 147.602264][ T5623] reiserfs: using flush barriers [ 147.609292][ T5624] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5621] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 147.612593][ T5622] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.619502][ T5624] REISERFS (device loop5): using ordered data mode [ 147.642064][ T5624] reiserfs: using flush barriers [ 147.648532][ T5624] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5621] chdir("./file1") = 0 [pid 5621] ioctl(4, LOOP_CLR_FD) = 0 [pid 5621] close(4) = 0 [pid 5621] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5621] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 147.666077][ T5623] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.666295][ T5624] REISERFS (device loop5): checking transaction log (loop5) [ 147.697394][ T5622] REISERFS (device loop0): checking transaction log (loop0) [pid 5621] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5621] exit_group(0) = ? [pid 5621] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5621, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} --- [pid 5092] umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./42/binderfs") = 0 [ 147.767215][ T5623] REISERFS (device loop3): checking transaction log (loop3) [ 147.884735][ T5622] REISERFS (device loop0): Using r5 hash to sort names [ 147.915196][ T5622] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5622] <... mount resumed>) = 0 [pid 5622] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5622] chdir("./file1") = 0 [pid 5622] ioctl(4, LOOP_CLR_FD) = 0 [pid 5622] close(4 [pid 5619] <... mount resumed>) = 0 [pid 5622] <... close resumed>) = 0 [ 147.934999][ T5619] REISERFS (device loop4): Using r5 hash to sort names [ 147.968440][ T5619] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 147.969186][ T5620] REISERFS (device loop1): Using r5 hash to sort names [pid 5622] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5619] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] <... umount2 resumed>) = 0 [pid 5622] <... openat resumed>) = 4 [pid 5620] <... mount resumed>) = 0 [pid 5619] <... openat resumed>) = 3 [pid 5092] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5622] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5620] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5619] chdir("./file1" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5619] <... chdir resumed>) = 0 [pid 5622] <... mmap resumed>) = 0x20000000 [pid 5620] <... openat resumed>) = 3 [pid 5619] ioctl(4, LOOP_CLR_FD [pid 5092] lstat("./42/file1", [pid 5624] <... mount resumed>) = 0 [pid 5622] ioctl(4, FS_IOC_GETVERSION [pid 5620] chdir("./file1" [pid 5619] <... ioctl resumed>) = 0 [pid 5624] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5622] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5620] <... chdir resumed>) = 0 [pid 5619] close(4 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5624] <... openat resumed>) = 3 [pid 5622] exit_group(0 [pid 5620] ioctl(4, LOOP_CLR_FD [pid 5619] <... close resumed>) = 0 [ 148.011392][ T5620] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 148.032435][ T5624] REISERFS (device loop5): Using r5 hash to sort names [ 148.039690][ T5624] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5622] <... exit_group resumed>) = ? [pid 5620] <... ioctl resumed>) = 0 [pid 5619] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5619] <... openat resumed>) = 4 [pid 5624] chdir("./file1" [pid 5622] +++ exited with 0 +++ [pid 5620] close(4 [pid 5619] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5624] <... chdir resumed>) = 0 [pid 5623] <... mount resumed>) = 0 [pid 5620] <... close resumed>) = 0 [pid 5619] <... mmap resumed>) = 0x20000000 [pid 5092] openat(AT_FDCWD, "./42/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5624] ioctl(4, LOOP_CLR_FD [pid 5623] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5620] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5619] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... openat resumed>) = 4 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5622, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5624] <... ioctl resumed>) = 0 [pid 5623] <... openat resumed>) = 3 [pid 5620] <... openat resumed>) = 4 [pid 5619] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] fstat(4, [pid 5090] umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5624] close(4 [pid 5623] chdir("./file1" [pid 5620] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5619] exit_group(0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5624] <... close resumed>) = 0 [pid 5623] <... chdir resumed>) = 0 [pid 5619] <... exit_group resumed>) = ? [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5624] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5623] ioctl(4, LOOP_CLR_FD [pid 5620] <... mmap resumed>) = 0x20000000 [pid 5619] +++ exited with 0 +++ [pid 5092] getdents64(4, [pid 5090] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5624] <... openat resumed>) = 4 [pid 5623] <... ioctl resumed>) = 0 [pid 5620] ioctl(4, FS_IOC_GETVERSION [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5619, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5624] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5623] close(4 [pid 5620] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] getdents64(4, [pid 5090] <... openat resumed>) = 3 [pid 5624] <... mmap resumed>) = 0x20000000 [pid 5623] <... close resumed>) = 0 [pid 5620] exit_group(0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] fstat(3, [pid 5624] ioctl(4, FS_IOC_GETVERSION [pid 5623] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5620] <... exit_group resumed>) = ? [pid 5094] umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] close(4 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5624] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5623] <... openat resumed>) = 4 [pid 5620] +++ exited with 0 +++ [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 148.057357][ T5623] REISERFS (device loop3): Using r5 hash to sort names [ 148.068339][ T5623] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] <... close resumed>) = 0 [pid 5624] exit_group(0 [pid 5623] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] fstat(3, [pid 5090] getdents64(3, [pid 5092] rmdir("./42/file1" [pid 5624] <... exit_group resumed>) = ? [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5623] <... mmap resumed>) = 0x20000000 [pid 5094] getdents64(3, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... rmdir resumed>) = 0 [pid 5094] umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5624] +++ exited with 0 +++ [pid 5623] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] getdents64(3, [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5620, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5090] umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5623] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5624, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5094] lstat("./44/binderfs", [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5623] exit_group(0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./42/binderfs", [pid 5623] <... exit_group resumed>) = ? [pid 5094] unlink("./44/binderfs" [pid 5092] <... close resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... unlink resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5623] +++ exited with 0 +++ [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] rmdir("./42" [pid 5091] <... openat resumed>) = 3 [pid 5090] unlink("./42/binderfs" [pid 5095] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5623, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} --- [pid 5092] <... rmdir resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5091] fstat(3, [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] mkdir("./43", 0777 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5095] umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./43/binderfs", [pid 5092] <... mkdir resumed>) = 0 [pid 5091] getdents64(3, [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] unlink("./43/binderfs" [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] <... unlink resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5095] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... openat resumed>) = 3 [pid 5093] fstat(3, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] close(3 [pid 5091] lstat("./42/binderfs", [pid 5093] getdents64(3, [pid 5092] <... close resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] unlink("./42/binderfs" [pid 5093] umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... unlink resumed>) = 0 [pid 5093] lstat("./43/binderfs", [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5631 [pid 5091] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./43/binderfs") = 0 [pid 5093] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5631 attached [pid 5631] chdir("./43") = 0 [pid 5631] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5631] setpgid(0, 0) = 0 [pid 5631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5631] write(3, "1000", 4) = 4 [pid 5631] close(3) = 0 [pid 5631] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5631] memfd_create("syzkaller", 0) = 3 [pid 5631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./43/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./43/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./43/file1" [pid 5631] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./43") = 0 [pid 5093] mkdir("./44", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = 0 [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5632 ./strace-static-x86_64: Process 5632 attached [pid 5632] chdir("./44") = 0 [pid 5632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5632] setpgid(0, 0) = 0 [pid 5632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5632] write(3, "1000", 4 [pid 5090] <... umount2 resumed>) = 0 [pid 5632] <... write resumed>) = 4 [pid 5632] close(3) = 0 [pid 5632] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5632] memfd_create("syzkaller", 0) = 3 [pid 5632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./42/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5090] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./42/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] getdents64(4, [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./43/file1", [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, [pid 5095] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] close(4 [pid 5095] openat(AT_FDCWD, "./43/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... close resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5090] rmdir("./42/file1" [pid 5095] fstat(4, [pid 5090] <... rmdir resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, [pid 5095] getdents64(4, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] close(3 [pid 5095] getdents64(4, [pid 5090] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5090] rmdir("./42" [pid 5095] close(4 [pid 5090] <... rmdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5090] mkdir("./43", 0777 [pid 5095] rmdir("./43/file1" [pid 5090] <... mkdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... rmdir resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5095] getdents64(3, [pid 5094] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] close(3 [pid 5094] lstat("./44/file1", [pid 5090] close(3 [pid 5095] <... close resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... close resumed>) = 0 [pid 5094] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./44/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5633 [pid 5094] <... openat resumed>) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./44/file1") = 0 ./strace-static-x86_64: Process 5633 attached [pid 5094] getdents64(3, [pid 5633] chdir("./43" [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5633] <... chdir resumed>) = 0 [pid 5094] close(3 [pid 5633] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] rmdir("./43" [pid 5094] <... close resumed>) = 0 [pid 5633] <... prctl resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5094] rmdir("./44" [pid 5633] setpgid(0, 0 [pid 5095] mkdir("./44", 0777 [pid 5094] <... rmdir resumed>) = 0 [pid 5633] <... setpgid resumed>) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5094] mkdir("./45", 0777 [pid 5633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... mkdir resumed>) = 0 [pid 5633] <... openat resumed>) = 3 [pid 5095] <... openat resumed>) = 3 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5633] write(3, "1000", 4 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] <... openat resumed>) = 3 [pid 5633] <... write resumed>) = 4 [pid 5632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5631] <... write resumed>) = 4194304 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5633] close(3 [pid 5095] close(3 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5633] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] close(3 [pid 5633] symlink("/dev/binderfs", "./binderfs" [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... close resumed>) = 0 [pid 5633] <... symlink resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5633] memfd_create("syzkaller", 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5634 [pid 5633] <... memfd_create resumed>) = 3 [pid 5631] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5635 [pid 5633] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5631] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5635 attached ./strace-static-x86_64: Process 5634 attached [pid 5631] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5635] chdir("./45" [pid 5634] chdir("./44" [pid 5631] <... openat resumed>) = 4 [pid 5635] <... chdir resumed>) = 0 [pid 5634] <... chdir resumed>) = 0 [pid 5631] ioctl(4, LOOP_SET_FD, 3 [pid 5634] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5634] setpgid(0, 0) = 0 [pid 5634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5634] write(3, "1000", 4) = 4 [pid 5634] close(3) = 0 [pid 5634] symlink("/dev/binderfs", "./binderfs" [pid 5635] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5634] <... symlink resumed>) = 0 [pid 5634] memfd_create("syzkaller", 0 [pid 5635] <... prctl resumed>) = 0 [pid 5634] <... memfd_create resumed>) = 3 [pid 5635] setpgid(0, 0 [pid 5634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5631] <... ioctl resumed>) = 0 [pid 5635] <... setpgid resumed>) = 0 [pid 5634] <... mmap resumed>) = 0x7f12a0a40000 [pid 5635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5631] close(3 [pid 5635] <... openat resumed>) = 3 [pid 5631] <... close resumed>) = 0 [pid 5635] write(3, "1000", 4 [pid 5631] mkdir("./file1", 0777 [pid 5635] <... write resumed>) = 4 [pid 5635] close(3 [pid 5631] <... mkdir resumed>) = 0 [pid 5635] <... close resumed>) = 0 [pid 5631] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5635] symlink("/dev/binderfs", "./binderfs") = 0 [ 148.545914][ T5631] loop2: detected capacity change from 0 to 8192 [pid 5635] memfd_create("syzkaller", 0) = 3 [pid 5635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./42/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5634] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 148.592691][ T5631] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5091] openat(AT_FDCWD, "./42/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5633] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./42/file1" [pid 5635] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... rmdir resumed>) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./42") = 0 [pid 5091] mkdir("./43", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 148.661938][ T5631] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5091] close(3) = 0 [pid 5632] <... write resumed>) = 4194304 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5637 attached [pid 5635] <... write resumed>) = 4194304 [pid 5637] chdir("./43" [pid 5632] munmap(0x7f12a0a40000, 4194304 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5637 [pid 5635] munmap(0x7f12a0a40000, 4194304 [pid 5637] <... chdir resumed>) = 0 [pid 5632] <... munmap resumed>) = 0 [pid 5637] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5635] <... munmap resumed>) = 0 [pid 5632] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5637] <... prctl resumed>) = 0 [pid 5635] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5634] <... write resumed>) = 4194304 [pid 5632] <... openat resumed>) = 4 [pid 5637] setpgid(0, 0 [pid 5635] <... openat resumed>) = 4 [pid 5632] ioctl(4, LOOP_SET_FD, 3 [pid 5637] <... setpgid resumed>) = 0 [pid 5635] ioctl(4, LOOP_SET_FD, 3 [pid 5633] <... write resumed>) = 4194304 [pid 5637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5632] <... ioctl resumed>) = 0 [ 148.731384][ T5631] REISERFS (device loop2): using ordered data mode [ 148.766857][ T5632] loop3: detected capacity change from 0 to 8192 [ 148.770460][ T5631] reiserfs: using flush barriers [pid 5632] close(3) = 0 [pid 5632] mkdir("./file1", 0777 [pid 5637] <... openat resumed>) = 3 [pid 5633] munmap(0x7f12a0a40000, 4194304 [pid 5635] <... ioctl resumed>) = 0 [pid 5634] munmap(0x7f12a0a40000, 4194304 [pid 5632] <... mkdir resumed>) = 0 [pid 5632] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5637] write(3, "1000", 4 [pid 5635] close(3 [pid 5634] <... munmap resumed>) = 0 [pid 5633] <... munmap resumed>) = 0 [pid 5637] <... write resumed>) = 4 [pid 5633] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5637] close(3 [pid 5633] <... openat resumed>) = 4 [pid 5637] <... close resumed>) = 0 [pid 5633] ioctl(4, LOOP_SET_FD, 3 [pid 5637] symlink("/dev/binderfs", "./binderfs" [pid 5635] <... close resumed>) = 0 [pid 5634] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5637] <... symlink resumed>) = 0 [pid 5635] mkdir("./file1", 0777 [pid 5637] memfd_create("syzkaller", 0 [pid 5634] <... openat resumed>) = 4 [pid 5637] <... memfd_create resumed>) = 3 [pid 5635] <... mkdir resumed>) = 0 [pid 5634] ioctl(4, LOOP_SET_FD, 3 [ 148.780296][ T5635] loop4: detected capacity change from 0 to 8192 [ 148.788630][ T5631] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 148.802632][ T5632] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 148.806926][ T5631] REISERFS (device loop2): checking transaction log (loop2) [ 148.825224][ T5633] loop0: detected capacity change from 0 to 8192 [pid 5637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5633] <... ioctl resumed>) = 0 [pid 5637] <... mmap resumed>) = 0x7f12a0a40000 [pid 5633] close(3 [pid 5635] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5634] <... ioctl resumed>) = 0 [pid 5633] <... close resumed>) = 0 [pid 5634] close(3 [pid 5633] mkdir("./file1", 0777 [pid 5634] <... close resumed>) = 0 [pid 5633] <... mkdir resumed>) = 0 [pid 5634] mkdir("./file1", 0777 [pid 5633] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5634] <... mkdir resumed>) = 0 [ 148.839358][ T5634] loop5: detected capacity change from 0 to 8192 [ 148.861173][ T5635] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5634] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 148.880427][ T5634] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 148.893769][ T5633] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 148.902498][ T5632] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 148.916680][ T5632] REISERFS (device loop3): using ordered data mode [ 148.933295][ T5632] reiserfs: using flush barriers [ 148.947507][ T5632] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 148.947968][ T5633] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 148.974192][ T5634] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 148.984054][ T5635] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5637] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5637] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5637] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5637] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5637] close(3) = 0 [pid 5637] mkdir("./file1", 0777) = 0 [ 148.994281][ T5632] REISERFS (device loop3): checking transaction log (loop3) [ 149.011945][ T5635] REISERFS (device loop4): using ordered data mode [ 149.013205][ T5634] REISERFS (device loop5): using ordered data mode [ 149.021689][ T5635] reiserfs: using flush barriers [ 149.031881][ T5637] loop1: detected capacity change from 0 to 8192 [ 149.055600][ T5635] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 149.065300][ T5634] reiserfs: using flush barriers [ 149.074189][ T5637] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 149.088316][ T5633] REISERFS (device loop0): using ordered data mode [ 149.113343][ T5631] REISERFS (device loop2): Using r5 hash to sort names [ 149.117818][ T5633] reiserfs: using flush barriers [ 149.125640][ T5634] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 149.126713][ T5637] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 149.142289][ T5633] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 149.151132][ T5637] REISERFS (device loop1): using ordered data mode [ 149.174065][ T5637] reiserfs: using flush barriers [ 149.180733][ T5635] REISERFS (device loop4): checking transaction log (loop4) [ 149.184983][ T5637] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 149.193946][ T5631] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5637] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5631] <... mount resumed>) = 0 [pid 5631] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5631] chdir("./file1") = 0 [pid 5631] ioctl(4, LOOP_CLR_FD) = 0 [pid 5631] close(4) = 0 [pid 5631] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 149.214695][ T5634] REISERFS (device loop5): checking transaction log (loop5) [pid 5631] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5631] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5631] exit_group(0) = ? [pid 5631] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5631, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [ 149.279266][ T5633] REISERFS (device loop0): checking transaction log (loop0) [ 149.314264][ T5637] REISERFS (device loop1): checking transaction log (loop1) [pid 5092] umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./43/binderfs") = 0 [pid 5092] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5634] <... mount resumed>) = 0 [pid 5634] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5634] chdir("./file1") = 0 [ 149.339404][ T5634] REISERFS (device loop5): Using r5 hash to sort names [ 149.357556][ T5634] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 149.376038][ T5632] REISERFS (device loop3): Using r5 hash to sort names [pid 5634] ioctl(4, LOOP_CLR_FD) = 0 [pid 5634] close(4) = 0 [pid 5634] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5634] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5634] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5634] exit_group(0) = ? [pid 5634] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5634, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5095] umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5632] <... mount resumed>) = 0 [ 149.442097][ T5632] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] fstat(3, [pid 5632] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5632] <... openat resumed>) = 3 [pid 5095] getdents64(3, [pid 5632] chdir("./file1" [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5632] <... chdir resumed>) = 0 [pid 5095] umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5632] ioctl(4, LOOP_CLR_FD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5632] <... ioctl resumed>) = 0 [pid 5095] lstat("./44/binderfs", [pid 5632] close(4 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5633] <... mount resumed>) = 0 [pid 5632] <... close resumed>) = 0 [pid 5095] unlink("./44/binderfs" [pid 5632] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] <... unlink resumed>) = 0 [ 149.487911][ T5633] REISERFS (device loop0): Using r5 hash to sort names [ 149.502156][ T5633] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 149.520463][ T5637] REISERFS (device loop1): Using r5 hash to sort names [pid 5633] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5632] <... openat resumed>) = 4 [pid 5095] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5637] <... mount resumed>) = 0 [pid 5633] <... openat resumed>) = 3 [pid 5632] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5633] chdir("./file1" [pid 5632] <... mmap resumed>) = 0x20000000 [pid 5633] <... chdir resumed>) = 0 [pid 5633] ioctl(4, LOOP_CLR_FD) = 0 [pid 5632] ioctl(4, FS_IOC_GETVERSION [pid 5633] close(4) = 0 [pid 5632] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5637] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5633] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5632] exit_group(0 [pid 5637] <... openat resumed>) = 3 [pid 5633] <... openat resumed>) = 4 [pid 5632] <... exit_group resumed>) = ? [pid 5633] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5632] +++ exited with 0 +++ [pid 5637] chdir("./file1" [pid 5633] ioctl(4, FS_IOC_GETVERSION [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5632, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} --- [pid 5633] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5637] <... chdir resumed>) = 0 [pid 5633] exit_group(0 [pid 5637] ioctl(4, LOOP_CLR_FD [pid 5633] <... exit_group resumed>) = ? [pid 5093] umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5637] <... ioctl resumed>) = 0 [pid 5633] +++ exited with 0 +++ [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5637] close(4 [ 149.545459][ T5637] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 149.555182][ T5635] REISERFS (device loop4): Using r5 hash to sort names [pid 5093] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5637] <... close resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5633, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5093] fstat(3, [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5637] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5093] getdents64(3, [pid 5637] <... openat resumed>) = 4 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5637] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./44/binderfs", [pid 5090] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5637] <... mmap resumed>) = 0x20000000 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5637] ioctl(4, FS_IOC_GETVERSION [pid 5093] unlink("./44/binderfs" [pid 5090] fstat(3, [pid 5637] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... unlink resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5637] exit_group(0 [pid 5093] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] getdents64(3, [pid 5637] <... exit_group resumed>) = ? [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./43/binderfs" [pid 5637] +++ exited with 0 +++ [pid 5090] <... unlink resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5637, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5090] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./43/binderfs") = 0 [pid 5091] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5635] <... mount resumed>) = 0 [pid 5635] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5635] chdir("./file1") = 0 [pid 5635] ioctl(4, LOOP_CLR_FD) = 0 [pid 5635] close(4) = 0 [ 149.600661][ T5635] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5635] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5635] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5635] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5635] exit_group(0) = ? [pid 5635] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5635, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5094] umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... umount2 resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, [pid 5092] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./43/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./43/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] lstat("./45/binderfs", [pid 5092] getdents64(4, [pid 5090] <... umount2 resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] unlink("./45/binderfs" [pid 5092] close(4 [pid 5090] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... unlink resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5094] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] rmdir("./43/file1" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5090] lstat("./43/file1", [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./43") = 0 [pid 5090] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] mkdir("./44", 0777) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5090] openat(AT_FDCWD, "./43/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] <... openat resumed>) = 4 [pid 5092] close(3) = 0 [pid 5090] fstat(4, [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5643 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5643 attached [pid 5090] getdents64(4, [pid 5643] chdir("./44" [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./43/file1" [pid 5643] <... chdir resumed>) = 0 [pid 5643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5643] setpgid(0, 0) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3 [pid 5643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... close resumed>) = 0 [pid 5643] <... openat resumed>) = 3 [pid 5090] rmdir("./43" [pid 5643] write(3, "1000", 4) = 4 [pid 5643] close(3) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5643] symlink("/dev/binderfs", "./binderfs" [pid 5090] mkdir("./44", 0777 [pid 5643] <... symlink resumed>) = 0 [pid 5643] memfd_create("syzkaller", 0) = 3 [pid 5643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5643] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = 0 [pid 5090] close(3 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./44/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./44/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./44/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./44") = 0 [pid 5095] mkdir("./45", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5644 ./strace-static-x86_64: Process 5644 attached [pid 5644] chdir("./45") = 0 [pid 5644] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5644] setpgid(0, 0) = 0 [pid 5644] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5644] write(3, "1000", 4) = 4 [pid 5644] close(3) = 0 [pid 5644] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... umount2 resumed>) = 0 [pid 5644] <... symlink resumed>) = 0 [pid 5644] memfd_create("syzkaller", 0) = 3 [pid 5644] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./44/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./44/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, [pid 5643] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./44/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./44") = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5093] mkdir("./45", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] lstat("./43/file1", [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5645 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./43/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5645 attached [pid 5091] close(4 [pid 5645] chdir("./45" [pid 5091] <... close resumed>) = 0 [pid 5645] <... chdir resumed>) = 0 [pid 5091] rmdir("./43/file1" [pid 5645] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... rmdir resumed>) = 0 [pid 5645] <... prctl resumed>) = 0 [pid 5091] getdents64(3, [pid 5645] setpgid(0, 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5645] <... setpgid resumed>) = 0 [pid 5091] close(3 [pid 5645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] <... umount2 resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5645] <... openat resumed>) = 3 [pid 5091] rmdir("./43" [pid 5645] write(3, "1000", 4 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5645] <... write resumed>) = 4 [pid 5091] mkdir("./44", 0777 [pid 5645] close(3 [pid 5094] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... mkdir resumed>) = 0 [pid 5645] <... close resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5645] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... openat resumed>) = 3 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5646 [pid 5645] <... symlink resumed>) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5094] lstat("./45/file1", [pid 5645] memfd_create("syzkaller", 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5645] <... memfd_create resumed>) = 3 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] close(3 [pid 5645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] <... close resumed>) = 0 [pid 5094] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5645] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5646 attached [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5647 [pid 5094] openat(AT_FDCWD, "./45/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5646] chdir("./44") = 0 [pid 5644] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... openat resumed>) = 4 [pid 5646] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] fstat(4, [pid 5646] <... prctl resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5647 attached [pid 5646] setpgid(0, 0 [pid 5647] chdir("./44" [pid 5094] getdents64(4, [pid 5647] <... chdir resumed>) = 0 [pid 5646] <... setpgid resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5647] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] getdents64(4, [pid 5647] <... prctl resumed>) = 0 [pid 5646] <... openat resumed>) = 3 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5647] setpgid(0, 0 [pid 5646] write(3, "1000", 4 [pid 5094] close(4 [pid 5647] <... setpgid resumed>) = 0 [pid 5646] <... write resumed>) = 4 [pid 5094] <... close resumed>) = 0 [pid 5647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5646] close(3 [pid 5094] rmdir("./45/file1" [pid 5647] <... openat resumed>) = 3 [pid 5646] <... close resumed>) = 0 [pid 5647] write(3, "1000", 4) = 4 [pid 5646] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... rmdir resumed>) = 0 [pid 5647] close(3) = 0 [pid 5646] <... symlink resumed>) = 0 [pid 5647] symlink("/dev/binderfs", "./binderfs" [pid 5094] getdents64(3, [pid 5647] <... symlink resumed>) = 0 [pid 5646] memfd_create("syzkaller", 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5647] memfd_create("syzkaller", 0 [pid 5646] <... memfd_create resumed>) = 3 [pid 5094] close(3 [pid 5647] <... memfd_create resumed>) = 3 [pid 5646] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... close resumed>) = 0 [pid 5647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5646] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] rmdir("./45") = 0 [pid 5094] mkdir("./46", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5648 ./strace-static-x86_64: Process 5648 attached [pid 5648] chdir("./46") = 0 [pid 5648] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5648] setpgid(0, 0) = 0 [pid 5648] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5645] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5648] <... openat resumed>) = 3 [pid 5648] write(3, "1000", 4) = 4 [pid 5648] close(3) = 0 [pid 5648] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5648] memfd_create("syzkaller", 0) = 3 [pid 5648] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5647] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5643] <... write resumed>) = 4194304 [pid 5648] <... mmap resumed>) = 0x7f12a0a40000 [pid 5646] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5643] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5643] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5643] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5643] close(3) = 0 [pid 5643] mkdir("./file1", 0777) = 0 [ 150.164751][ T5643] loop2: detected capacity change from 0 to 8192 [pid 5643] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5644] <... write resumed>) = 4194304 [pid 5644] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5644] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5646] <... write resumed>) = 4194304 [pid 5644] <... openat resumed>) = 4 [pid 5646] munmap(0x7f12a0a40000, 4194304 [pid 5644] ioctl(4, LOOP_SET_FD, 3 [pid 5646] <... munmap resumed>) = 0 [pid 5646] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5644] <... ioctl resumed>) = 0 [pid 5646] ioctl(4, LOOP_SET_FD, 3 [ 150.239506][ T5643] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.273283][ T5644] loop5: detected capacity change from 0 to 8192 [pid 5644] close(3) = 0 [pid 5648] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5646] <... ioctl resumed>) = 0 [pid 5644] mkdir("./file1", 0777 [pid 5646] close(3) = 0 [pid 5644] <... mkdir resumed>) = 0 [pid 5646] mkdir("./file1", 0777 [pid 5644] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5646] <... mkdir resumed>) = 0 [pid 5646] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5645] <... write resumed>) = 4194304 [pid 5645] munmap(0x7f12a0a40000, 4194304) = 0 [ 150.285417][ T5646] loop0: detected capacity change from 0 to 8192 [ 150.295776][ T5643] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 150.323950][ T5644] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5645] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5645] ioctl(4, LOOP_SET_FD, 3 [pid 5647] <... write resumed>) = 4194304 [pid 5647] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5647] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 150.326636][ T5645] loop3: detected capacity change from 0 to 8192 [ 150.337740][ T5646] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.357127][ T5643] REISERFS (device loop2): using ordered data mode [ 150.371591][ T5647] loop1: detected capacity change from 0 to 8192 [ 150.378067][ T5643] reiserfs: using flush barriers [pid 5647] ioctl(4, LOOP_SET_FD, 3 [pid 5648] <... write resumed>) = 4194304 [pid 5647] <... ioctl resumed>) = 0 [pid 5645] <... ioctl resumed>) = 0 [pid 5648] munmap(0x7f12a0a40000, 4194304 [pid 5645] close(3) = 0 [pid 5645] mkdir("./file1", 0777) = 0 [pid 5645] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5648] <... munmap resumed>) = 0 [pid 5647] close(3) = 0 [pid 5648] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5647] mkdir("./file1", 0777) = 0 [ 150.383519][ T5644] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 150.390924][ T5646] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 150.399690][ T5643] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.402101][ T5644] REISERFS (device loop5): using ordered data mode [ 150.425726][ T5644] reiserfs: using flush barriers [pid 5647] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 150.432800][ T5644] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.439397][ T5646] REISERFS (device loop0): using ordered data mode [ 150.449878][ T5644] REISERFS (device loop5): checking transaction log (loop5) [ 150.458415][ T5647] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.463191][ T5648] loop4: detected capacity change from 0 to 8192 [ 150.475935][ T5645] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.497746][ T5643] REISERFS (device loop2): checking transaction log (loop2) [ 150.500928][ T5646] reiserfs: using flush barriers [ 150.511679][ T5647] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 150.521064][ T5647] REISERFS (device loop1): using ordered data mode [pid 5648] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5648] close(3) = 0 [ 150.522770][ T5646] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.527581][ T5647] reiserfs: using flush barriers [ 150.528795][ T5645] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 150.544794][ T5647] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.548908][ T5645] REISERFS (device loop3): using ordered data mode [ 150.580800][ T5645] reiserfs: using flush barriers [pid 5648] mkdir("./file1", 0777) = 0 [ 150.587581][ T5645] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.592686][ T5646] REISERFS (device loop0): checking transaction log (loop0) [ 150.619998][ T5647] REISERFS (device loop1): checking transaction log (loop1) [ 150.634107][ T5645] REISERFS (device loop3): checking transaction log (loop3) [ 150.662581][ T5648] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.703208][ T5648] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 150.712695][ T5648] REISERFS (device loop4): using ordered data mode [ 150.719244][ T5648] reiserfs: using flush barriers [ 150.728225][ T5648] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.773702][ T5648] REISERFS (device loop4): checking transaction log (loop4) [pid 5648] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5643] <... mount resumed>) = 0 [pid 5643] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5643] chdir("./file1") = 0 [pid 5643] ioctl(4, LOOP_CLR_FD) = 0 [ 150.826316][ T5643] REISERFS (device loop2): Using r5 hash to sort names [ 150.829595][ T5646] REISERFS (device loop0): Using r5 hash to sort names [ 150.834203][ T5643] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5643] close(4) = 0 [pid 5643] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5643] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5643] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5643] exit_group(0) = ? [pid 5643] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5643, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 150.869081][ T5646] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./44/binderfs") = 0 [pid 5092] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5646] <... mount resumed>) = 0 [pid 5646] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 150.912983][ T5644] REISERFS (device loop5): Using r5 hash to sort names [ 150.920330][ T5644] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5646] chdir("./file1") = 0 [pid 5646] ioctl(4, LOOP_CLR_FD) = 0 [pid 5646] close(4) = 0 [pid 5646] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5646] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5644] <... mount resumed>) = 0 [pid 5644] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5646] ioctl(4, FS_IOC_GETVERSION [pid 5644] chdir("./file1" [pid 5646] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5644] <... chdir resumed>) = 0 [pid 5646] exit_group(0 [pid 5644] ioctl(4, LOOP_CLR_FD [pid 5646] <... exit_group resumed>) = ? [pid 5644] <... ioctl resumed>) = 0 [pid 5646] +++ exited with 0 +++ [pid 5644] close(4 [pid 5645] <... mount resumed>) = 0 [pid 5644] <... close resumed>) = 0 [pid 5645] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5644] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5645] <... openat resumed>) = 3 [ 150.953551][ T5647] REISERFS (device loop1): Using r5 hash to sort names [ 150.972884][ T5645] REISERFS (device loop3): Using r5 hash to sort names [ 150.986963][ T5645] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5645] chdir("./file1" [pid 5644] <... openat resumed>) = 4 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5646, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=26 /* 0.26 s */} --- [pid 5645] <... chdir resumed>) = 0 [pid 5644] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5645] ioctl(4, LOOP_CLR_FD [pid 5644] <... mmap resumed>) = 0x20000000 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5645] <... ioctl resumed>) = 0 [pid 5645] close(4) = 0 [pid 5644] ioctl(4, FS_IOC_GETVERSION [pid 5645] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5644] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5645] <... openat resumed>) = 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5645] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5644] exit_group(0 [pid 5090] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5645] <... mmap resumed>) = 0x20000000 [pid 5645] ioctl(4, FS_IOC_GETVERSION [pid 5644] <... exit_group resumed>) = ? [pid 5090] <... openat resumed>) = 3 [pid 5644] +++ exited with 0 +++ [pid 5645] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] fstat(3, [pid 5645] exit_group(0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5644, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5645] <... exit_group resumed>) = ? [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5645] +++ exited with 0 +++ [pid 5095] umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] getdents64(3, [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5645, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5095] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5647] <... mount resumed>) = 0 [pid 5647] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5647] chdir("./file1") = 0 [pid 5647] ioctl(4, LOOP_CLR_FD) = 0 [pid 5647] close(4) = 0 [pid 5093] umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... openat resumed>) = 3 [pid 5647] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] fstat(3, [pid 5090] umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5647] <... openat resumed>) = 4 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5647] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... openat resumed>) = 3 [pid 5090] lstat("./44/binderfs", [pid 5647] <... mmap resumed>) = 0x20000000 [pid 5095] umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] fstat(3, [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5647] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5647] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] lstat("./45/binderfs", [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] unlink("./44/binderfs" [pid 5647] exit_group(0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] getdents64(3, [pid 5647] <... exit_group resumed>) = ? [pid 5095] unlink("./45/binderfs" [pid 5090] <... unlink resumed>) = 0 [pid 5647] +++ exited with 0 +++ [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] <... unlink resumed>) = 0 [pid 5093] umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./45/binderfs", [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5647, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] unlink("./45/binderfs" [ 151.025479][ T5647] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 151.039390][ T5648] REISERFS (device loop4): Using r5 hash to sort names [ 151.060938][ T5648] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... unlink resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5093] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./44/binderfs") = 0 [pid 5091] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5648] <... mount resumed>) = 0 [pid 5648] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5648] chdir("./file1") = 0 [pid 5648] ioctl(4, LOOP_CLR_FD) = 0 [pid 5648] close(4) = 0 [pid 5648] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5648] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5648] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5648] exit_group(0) = ? [pid 5648] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5648, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5094] umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./46/binderfs") = 0 [pid 5094] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./44/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./44/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./44/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./44") = 0 [pid 5092] mkdir("./45", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5655 ./strace-static-x86_64: Process 5655 attached [pid 5655] chdir("./45") = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5655] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5093] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5655] setpgid(0, 0) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] lstat("./45/file1", [pid 5091] lstat("./44/file1", [pid 5655] <... openat resumed>) = 3 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5655] write(3, "1000", 4) = 4 [pid 5093] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5655] close(3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5655] <... close resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./45/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] openat(AT_FDCWD, "./44/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5655] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... openat resumed>) = 4 [pid 5091] <... openat resumed>) = 4 [pid 5655] <... symlink resumed>) = 0 [pid 5093] fstat(4, [pid 5091] fstat(4, [pid 5655] memfd_create("syzkaller", 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5655] <... memfd_create resumed>) = 3 [pid 5093] getdents64(4, [pid 5091] getdents64(4, [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, [pid 5091] getdents64(4, [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4 [pid 5091] close(4 [pid 5655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5655] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] rmdir("./45/file1" [pid 5091] rmdir("./44/file1" [pid 5093] <... rmdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, [pid 5091] getdents64(3, [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5091] close(3 [pid 5093] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5093] rmdir("./45" [pid 5091] rmdir("./44" [pid 5093] <... rmdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5093] mkdir("./46", 0777 [pid 5091] mkdir("./45", 0777 [pid 5093] <... mkdir resumed>) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = 0 [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5656 [pid 5090] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5656 attached [pid 5090] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5656] chdir("./46" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5656] <... chdir resumed>) = 0 [pid 5656] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] lstat("./44/file1", [pid 5656] <... prctl resumed>) = 0 [pid 5656] setpgid(0, 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5656] <... setpgid resumed>) = 0 [pid 5090] umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5656] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5656] <... openat resumed>) = 3 [pid 5656] write(3, "1000", 4 [pid 5655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] openat(AT_FDCWD, "./44/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5656] <... write resumed>) = 4 [pid 5091] <... openat resumed>) = 3 [pid 5656] close(3 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... openat resumed>) = 4 [pid 5656] <... close resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5656] symlink("/dev/binderfs", "./binderfs" [pid 5091] close(3 [pid 5090] fstat(4, [pid 5656] <... symlink resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5656] memfd_create("syzkaller", 0 [pid 5094] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5656] <... memfd_create resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] getdents64(4, [pid 5656] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] lstat("./46/file1", [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5657 [pid 5656] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5657 attached [pid 5094] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] getdents64(4, [pid 5657] chdir("./45" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5657] <... chdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./46/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5657] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... openat resumed>) = 4 [pid 5090] close(4 [pid 5657] <... prctl resumed>) = 0 [pid 5094] fstat(4, [pid 5657] setpgid(0, 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... close resumed>) = 0 [pid 5657] <... setpgid resumed>) = 0 [pid 5094] getdents64(4, [pid 5090] rmdir("./44/file1" [pid 5657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, [pid 5090] <... rmdir resumed>) = 0 [pid 5657] <... openat resumed>) = 3 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] getdents64(3, [pid 5657] write(3, "1000", 4 [pid 5094] close(4 [pid 5657] <... write resumed>) = 4 [pid 5094] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5657] close(3 [pid 5094] rmdir("./46/file1" [pid 5090] close(3 [pid 5657] <... close resumed>) = 0 [pid 5657] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... rmdir resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5657] <... symlink resumed>) = 0 [pid 5094] getdents64(3, [pid 5090] rmdir("./44" [pid 5657] memfd_create("syzkaller", 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5657] <... memfd_create resumed>) = 3 [pid 5094] close(3 [pid 5090] <... rmdir resumed>) = 0 [pid 5657] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... close resumed>) = 0 [pid 5657] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] rmdir("./46" [pid 5090] mkdir("./45", 0777 [pid 5095] <... umount2 resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5094] mkdir("./47", 0777 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... mkdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] <... openat resumed>) = 3 [pid 5095] lstat("./45/file1", [pid 5094] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5095] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] close(3 [pid 5090] close(3 [pid 5656] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] openat(AT_FDCWD, "./45/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... close resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... close resumed>) = 0 [pid 5095] getdents64(4, [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./45/file1") = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5658 [pid 5095] getdents64(3, [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5659 ./strace-static-x86_64: Process 5658 attached [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5658] chdir("./47" [pid 5095] close(3./strace-static-x86_64: Process 5659 attached ) = 0 [pid 5659] chdir("./45" [pid 5095] rmdir("./45" [pid 5659] <... chdir resumed>) = 0 [pid 5658] <... chdir resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5659] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] mkdir("./46", 0777 [pid 5659] <... prctl resumed>) = 0 [pid 5658] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... mkdir resumed>) = 0 [pid 5659] setpgid(0, 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5659] <... setpgid resumed>) = 0 [pid 5658] <... prctl resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5659] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5659] <... openat resumed>) = 3 [pid 5658] setpgid(0, 0 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5659] write(3, "1000", 4 [pid 5658] <... setpgid resumed>) = 0 [pid 5095] close(3 [pid 5659] <... write resumed>) = 4 [pid 5658] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... close resumed>) = 0 [pid 5659] close(3 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5659] <... close resumed>) = 0 [pid 5658] <... openat resumed>) = 3 [pid 5655] <... write resumed>) = 4194304 [pid 5659] symlink("/dev/binderfs", "./binderfs" [pid 5658] write(3, "1000", 4 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5660 [pid 5659] <... symlink resumed>) = 0 [pid 5658] <... write resumed>) = 4 [pid 5655] munmap(0x7f12a0a40000, 4194304 [pid 5659] memfd_create("syzkaller", 0 [pid 5658] close(3 [pid 5659] <... memfd_create resumed>) = 3 [pid 5658] <... close resumed>) = 0 [pid 5655] <... munmap resumed>) = 0 [pid 5659] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5658] symlink("/dev/binderfs", "./binderfs" [pid 5655] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5660 attached [pid 5659] <... mmap resumed>) = 0x7f12a0a40000 [pid 5660] chdir("./46" [pid 5658] <... symlink resumed>) = 0 [pid 5655] <... openat resumed>) = 4 [pid 5660] <... chdir resumed>) = 0 [pid 5658] memfd_create("syzkaller", 0 [pid 5657] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5655] ioctl(4, LOOP_SET_FD, 3 [pid 5660] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5660] setpgid(0, 0) = 0 [pid 5660] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5658] <... memfd_create resumed>) = 3 [pid 5660] write(3, "1000", 4 [pid 5658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5660] <... write resumed>) = 4 [pid 5660] close(3) = 0 [pid 5660] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5660] memfd_create("syzkaller", 0 [pid 5658] <... mmap resumed>) = 0x7f12a0a40000 [pid 5660] <... memfd_create resumed>) = 3 [pid 5660] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5655] <... ioctl resumed>) = 0 [pid 5655] close(3) = 0 [pid 5655] mkdir("./file1", 0777) = 0 [ 151.604604][ T5655] loop2: detected capacity change from 0 to 8192 [pid 5655] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5660] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5658] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5656] <... write resumed>) = 4194304 [ 151.679707][ T5655] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5659] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5657] <... write resumed>) = 4194304 [pid 5656] munmap(0x7f12a0a40000, 4194304) = 0 [ 151.731177][ T5655] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 151.740701][ T5655] REISERFS (device loop2): using ordered data mode [ 151.748006][ T5655] reiserfs: using flush barriers [ 151.755829][ T5655] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5656] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5658] <... write resumed>) = 4194304 [pid 5657] munmap(0x7f12a0a40000, 4194304 [pid 5656] <... openat resumed>) = 4 [pid 5658] munmap(0x7f12a0a40000, 4194304 [pid 5657] <... munmap resumed>) = 0 [pid 5656] ioctl(4, LOOP_SET_FD, 3 [pid 5658] <... munmap resumed>) = 0 [pid 5657] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5658] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5657] <... openat resumed>) = 4 [pid 5658] <... openat resumed>) = 4 [pid 5657] ioctl(4, LOOP_SET_FD, 3 [pid 5660] <... write resumed>) = 4194304 [pid 5658] ioctl(4, LOOP_SET_FD, 3 [pid 5660] munmap(0x7f12a0a40000, 4194304 [pid 5656] <... ioctl resumed>) = 0 [ 151.794142][ T5655] REISERFS (device loop2): checking transaction log (loop2) [ 151.806997][ T5656] loop3: detected capacity change from 0 to 8192 [ 151.831432][ T5657] loop1: detected capacity change from 0 to 8192 [pid 5657] <... ioctl resumed>) = 0 [pid 5660] <... munmap resumed>) = 0 [pid 5660] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5658] <... ioctl resumed>) = 0 [pid 5657] close(3 [pid 5656] close(3 [pid 5660] <... openat resumed>) = 4 [pid 5658] close(3 [pid 5657] <... close resumed>) = 0 [pid 5656] <... close resumed>) = 0 [pid 5660] ioctl(4, LOOP_SET_FD, 3 [pid 5658] <... close resumed>) = 0 [pid 5657] mkdir("./file1", 0777 [pid 5656] mkdir("./file1", 0777) = 0 [pid 5656] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5658] mkdir("./file1", 0777) = 0 [pid 5657] <... mkdir resumed>) = 0 [pid 5660] <... ioctl resumed>) = 0 [pid 5658] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5657] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5660] close(3) = 0 [pid 5659] <... write resumed>) = 4194304 [pid 5660] mkdir("./file1", 0777 [pid 5659] munmap(0x7f12a0a40000, 4194304 [pid 5660] <... mkdir resumed>) = 0 [pid 5659] <... munmap resumed>) = 0 [pid 5660] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5659] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5659] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5659] close(3) = 0 [pid 5659] mkdir("./file1", 0777) = 0 [ 151.838386][ T5658] loop4: detected capacity change from 0 to 8192 [ 151.858943][ T5660] loop5: detected capacity change from 0 to 8192 [ 151.876612][ T5657] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 151.889630][ T5659] loop0: detected capacity change from 0 to 8192 [ 151.898088][ T5658] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 151.898158][ T5657] REISERFS (device loop1): reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 151.913236][ T5657] REISERFS (device loop1): using ordered data mode [ 151.915669][ T5656] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 151.925799][ T5657] reiserfs: using flush barriers [ 151.951506][ T5657] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 151.951890][ T5658] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 151.977471][ T5659] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 151.977537][ T5658] REISERFS (device loop4): using ordered data mode [ 151.990531][ T5660] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 151.997493][ T5658] reiserfs: using flush barriers [ 152.017525][ T5658] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 152.036671][ T5658] REISERFS (device loop4): checking transaction log (loop4) [ 152.038636][ T5659] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 152.070289][ T5656] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 152.073843][ T5657] REISERFS (device loop1): checking transaction log (loop1) [ 152.096458][ T5660] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 152.131892][ T5656] REISERFS (device loop3): using ordered data mode [ 152.141381][ T5659] REISERFS (device loop0): using ordered data mode [ 152.150725][ T5660] REISERFS (device loop5): using ordered data mode [ 152.172998][ T5655] REISERFS (device loop2): Using r5 hash to sort names [ 152.177231][ T5656] reiserfs: using flush barriers [ 152.180639][ T5655] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5659] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5655] <... mount resumed>) = 0 [pid 5655] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5655] chdir("./file1") = 0 [ 152.185822][ T5659] reiserfs: using flush barriers [ 152.202764][ T5660] reiserfs: using flush barriers [ 152.211507][ T5660] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 152.222842][ T5657] REISERFS (device loop1): Using r5 hash to sort names [ 152.235376][ T5660] REISERFS (device loop5): checking transaction log (loop5) [pid 5655] ioctl(4, LOOP_CLR_FD) = 0 [pid 5655] close(4) = 0 [pid 5655] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5655] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5655] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5655] exit_group(0) = ? [pid 5655] +++ exited with 0 +++ [ 152.251221][ T5656] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 152.267529][ T5659] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 152.287508][ T5658] REISERFS (device loop4): Using r5 hash to sort names [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5655, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5092] umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, [pid 5658] <... mount resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5658] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] getdents64(3, [ 152.295366][ T5656] REISERFS (device loop3): checking transaction log (loop3) [ 152.303650][ T5658] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 152.314159][ T5659] REISERFS (device loop0): checking transaction log (loop0) [pid 5658] <... openat resumed>) = 3 [pid 5658] chdir("./file1" [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5658] <... chdir resumed>) = 0 [pid 5092] umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5658] ioctl(4, LOOP_CLR_FD) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5658] close(4 [pid 5092] lstat("./45/binderfs", [pid 5658] <... close resumed>) = 0 [pid 5658] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5658] <... openat resumed>) = 4 [pid 5092] unlink("./45/binderfs") = 0 [pid 5658] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5658] <... mmap resumed>) = 0x20000000 [pid 5658] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5658] exit_group(0) = ? [pid 5658] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5658, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5094] umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, [ 152.342651][ T5657] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5657] <... mount resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5657] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] getdents64(3, [pid 5657] <... openat resumed>) = 3 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5657] chdir("./file1" [pid 5094] umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5657] <... chdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5657] ioctl(4, LOOP_CLR_FD [pid 5094] lstat("./47/binderfs", [pid 5657] <... ioctl resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5657] close(4 [pid 5094] unlink("./47/binderfs" [pid 5657] <... close resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5657] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5657] <... openat resumed>) = 4 [pid 5657] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5657] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5657] exit_group(0) = ? [pid 5657] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5657, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5091] umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./45/binderfs") = 0 [ 152.614652][ T5659] REISERFS (device loop0): Using r5 hash to sort names [ 152.626898][ T5656] REISERFS (device loop3): Using r5 hash to sort names [pid 5091] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5659] <... mount resumed>) = 0 [pid 5659] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5656] <... mount resumed>) = 0 [pid 5659] chdir("./file1" [pid 5656] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5659] <... chdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5656] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./45/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./45/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5659] ioctl(4, LOOP_CLR_FD [pid 5656] chdir("./file1" [pid 5659] <... ioctl resumed>) = 0 [pid 5656] <... chdir resumed>) = 0 [pid 5660] <... mount resumed>) = 0 [pid 5094] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5660] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5659] close(4 [pid 5656] ioctl(4, LOOP_CLR_FD [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5660] <... openat resumed>) = 3 [pid 5659] <... close resumed>) = 0 [pid 5656] <... ioctl resumed>) = 0 [pid 5094] lstat("./47/file1", [pid 5092] <... openat resumed>) = 4 [pid 5091] <... umount2 resumed>) = 0 [pid 5660] chdir("./file1" [pid 5659] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5656] close(4 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] fstat(4, [pid 5091] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5660] <... chdir resumed>) = 0 [pid 5659] <... openat resumed>) = 4 [pid 5656] <... close resumed>) = 0 [pid 5094] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5660] ioctl(4, LOOP_CLR_FD [pid 5659] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5656] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 152.662441][ T5659] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 152.673497][ T5656] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 152.676770][ T5660] REISERFS (device loop5): Using r5 hash to sort names [ 152.700596][ T5660] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] getdents64(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5660] <... ioctl resumed>) = 0 [pid 5659] <... mmap resumed>) = 0x20000000 [pid 5660] close(4 [pid 5659] ioctl(4, FS_IOC_GETVERSION [pid 5656] <... openat resumed>) = 4 [pid 5094] openat(AT_FDCWD, "./47/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] lstat("./45/file1", [pid 5660] <... close resumed>) = 0 [pid 5659] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5656] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... openat resumed>) = 4 [pid 5092] getdents64(4, [pid 5660] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5659] exit_group(0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5656] <... mmap resumed>) = 0x20000000 [pid 5094] fstat(4, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5660] <... openat resumed>) = 4 [pid 5659] <... exit_group resumed>) = ? [pid 5656] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] close(4 [pid 5091] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5660] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5659] +++ exited with 0 +++ [pid 5094] getdents64(4, [pid 5092] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5656] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] rmdir("./45/file1" [pid 5091] openat(AT_FDCWD, "./45/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5659, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5660] <... mmap resumed>) = 0x20000000 [pid 5091] <... openat resumed>) = 4 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5094] getdents64(4, [pid 5092] <... rmdir resumed>) = 0 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5660] ioctl(4, FS_IOC_GETVERSION [pid 5656] exit_group(0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] getdents64(3, [pid 5091] fstat(4, [pid 5660] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5656] <... exit_group resumed>) = ? [pid 5094] close(4 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] <... close resumed>) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5660] exit_group(0 [pid 5656] +++ exited with 0 +++ [pid 5094] rmdir("./47/file1" [pid 5092] close(3 [pid 5091] getdents64(4, [pid 5090] umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5660] <... exit_group resumed>) = ? [pid 5094] <... rmdir resumed>) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5656, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5092] <... close resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5660] +++ exited with 0 +++ [pid 5094] getdents64(3, [pid 5092] rmdir("./45" [pid 5091] getdents64(4, [pid 5090] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5660, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5094] close(3 [pid 5092] mkdir("./46", 0777 [pid 5091] close(4 [pid 5090] fstat(3, [pid 5095] <... restart_syscall resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] rmdir("./47" [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] rmdir("./45/file1" [pid 5090] getdents64(3, [pid 5094] <... rmdir resumed>) = 0 [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5092] <... openat resumed>) = 3 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] mkdir("./48", 0777 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] getdents64(3, [pid 5090] umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... mkdir resumed>) = 0 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] close(3 [pid 5091] close(3 [pid 5090] lstat("./45/binderfs", [pid 5095] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5092] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] fstat(3, [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5093] umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] rmdir("./45" [pid 5090] unlink("./45/binderfs" [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5095] getdents64(3, [pid 5094] close(3 [pid 5093] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5667 [pid 5091] mkdir("./46", 0777 [pid 5090] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... close resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5091] <... mkdir resumed>) = 0 [pid 5095] umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] fstat(3, [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5095] lstat("./46/binderfs", [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5668 [pid 5093] getdents64(3, [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] unlink("./46/binderfs" [pid 5093] umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] close(3./strace-static-x86_64: Process 5668 attached ./strace-static-x86_64: Process 5667 attached [pid 5095] <... unlink resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5668] chdir("./48" [pid 5667] chdir("./46" [pid 5095] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] lstat("./46/binderfs", [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5668] <... chdir resumed>) = 0 [pid 5667] <... chdir resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5668] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5667] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5669 [pid 5667] <... prctl resumed>) = 0 [pid 5668] <... prctl resumed>) = 0 [pid 5667] setpgid(0, 0 [pid 5093] unlink("./46/binderfs" [pid 5668] setpgid(0, 0 [pid 5667] <... setpgid resumed>) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5668] <... setpgid resumed>) = 0 [pid 5667] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5668] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5667] <... openat resumed>) = 3 [pid 5667] write(3, "1000", 4 [pid 5668] <... openat resumed>) = 3 [pid 5667] <... write resumed>) = 4 [pid 5668] write(3, "1000", 4 [pid 5667] close(3 [pid 5668] <... write resumed>) = 4 [pid 5667] <... close resumed>) = 0 [pid 5668] close(3 [pid 5667] symlink("/dev/binderfs", "./binderfs" [pid 5668] <... close resumed>) = 0 [pid 5667] <... symlink resumed>) = 0 [pid 5668] symlink("/dev/binderfs", "./binderfs" [pid 5667] memfd_create("syzkaller", 0 [pid 5668] <... symlink resumed>) = 0 [pid 5667] <... memfd_create resumed>) = 3 [pid 5667] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5668] memfd_create("syzkaller", 0 [pid 5667] <... mmap resumed>) = 0x7f12a0a40000 [pid 5668] <... memfd_create resumed>) = 3 [pid 5668] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 ./strace-static-x86_64: Process 5669 attached [pid 5669] chdir("./46") = 0 [pid 5669] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5669] setpgid(0, 0) = 0 [pid 5669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5669] write(3, "1000", 4) = 4 [pid 5093] <... umount2 resumed>) = 0 [pid 5669] close(3) = 0 [pid 5093] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./46/file1", [pid 5669] symlink("/dev/binderfs", "./binderfs" [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5669] <... symlink resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5669] memfd_create("syzkaller", 0 [pid 5093] openat(AT_FDCWD, "./46/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5669] <... memfd_create resumed>) = 3 [pid 5093] <... openat resumed>) = 4 [pid 5669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5668] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5669] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./46/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./46") = 0 [pid 5093] mkdir("./47", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = 0 [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5670 [pid 5667] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304./strace-static-x86_64: Process 5670 attached [pid 5670] chdir("./47") = 0 [pid 5670] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5670] setpgid(0, 0) = 0 [pid 5670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5670] write(3, "1000", 4) = 4 [pid 5670] close(3) = 0 [pid 5670] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5670] memfd_create("syzkaller", 0) = 3 [pid 5670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5669] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./45/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./45/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5670] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] close(4) = 0 [pid 5090] rmdir("./45/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./45") = 0 [pid 5090] mkdir("./46", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5671 ./strace-static-x86_64: Process 5671 attached [pid 5671] chdir("./46") = 0 [pid 5671] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5671] setpgid(0, 0 [pid 5667] <... write resumed>) = 4194304 [pid 5095] <... umount2 resumed>) = 0 [pid 5668] <... write resumed>) = 4194304 [pid 5671] <... setpgid resumed>) = 0 [pid 5671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5671] write(3, "1000", 4) = 4 [pid 5095] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5671] close(3) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5671] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5095] lstat("./46/file1", [pid 5671] memfd_create("syzkaller", 0) = 3 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5671] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5671] <... mmap resumed>) = 0x7f12a0a40000 [pid 5668] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./46/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5668] <... munmap resumed>) = 0 [pid 5668] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] fstat(4, [pid 5668] <... openat resumed>) = 4 [pid 5667] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5668] ioctl(4, LOOP_SET_FD, 3 [pid 5667] <... munmap resumed>) = 0 [pid 5095] getdents64(4, [pid 5667] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5667] ioctl(4, LOOP_SET_FD, 3 [pid 5668] <... ioctl resumed>) = 0 [pid 5095] getdents64(4, [pid 5668] close(3 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5668] <... close resumed>) = 0 [pid 5095] close(4 [pid 5668] mkdir("./file1", 0777 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./46/file1" [pid 5668] <... mkdir resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5668] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./46") = 0 [pid 5667] <... ioctl resumed>) = 0 [pid 5095] mkdir("./47", 0777 [pid 5667] close(3 [pid 5095] <... mkdir resumed>) = 0 [pid 5667] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5667] mkdir("./file1", 0777) = 0 [pid 5095] <... openat resumed>) = 3 [ 153.203492][ T5668] loop4: detected capacity change from 0 to 8192 [ 153.205063][ T5667] loop2: detected capacity change from 0 to 8192 [ 153.238774][ T5668] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5667] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5669] <... write resumed>) = 4194304 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] close(3 [pid 5669] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5674 ./strace-static-x86_64: Process 5674 attached [pid 5669] <... munmap resumed>) = 0 [pid 5674] chdir("./47" [pid 5669] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5674] <... chdir resumed>) = 0 [pid 5669] <... openat resumed>) = 4 [ 153.265967][ T5668] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 153.275828][ T5668] REISERFS (device loop4): using ordered data mode [ 153.281796][ T5667] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 153.282899][ T5668] reiserfs: using flush barriers [pid 5671] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5670] <... write resumed>) = 4194304 [pid 5669] ioctl(4, LOOP_SET_FD, 3 [pid 5674] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5670] munmap(0x7f12a0a40000, 4194304 [pid 5674] <... prctl resumed>) = 0 [pid 5670] <... munmap resumed>) = 0 [ 153.316291][ T5667] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 153.320145][ T5669] loop1: detected capacity change from 0 to 8192 [ 153.325956][ T5667] REISERFS (device loop2): using ordered data mode [ 153.339465][ T5667] reiserfs: using flush barriers [ 153.344200][ T5668] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5674] setpgid(0, 0 [pid 5670] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5669] <... ioctl resumed>) = 0 [pid 5671] <... write resumed>) = 4194304 [pid 5674] <... setpgid resumed>) = 0 [pid 5671] munmap(0x7f12a0a40000, 4194304 [pid 5670] <... openat resumed>) = 4 [pid 5669] close(3 [pid 5674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5671] <... munmap resumed>) = 0 [pid 5670] ioctl(4, LOOP_SET_FD, 3 [pid 5669] <... close resumed>) = 0 [pid 5674] <... openat resumed>) = 3 [pid 5671] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5674] write(3, "1000", 4 [pid 5671] <... openat resumed>) = 4 [pid 5670] <... ioctl resumed>) = 0 [pid 5669] mkdir("./file1", 0777 [pid 5674] <... write resumed>) = 4 [pid 5671] ioctl(4, LOOP_SET_FD, 3 [pid 5669] <... mkdir resumed>) = 0 [pid 5674] close(3 [pid 5671] <... ioctl resumed>) = 0 [pid 5669] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5674] <... close resumed>) = 0 [pid 5671] close(3 [pid 5674] symlink("/dev/binderfs", "./binderfs" [pid 5671] <... close resumed>) = 0 [pid 5674] <... symlink resumed>) = 0 [pid 5671] mkdir("./file1", 0777 [pid 5674] memfd_create("syzkaller", 0 [pid 5671] <... mkdir resumed>) = 0 [pid 5674] <... memfd_create resumed>) = 3 [pid 5671] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5674] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 153.361350][ T5667] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 153.379010][ T5668] REISERFS (device loop4): checking transaction log (loop4) [ 153.394847][ T5670] loop3: detected capacity change from 0 to 8192 [ 153.400675][ T5667] REISERFS (device loop2): checking transaction log (loop2) [ 153.408674][ T5671] loop0: detected capacity change from 0 to 8192 [pid 5670] close(3) = 0 [pid 5670] mkdir("./file1", 0777) = 0 [pid 5670] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 153.420042][ T5669] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 153.434515][ T5671] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 153.448311][ T5670] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 153.478909][ T5670] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 153.490203][ T5669] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 153.501209][ T5671] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 153.547477][ T5670] REISERFS (device loop3): using ordered data mode [ 153.554979][ T5669] REISERFS (device loop1): using ordered data mode [ 153.555126][ T5670] reiserfs: using flush barriers [ 153.565840][ T5671] REISERFS (device loop0): using ordered data mode [ 153.566749][ T5668] REISERFS (device loop4): Using r5 hash to sort names [ 153.581250][ T5668] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5674] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5668] <... mount resumed>) = 0 [pid 5668] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5668] chdir("./file1") = 0 [pid 5668] ioctl(4, LOOP_CLR_FD) = 0 [pid 5668] close(4) = 0 [pid 5668] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5668] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5668] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5668] exit_group(0) = ? [pid 5668] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5668, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [ 153.592657][ T5670] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 153.597764][ T5669] reiserfs: using flush barriers [ 153.609715][ T5670] REISERFS (device loop3): checking transaction log (loop3) [ 153.631894][ T5671] reiserfs: using flush barriers [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5674] <... write resumed>) = 4194304 [pid 5094] lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./48/binderfs") = 0 [pid 5094] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5674] munmap(0x7f12a0a40000, 4194304) = 0 [ 153.679474][ T5671] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 153.710385][ T5669] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5674] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5674] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5674] close(3) = 0 [pid 5674] mkdir("./file1", 0777) = 0 [ 153.749071][ T5671] REISERFS (device loop0): checking transaction log (loop0) [ 153.759171][ T5674] loop5: detected capacity change from 0 to 8192 [ 153.797881][ T5674] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 153.813707][ T5669] REISERFS (device loop1): checking transaction log (loop1) [ 153.822199][ T5674] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 153.837262][ T5667] REISERFS (device loop2): Using r5 hash to sort names [ 153.844362][ T5670] REISERFS (device loop3): Using r5 hash to sort names [ 153.846218][ T5674] REISERFS (device loop5): using ordered data mode [ 153.858410][ T5674] reiserfs: using flush barriers [ 153.867821][ T5667] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 153.877667][ T5674] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5674] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5667] <... mount resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5667] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5094] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5667] chdir("./file1" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5667] <... chdir resumed>) = 0 [pid 5094] lstat("./48/file1", [pid 5667] ioctl(4, LOOP_CLR_FD [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 153.894472][ T5674] REISERFS (device loop5): checking transaction log (loop5) [ 153.904917][ T5670] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5667] <... ioctl resumed>) = 0 [pid 5094] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5667] close(4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5667] <... close resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./48/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5667] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... openat resumed>) = 4 [pid 5667] <... openat resumed>) = 4 [pid 5094] fstat(4, [pid 5667] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5667] <... mmap resumed>) = 0x20000000 [pid 5094] getdents64(4, [pid 5670] <... mount resumed>) = 0 [pid 5670] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5667] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5667] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] getdents64(4, [pid 5667] exit_group(0 [pid 5670] <... openat resumed>) = 3 [pid 5670] chdir("./file1") = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5670] ioctl(4, LOOP_CLR_FD [pid 5667] <... exit_group resumed>) = ? [pid 5094] close(4 [pid 5670] <... ioctl resumed>) = 0 [pid 5670] close(4) = 0 [pid 5670] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5667] +++ exited with 0 +++ [pid 5094] <... close resumed>) = 0 [pid 5670] <... openat resumed>) = 4 [pid 5094] rmdir("./48/file1" [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5667, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5670] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5670] <... mmap resumed>) = 0x20000000 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] <... restart_syscall resumed>) = 0 [pid 5670] ioctl(4, FS_IOC_GETVERSION [pid 5094] getdents64(3, [pid 5670] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5670] exit_group(0 [pid 5094] close(3 [pid 5092] umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5670] <... exit_group resumed>) = ? [pid 5094] <... close resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5670] +++ exited with 0 +++ [pid 5094] rmdir("./48" [pid 5092] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5670, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5092] <... openat resumed>) = 3 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] fstat(3, [pid 5094] mkdir("./49", 0777 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5094] <... mkdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 3 [pid 5093] umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./46/binderfs", [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] close(3 [pid 5093] <... openat resumed>) = 3 [pid 5092] unlink("./46/binderfs" [pid 5094] <... close resumed>) = 0 [pid 5093] fstat(3, [pid 5092] <... unlink resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5679 [pid 5093] lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./47/binderfs") = 0 [pid 5093] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5679 attached [pid 5679] chdir("./49") = 0 [pid 5679] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5679] setpgid(0, 0) = 0 [pid 5679] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5679] write(3, "1000", 4) = 4 [pid 5679] close(3) = 0 [pid 5679] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5679] memfd_create("syzkaller", 0) = 3 [pid 5679] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5674] <... mount resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5674] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] lstat("./47/file1", [pid 5674] <... openat resumed>) = 3 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5674] chdir("./file1" [pid 5093] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5674] <... chdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5674] ioctl(4, LOOP_CLR_FD [pid 5093] openat(AT_FDCWD, "./47/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5674] <... ioctl resumed>) = 0 [pid 5093] fstat(4, [pid 5674] close(4 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 154.131117][ T5671] REISERFS (device loop0): Using r5 hash to sort names [ 154.133044][ T5674] REISERFS (device loop5): Using r5 hash to sort names [ 154.139349][ T5671] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 154.151246][ T5674] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5679] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5674] <... close resumed>) = 0 [pid 5671] <... mount resumed>) = 0 [pid 5093] getdents64(4, [pid 5674] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5671] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5674] <... openat resumed>) = 4 [pid 5671] <... openat resumed>) = 3 [pid 5093] getdents64(4, [pid 5674] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5671] chdir("./file1" [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5671] <... chdir resumed>) = 0 [pid 5093] close(4 [pid 5674] <... mmap resumed>) = 0x20000000 [pid 5093] <... close resumed>) = 0 [pid 5671] ioctl(4, LOOP_CLR_FD [pid 5674] ioctl(4, FS_IOC_GETVERSION [pid 5671] <... ioctl resumed>) = 0 [pid 5093] rmdir("./47/file1" [pid 5674] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5671] close(4 [pid 5674] exit_group(0 [pid 5671] <... close resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5674] <... exit_group resumed>) = ? [pid 5671] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] getdents64(3, [pid 5671] <... openat resumed>) = 4 [pid 5671] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5671] <... mmap resumed>) = 0x20000000 [ 154.206117][ T5669] REISERFS (device loop1): Using r5 hash to sort names [pid 5671] ioctl(4, FS_IOC_GETVERSION [pid 5093] close(3 [pid 5674] +++ exited with 0 +++ [pid 5093] <... close resumed>) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5674, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5671] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] rmdir("./47" [pid 5095] umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... rmdir resumed>) = 0 [pid 5093] mkdir("./48", 0777 [pid 5671] exit_group(0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5671] <... exit_group resumed>) = ? [pid 5095] <... openat resumed>) = 3 [pid 5093] <... mkdir resumed>) = 0 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5671] +++ exited with 0 +++ [pid 5095] lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./47/binderfs") = 0 [pid 5095] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5671, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5090] umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./46/binderfs") = 0 [pid 5090] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5680 [ 154.251410][ T5669] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. ./strace-static-x86_64: Process 5680 attached [pid 5669] <... mount resumed>) = 0 [pid 5669] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5669] chdir("./file1") = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5669] ioctl(4, LOOP_CLR_FD [pid 5680] chdir("./48" [pid 5669] <... ioctl resumed>) = 0 [pid 5680] <... chdir resumed>) = 0 [pid 5669] close(4) = 0 [pid 5669] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5669] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5680] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5669] <... mmap resumed>) = 0x20000000 [pid 5669] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5669] exit_group(0) = ? [pid 5680] <... prctl resumed>) = 0 [pid 5092] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5669] +++ exited with 0 +++ [pid 5680] setpgid(0, 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./46/file1", [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5669, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5680] <... setpgid resumed>) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./46/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5680] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] getdents64(4, [pid 5091] <... openat resumed>) = 3 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] fstat(3, [pid 5092] close(4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5680] <... openat resumed>) = 3 [pid 5092] <... close resumed>) = 0 [pid 5091] getdents64(3, [pid 5680] write(3, "1000", 4 [pid 5092] rmdir("./46/file1" [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5680] <... write resumed>) = 4 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5680] close(3 [pid 5092] getdents64(3, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5680] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] lstat("./46/binderfs", [pid 5680] symlink("/dev/binderfs", "./binderfs" [pid 5092] close(3 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... close resumed>) = 0 [pid 5091] unlink("./46/binderfs" [pid 5680] <... symlink resumed>) = 0 [pid 5092] rmdir("./46" [pid 5091] <... unlink resumed>) = 0 [pid 5680] memfd_create("syzkaller", 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5680] <... memfd_create resumed>) = 3 [pid 5092] mkdir("./47", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5681 [pid 5680] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5680] <... mmap resumed>) = 0x7f12a0a40000 [pid 5679] <... write resumed>) = 4194304 [pid 5090] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./46/file1", ./strace-static-x86_64: Process 5681 attached [pid 5681] chdir("./47" [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5681] <... chdir resumed>) = 0 [pid 5681] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5681] <... prctl resumed>) = 0 [pid 5681] setpgid(0, 0) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] openat(AT_FDCWD, "./46/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5681] <... openat resumed>) = 3 [pid 5681] write(3, "1000", 4 [pid 5090] <... openat resumed>) = 4 [pid 5681] <... write resumed>) = 4 [pid 5090] fstat(4, [pid 5681] close(3) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5681] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5679] munmap(0x7f12a0a40000, 4194304 [pid 5681] memfd_create("syzkaller", 0 [pid 5679] <... munmap resumed>) = 0 [pid 5090] getdents64(4, [pid 5681] <... memfd_create resumed>) = 3 [pid 5679] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5681] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5679] <... openat resumed>) = 4 [pid 5681] <... mmap resumed>) = 0x7f12a0a40000 [pid 5679] ioctl(4, LOOP_SET_FD, 3 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5680] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5679] <... ioctl resumed>) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./46/file1" [pid 5679] close(3) = 0 [pid 5679] mkdir("./file1", 0777) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./46" [pid 5679] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] <... rmdir resumed>) = 0 [pid 5090] mkdir("./47", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5683 [ 154.461823][ T5679] loop4: detected capacity change from 0 to 8192 ./strace-static-x86_64: Process 5683 attached [pid 5683] chdir("./47") = 0 [pid 5683] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5683] setpgid(0, 0) = 0 [pid 5683] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5683] write(3, "1000", 4) = 4 [pid 5683] close(3) = 0 [pid 5683] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5683] memfd_create("syzkaller", 0) = 3 [pid 5683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./47/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./47/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5681] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... openat resumed>) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./47/file1") = 0 [ 154.518377][ T5679] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./47") = 0 [pid 5095] mkdir("./48", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5684 ./strace-static-x86_64: Process 5684 attached [pid 5684] chdir("./48") = 0 [pid 5684] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5684] setpgid(0, 0) = 0 [pid 5684] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5684] write(3, "1000", 4) = 4 [pid 5684] close(3) = 0 [ 154.569599][ T5679] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5684] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5684] memfd_create("syzkaller", 0) = 3 [pid 5684] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./46/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 154.624825][ T5679] REISERFS (device loop4): using ordered data mode [ 154.649244][ T5679] reiserfs: using flush barriers [pid 5091] openat(AT_FDCWD, "./46/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5680] <... write resumed>) = 4194304 [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5683] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5680] munmap(0x7f12a0a40000, 4194304 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./46/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./46") = 0 [pid 5091] mkdir("./47", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5685 [pid 5680] <... munmap resumed>) = 0 [pid 5680] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 ./strace-static-x86_64: Process 5685 attached [ 154.671219][ T5679] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 154.694478][ T5679] REISERFS (device loop4): checking transaction log (loop4) [pid 5680] ioctl(4, LOOP_SET_FD, 3 [pid 5685] chdir("./47") = 0 [pid 5685] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5685] setpgid(0, 0) = 0 [pid 5685] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5685] write(3, "1000", 4 [pid 5680] <... ioctl resumed>) = 0 [pid 5685] <... write resumed>) = 4 [pid 5685] close(3) = 0 [pid 5685] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5685] memfd_create("syzkaller", 0 [pid 5680] close(3 [pid 5685] <... memfd_create resumed>) = 3 [pid 5685] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5680] <... close resumed>) = 0 [pid 5685] <... mmap resumed>) = 0x7f12a0a40000 [pid 5680] mkdir("./file1", 0777) = 0 [pid 5680] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5684] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5681] <... write resumed>) = 4194304 [ 154.732449][ T5680] loop3: detected capacity change from 0 to 8192 [ 154.761680][ T5680] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5681] munmap(0x7f12a0a40000, 4194304 [pid 5685] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5681] <... munmap resumed>) = 0 [pid 5681] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5681] ioctl(4, LOOP_SET_FD, 3 [pid 5684] <... write resumed>) = 4194304 [ 154.844033][ T5680] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 154.853135][ T5681] loop2: detected capacity change from 0 to 8192 [ 154.864239][ T5680] REISERFS (device loop3): using ordered data mode [pid 5684] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5681] <... ioctl resumed>) = 0 [pid 5684] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5681] close(3) = 0 [pid 5684] ioctl(4, LOOP_SET_FD, 3 [pid 5681] mkdir("./file1", 0777) = 0 [pid 5681] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5684] <... ioctl resumed>) = 0 [pid 5679] <... mount resumed>) = 0 [pid 5684] close(3 [pid 5679] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5684] <... close resumed>) = 0 [pid 5679] <... openat resumed>) = 3 [ 154.899036][ T5680] reiserfs: using flush barriers [ 154.905746][ T5679] REISERFS (device loop4): Using r5 hash to sort names [ 154.914011][ T5679] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 154.923469][ T5684] loop5: detected capacity change from 0 to 8192 [ 154.932293][ T5681] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5685] <... write resumed>) = 4194304 [pid 5684] mkdir("./file1", 0777 [pid 5683] <... write resumed>) = 4194304 [pid 5679] chdir("./file1" [pid 5683] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5685] munmap(0x7f12a0a40000, 4194304 [pid 5683] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5684] <... mkdir resumed>) = 0 [pid 5683] <... openat resumed>) = 4 [pid 5679] <... chdir resumed>) = 0 [pid 5685] <... munmap resumed>) = 0 [pid 5684] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5683] ioctl(4, LOOP_SET_FD, 3 [pid 5679] ioctl(4, LOOP_CLR_FD [ 154.953385][ T5681] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 154.953623][ T5680] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 154.963285][ T5681] REISERFS (device loop2): using ordered data mode [ 154.988732][ T5681] reiserfs: using flush barriers [ 154.990292][ T5683] loop0: detected capacity change from 0 to 8192 [pid 5685] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5679] <... ioctl resumed>) = 0 [pid 5685] <... openat resumed>) = 4 [pid 5679] close(4 [pid 5685] ioctl(4, LOOP_SET_FD, 3 [pid 5679] <... close resumed>) = 0 [pid 5683] <... ioctl resumed>) = 0 [pid 5683] close(3) = 0 [pid 5683] mkdir("./file1", 0777) = 0 [pid 5683] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5679] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5685] <... ioctl resumed>) = 0 [pid 5679] <... openat resumed>) = 4 [pid 5685] close(3) = 0 [pid 5685] mkdir("./file1", 0777) = 0 [pid 5685] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 154.995576][ T5680] REISERFS (device loop3): checking transaction log (loop3) [ 155.008163][ T5681] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 155.019416][ T5685] loop1: detected capacity change from 0 to 8192 [ 155.033703][ T5684] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 155.039718][ T5681] REISERFS (device loop2): checking transaction log (loop2) [pid 5679] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5679] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5679] exit_group(0) = ? [pid 5679] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5679, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5094] umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./49/binderfs") = 0 [ 155.061277][ T5683] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 155.076923][ T5685] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 155.088325][ T5683] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 155.111467][ T5684] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 155.121122][ T5685] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 155.124757][ T5684] REISERFS (device loop5): using ordered data mode [ 155.130565][ T5685] REISERFS (device loop1): using ordered data mode [ 155.143751][ T5685] reiserfs: using flush barriers [ 155.151150][ T5683] REISERFS (device loop0): using ordered data mode [ 155.152186][ T5685] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 155.157888][ T5683] reiserfs: using flush barriers [ 155.181392][ T5684] reiserfs: using flush barriers [ 155.186459][ T5683] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 155.205206][ T5683] REISERFS (device loop0): checking transaction log (loop0) [ 155.205345][ T5684] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 155.217852][ T5685] REISERFS (device loop1): checking transaction log (loop1) [pid 5094] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5683] <... mount resumed>) = 0 [pid 5683] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5683] chdir("./file1") = 0 [pid 5683] ioctl(4, LOOP_CLR_FD) = 0 [ 155.337472][ T5683] REISERFS (device loop0): Using r5 hash to sort names [ 155.350461][ T5684] REISERFS (device loop5): checking transaction log (loop5) [ 155.372699][ T5683] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5683] close(4) = 0 [pid 5683] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5683] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5683] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5683] exit_group(0) = ? [pid 5683] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5683, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=24 /* 0.24 s */} --- [pid 5090] umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./47/binderfs") = 0 [pid 5090] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5681] <... mount resumed>) = 0 [ 155.416195][ T5681] REISERFS (device loop2): Using r5 hash to sort names [ 155.424171][ T5685] REISERFS (device loop1): Using r5 hash to sort names [ 155.442525][ T5681] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 155.453198][ T5685] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5681] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5681] <... openat resumed>) = 3 [pid 5681] chdir("./file1" [pid 5094] lstat("./49/file1", [pid 5681] <... chdir resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5681] ioctl(4, LOOP_CLR_FD [pid 5094] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5681] <... ioctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5681] close(4 [pid 5094] openat(AT_FDCWD, "./49/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5681] <... close resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5685] <... mount resumed>) = 0 [pid 5681] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5094] fstat(4, [pid 5681] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5685] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5681] <... mmap resumed>) = 0x20000000 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5681] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5681] exit_group(0) = ? [pid 5685] <... openat resumed>) = 3 [pid 5681] +++ exited with 0 +++ [pid 5094] getdents64(4, [pid 5685] chdir("./file1" [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5681, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5685] <... chdir resumed>) = 0 [pid 5094] getdents64(4, [pid 5092] umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5685] ioctl(4, LOOP_CLR_FD [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5685] <... ioctl resumed>) = 0 [pid 5094] close(4 [pid 5092] <... openat resumed>) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./47/binderfs") = 0 [pid 5092] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5685] close(4 [pid 5094] <... close resumed>) = 0 [pid 5680] <... mount resumed>) = 0 [pid 5685] <... close resumed>) = 0 [ 155.511636][ T5680] REISERFS (device loop3): Using r5 hash to sort names [ 155.518858][ T5680] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5680] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] rmdir("./49/file1" [pid 5685] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5680] <... openat resumed>) = 3 [pid 5094] <... rmdir resumed>) = 0 [pid 5685] <... openat resumed>) = 4 [pid 5680] chdir("./file1" [pid 5094] getdents64(3, [pid 5685] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5680] <... chdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5685] <... mmap resumed>) = 0x20000000 [pid 5680] ioctl(4, LOOP_CLR_FD [pid 5094] close(3 [pid 5685] ioctl(4, FS_IOC_GETVERSION [pid 5680] <... ioctl resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5685] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5680] close(4 [pid 5094] rmdir("./49" [pid 5685] exit_group(0 [pid 5680] <... close resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5685] <... exit_group resumed>) = ? [pid 5680] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] mkdir("./50", 0777 [pid 5685] +++ exited with 0 +++ [pid 5680] <... openat resumed>) = 4 [pid 5094] <... mkdir resumed>) = 0 [pid 5680] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5680] <... mmap resumed>) = 0x20000000 [pid 5094] <... openat resumed>) = 3 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5685, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5680] ioctl(4, FS_IOC_GETVERSION [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5091] umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5680] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5680] exit_group(0 [pid 5094] close(3 [pid 5091] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5680] <... exit_group resumed>) = ? [pid 5094] <... close resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5680] +++ exited with 0 +++ [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5691 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5680, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5091] getdents64(3, [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5091] umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./47/binderfs", [pid 5093] umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] unlink("./47/binderfs"./strace-static-x86_64: Process 5691 attached [pid 5093] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... unlink resumed>) = 0 [pid 5691] chdir("./50" [pid 5093] <... openat resumed>) = 3 [ 155.573091][ T5684] REISERFS (device loop5): Using r5 hash to sort names [ 155.580344][ T5684] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5691] <... chdir resumed>) = 0 [pid 5093] fstat(3, [pid 5691] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5691] <... prctl resumed>) = 0 [pid 5093] getdents64(3, [pid 5691] setpgid(0, 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5691] <... setpgid resumed>) = 0 [pid 5093] umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5691] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5691] <... openat resumed>) = 3 [pid 5093] lstat("./48/binderfs", [pid 5691] write(3, "1000", 4 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5691] <... write resumed>) = 4 [pid 5093] unlink("./48/binderfs" [pid 5691] close(3 [pid 5093] <... unlink resumed>) = 0 [pid 5691] <... close resumed>) = 0 [pid 5093] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5691] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5691] memfd_create("syzkaller", 0) = 3 [pid 5684] <... mount resumed>) = 0 [pid 5691] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5684] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5691] <... mmap resumed>) = 0x7f12a0a40000 [pid 5684] <... openat resumed>) = 3 [pid 5684] chdir("./file1") = 0 [pid 5684] ioctl(4, LOOP_CLR_FD) = 0 [pid 5684] close(4) = 0 [pid 5684] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5684] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5684] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5684] exit_group(0) = ? [pid 5684] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5684, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5095] umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./48/binderfs") = 0 [pid 5095] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5691] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./47/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./47/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./47/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./47") = 0 [pid 5090] mkdir("./48", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3 [pid 5092] <... umount2 resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./47/file1", [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5692 ./strace-static-x86_64: Process 5692 attached [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5692] chdir("./48" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./47/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5692] <... chdir resumed>) = 0 [pid 5692] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] <... openat resumed>) = 4 [pid 5092] fstat(4, [pid 5692] <... prctl resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5692] setpgid(0, 0 [pid 5092] getdents64(4, [pid 5692] <... setpgid resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5692] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5692] <... openat resumed>) = 3 [pid 5092] rmdir("./47/file1" [pid 5692] write(3, "1000", 4 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5092] getdents64(3, [pid 5692] <... write resumed>) = 4 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5692] close(3 [pid 5092] close(3 [pid 5692] <... close resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5692] symlink("/dev/binderfs", "./binderfs" [pid 5092] rmdir("./47" [pid 5091] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5692] <... symlink resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5692] memfd_create("syzkaller", 0 [pid 5092] mkdir("./48", 0777 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5692] <... memfd_create resumed>) = 3 [pid 5091] lstat("./47/file1", [pid 5692] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5692] <... mmap resumed>) = 0x7f12a0a40000 [pid 5092] <... openat resumed>) = 3 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5091] umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./47/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5693 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5693 attached [pid 5093] <... umount2 resumed>) = 0 [pid 5091] close(4 [pid 5693] chdir("./48" [pid 5091] <... close resumed>) = 0 [pid 5693] <... chdir resumed>) = 0 [pid 5091] rmdir("./47/file1" [pid 5693] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... rmdir resumed>) = 0 [pid 5693] <... prctl resumed>) = 0 [pid 5091] getdents64(3, [pid 5693] setpgid(0, 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./47") = 0 [pid 5091] mkdir("./48", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5693] <... setpgid resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5693] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5694 [pid 5693] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5693] write(3, "1000", 4 [pid 5095] lstat("./48/file1", [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5694 attached [pid 5693] <... write resumed>) = 4 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] lstat("./48/file1", [pid 5694] chdir("./48" [pid 5693] close(3 [pid 5095] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5694] <... chdir resumed>) = 0 [pid 5693] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5694] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5693] symlink("/dev/binderfs", "./binderfs" [pid 5095] openat(AT_FDCWD, "./48/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5694] <... prctl resumed>) = 0 [pid 5693] <... symlink resumed>) = 0 [pid 5691] <... write resumed>) = 4194304 [pid 5095] <... openat resumed>) = 4 [pid 5093] openat(AT_FDCWD, "./48/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5694] setpgid(0, 0 [pid 5693] memfd_create("syzkaller", 0 [pid 5095] fstat(4, [pid 5093] <... openat resumed>) = 4 [pid 5694] <... setpgid resumed>) = 0 [pid 5693] <... memfd_create resumed>) = 3 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] fstat(4, [pid 5694] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5691] munmap(0x7f12a0a40000, 4194304 [pid 5095] getdents64(4, [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5694] <... openat resumed>) = 3 [pid 5693] <... mmap resumed>) = 0x7f12a0a40000 [pid 5692] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, [pid 5694] write(3, "1000", 4 [pid 5691] <... munmap resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5694] <... write resumed>) = 4 [pid 5093] getdents64(4, [pid 5694] close(3 [pid 5691] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] getdents64(4, [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5694] <... close resumed>) = 0 [pid 5691] <... openat resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4 [pid 5694] symlink("/dev/binderfs", "./binderfs" [pid 5691] ioctl(4, LOOP_SET_FD, 3 [pid 5095] close(4 [pid 5093] <... close resumed>) = 0 [pid 5694] <... symlink resumed>) = 0 [pid 5093] rmdir("./48/file1" [pid 5694] memfd_create("syzkaller", 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5694] <... memfd_create resumed>) = 3 [pid 5093] getdents64(3, [pid 5694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5694] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] close(3 [pid 5095] <... close resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5691] <... ioctl resumed>) = 0 [pid 5095] rmdir("./48/file1" [pid 5093] rmdir("./48" [pid 5691] close(3 [pid 5095] <... rmdir resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5691] <... close resumed>) = 0 [pid 5095] getdents64(3, [pid 5093] mkdir("./49", 0777 [pid 5691] mkdir("./file1", 0777 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5691] <... mkdir resumed>) = 0 [pid 5095] close(3 [pid 5093] <... openat resumed>) = 3 [pid 5691] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... close resumed>) = 0 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5095] rmdir("./48" [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5095] <... rmdir resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5696 [ 156.018429][ T5691] loop4: detected capacity change from 0 to 8192 [pid 5095] mkdir("./49", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5697 ./strace-static-x86_64: Process 5697 attached [pid 5697] chdir("./49"./strace-static-x86_64: Process 5696 attached ) = 0 [pid 5697] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5696] chdir("./49" [pid 5697] <... prctl resumed>) = 0 [pid 5696] <... chdir resumed>) = 0 [pid 5693] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5697] setpgid(0, 0 [ 156.066200][ T5691] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 156.099612][ T5691] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5696] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5697] <... setpgid resumed>) = 0 [pid 5696] <... prctl resumed>) = 0 [pid 5697] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5696] setpgid(0, 0 [pid 5694] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5697] <... openat resumed>) = 3 [pid 5696] <... setpgid resumed>) = 0 [pid 5697] write(3, "1000", 4 [pid 5696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5697] <... write resumed>) = 4 [pid 5697] close(3 [pid 5696] <... openat resumed>) = 3 [pid 5697] <... close resumed>) = 0 [pid 5696] write(3, "1000", 4 [pid 5697] symlink("/dev/binderfs", "./binderfs" [pid 5696] <... write resumed>) = 4 [ 156.115873][ T5691] REISERFS (device loop4): using ordered data mode [ 156.124264][ T5691] reiserfs: using flush barriers [ 156.130670][ T5691] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 156.148482][ T5691] REISERFS (device loop4): checking transaction log (loop4) [pid 5697] <... symlink resumed>) = 0 [pid 5696] close(3 [pid 5692] <... write resumed>) = 4194304 [pid 5697] memfd_create("syzkaller", 0 [pid 5696] <... close resumed>) = 0 [pid 5697] <... memfd_create resumed>) = 3 [pid 5696] symlink("/dev/binderfs", "./binderfs" [pid 5697] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5696] <... symlink resumed>) = 0 [pid 5692] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5692] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5692] ioctl(4, LOOP_SET_FD, 3 [pid 5696] memfd_create("syzkaller", 0) = 3 [pid 5696] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5692] <... ioctl resumed>) = 0 [pid 5692] close(3) = 0 [pid 5692] mkdir("./file1", 0777) = 0 [ 156.231217][ T5692] loop0: detected capacity change from 0 to 8192 [pid 5692] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5697] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5693] <... write resumed>) = 4194304 [pid 5693] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5693] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5693] ioctl(4, LOOP_SET_FD, 3 [ 156.286903][ T5692] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 156.319061][ T5691] REISERFS (device loop4): Using r5 hash to sort names [ 156.319647][ T5693] loop2: detected capacity change from 0 to 8192 [pid 5696] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5693] <... ioctl resumed>) = 0 [pid 5693] close(3) = 0 [pid 5693] mkdir("./file1", 0777 [pid 5694] <... write resumed>) = 4194304 [pid 5694] munmap(0x7f12a0a40000, 4194304 [pid 5693] <... mkdir resumed>) = 0 [pid 5691] <... mount resumed>) = 0 [pid 5693] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5691] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5694] <... munmap resumed>) = 0 [pid 5691] <... openat resumed>) = 3 [ 156.333699][ T5691] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 156.350847][ T5692] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5694] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5691] chdir("./file1" [pid 5694] <... openat resumed>) = 4 [pid 5691] <... chdir resumed>) = 0 [pid 5694] ioctl(4, LOOP_SET_FD, 3 [pid 5691] ioctl(4, LOOP_CLR_FD) = 0 [pid 5691] close(4) = 0 [pid 5691] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5691] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5691] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5691] exit_group(0 [pid 5694] <... ioctl resumed>) = 0 [pid 5691] <... exit_group resumed>) = ? [pid 5691] +++ exited with 0 +++ [pid 5694] close(3) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5691, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [ 156.388093][ T5692] REISERFS (device loop0): using ordered data mode [ 156.400197][ T5693] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 156.413972][ T5694] loop1: detected capacity change from 0 to 8192 [pid 5697] <... write resumed>) = 4194304 [pid 5697] munmap(0x7f12a0a40000, 4194304 [pid 5694] mkdir("./file1", 0777 [pid 5094] umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5694] <... mkdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5694] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 156.439283][ T5692] reiserfs: using flush barriers [pid 5094] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5697] <... munmap resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [ 156.462525][ T5693] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 156.462634][ T5692] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 156.471904][ T5693] REISERFS (device loop2): using ordered data mode [ 156.495227][ T5693] reiserfs: using flush barriers [pid 5697] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5696] <... write resumed>) = 4194304 [pid 5094] fstat(3, [pid 5696] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5696] <... munmap resumed>) = 0 [pid 5094] getdents64(3, [pid 5696] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5696] <... openat resumed>) = 4 [pid 5094] umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5696] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5696] <... ioctl resumed>) = 0 [pid 5094] unlink("./50/binderfs" [pid 5696] close(3 [pid 5094] <... unlink resumed>) = 0 [pid 5696] <... close resumed>) = 0 [pid 5094] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5696] mkdir("./file1", 0777 [pid 5697] <... openat resumed>) = 4 [ 156.501861][ T5693] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 156.502375][ T5692] REISERFS (device loop0): checking transaction log (loop0) [ 156.518903][ T5694] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 156.540544][ T5696] loop3: detected capacity change from 0 to 8192 [pid 5697] ioctl(4, LOOP_SET_FD, 3 [pid 5696] <... mkdir resumed>) = 0 [pid 5697] <... ioctl resumed>) = 0 [pid 5697] close(3) = 0 [pid 5697] mkdir("./file1", 0777) = 0 [pid 5697] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 156.565757][ T5697] loop5: detected capacity change from 0 to 8192 [ 156.569477][ T5693] REISERFS (device loop2): checking transaction log (loop2) [ 156.591217][ T5694] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 156.602867][ T5697] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 156.602942][ T5694] REISERFS (device loop1): using ordered data mode [ 156.622588][ T5694] reiserfs: using flush barriers [ 156.623935][ T5696] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5696] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./50/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./50/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [ 156.651167][ T5694] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 156.673598][ T5694] REISERFS (device loop1): checking transaction log (loop1) [pid 5094] rmdir("./50/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./50") = 0 [pid 5094] mkdir("./51", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5703 ./strace-static-x86_64: Process 5703 attached [pid 5703] chdir("./51") = 0 [pid 5703] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 156.714054][ T5696] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 156.732097][ T5697] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 156.747555][ T5696] REISERFS (device loop3): using ordered data mode [pid 5703] setpgid(0, 0) = 0 [pid 5703] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5703] write(3, "1000", 4) = 4 [pid 5703] close(3) = 0 [pid 5703] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5703] memfd_create("syzkaller", 0) = 3 [pid 5703] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 156.790141][ T5696] reiserfs: using flush barriers [ 156.806132][ T5697] REISERFS (device loop5): using ordered data mode [ 156.853201][ T5696] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 156.872534][ T5694] REISERFS (device loop1): Using r5 hash to sort names [ 156.880312][ T5694] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 156.880632][ T5697] reiserfs: using flush barriers [pid 5694] <... mount resumed>) = 0 [pid 5694] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5694] chdir("./file1") = 0 [pid 5694] ioctl(4, LOOP_CLR_FD) = 0 [pid 5694] close(4) = 0 [pid 5694] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5703] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5694] <... openat resumed>) = 4 [pid 5694] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5694] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5694] exit_group(0) = ? [pid 5694] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5694, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [ 156.897389][ T5692] REISERFS (device loop0): Using r5 hash to sort names [ 156.920611][ T5692] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 156.945903][ T5696] REISERFS (device loop3): checking transaction log (loop3) [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, [pid 5692] <... mount resumed>) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5692] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] getdents64(3, [pid 5692] <... openat resumed>) = 3 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5692] chdir("./file1" [pid 5091] umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5692] <... chdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5692] ioctl(4, LOOP_CLR_FD [pid 5091] lstat("./48/binderfs", [pid 5692] <... ioctl resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5692] close(4 [pid 5091] unlink("./48/binderfs" [pid 5692] <... close resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5692] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5692] <... openat resumed>) = 4 [pid 5692] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 156.953965][ T5697] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5692] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5692] exit_group(0) = ? [pid 5692] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5692, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5090] umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./48/binderfs") = 0 [ 157.029169][ T5693] REISERFS (device loop2): Using r5 hash to sort names [ 157.036844][ T5697] REISERFS (device loop5): checking transaction log (loop5) [ 157.046841][ T5693] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5693] <... mount resumed>) = 0 [pid 5693] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5693] chdir("./file1") = 0 [pid 5693] ioctl(4, LOOP_CLR_FD) = 0 [pid 5693] close(4) = 0 [pid 5693] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5693] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5693] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5693] exit_group(0) = ? [pid 5693] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5693, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5092] umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5703] <... write resumed>) = 4194304 [pid 5092] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./48/binderfs") = 0 [pid 5092] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5703] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5703] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5703] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5703] close(3) = 0 [ 157.184455][ T5703] loop4: detected capacity change from 0 to 8192 [pid 5703] mkdir("./file1", 0777) = 0 [pid 5703] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = 0 [pid 5092] lstat("./48/file1", [pid 5091] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] lstat("./48/file1", [pid 5696] <... mount resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5696] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5696] <... openat resumed>) = 3 [ 157.269066][ T5696] REISERFS (device loop3): Using r5 hash to sort names [ 157.269403][ T5703] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 157.290743][ T5696] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 157.301422][ T5703] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 157.313089][ T5703] REISERFS (device loop4): using ordered data mode [pid 5092] openat(AT_FDCWD, "./48/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5696] chdir("./file1" [pid 5091] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5696] <... chdir resumed>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5696] ioctl(4, LOOP_CLR_FD [pid 5092] fstat(4, [pid 5091] openat(AT_FDCWD, "./48/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5696] <... ioctl resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5696] close(4 [pid 5092] getdents64(4, [pid 5091] <... openat resumed>) = 4 [pid 5696] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] fstat(4, [pid 5696] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] getdents64(4, [pid 5696] <... openat resumed>) = 4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5696] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] close(4 [pid 5091] getdents64(4, [pid 5696] <... mmap resumed>) = 0x20000000 [ 157.319916][ T5703] reiserfs: using flush barriers [pid 5696] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... close resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5696] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] rmdir("./48/file1" [pid 5091] getdents64(4, [pid 5696] exit_group(0 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5696] <... exit_group resumed>) = ? [pid 5092] getdents64(3, [pid 5091] close(4 [pid 5696] +++ exited with 0 +++ [pid 5091] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] rmdir("./48/file1" [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5696, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5092] close(3 [pid 5093] umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... rmdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... close resumed>) = 0 [pid 5091] getdents64(3, [pid 5093] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] rmdir("./48" [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] fstat(3, [pid 5090] <... umount2 resumed>) = 0 [ 157.356334][ T5703] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] close(3 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] mkdir("./49", 0777 [pid 5091] <... close resumed>) = 0 [pid 5093] umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./49/binderfs", [pid 5091] rmdir("./48" [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5093] unlink("./49/binderfs") = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5093] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] mkdir("./49", 0777 [pid 5092] <... openat resumed>) = 3 [pid 5091] <... mkdir resumed>) = 0 [pid 5090] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] lstat("./48/file1", [pid 5091] <... openat resumed>) = 3 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] close(3 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... close resumed>) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./48/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] close(3 [pid 5090] fstat(4, [pid 5091] <... close resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./48/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./48") = 0 [pid 5090] mkdir("./49", 0777) = 0 ./strace-static-x86_64: Process 5705 attached [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5705 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5697] <... mount resumed>) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5706 [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5705] chdir("./49") = 0 [pid 5705] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5707 [pid 5705] <... prctl resumed>) = 0 [pid 5705] setpgid(0, 0 [pid 5697] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5705] <... setpgid resumed>) = 0 [pid 5697] <... openat resumed>) = 3 [pid 5705] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5697] chdir("./file1") = 0 [pid 5705] <... openat resumed>) = 3 [pid 5705] write(3, "1000", 4 [pid 5697] ioctl(4, LOOP_CLR_FD [pid 5705] <... write resumed>) = 4 [pid 5697] <... ioctl resumed>) = 0 [pid 5705] close(3 [pid 5697] close(4./strace-static-x86_64: Process 5707 attached ./strace-static-x86_64: Process 5706 attached [pid 5705] <... close resumed>) = 0 [pid 5697] <... close resumed>) = 0 [pid 5706] chdir("./49" [pid 5697] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5706] <... chdir resumed>) = 0 [pid 5697] <... openat resumed>) = 4 [pid 5706] prctl(PR_SET_PDEATHSIG, SIGKILL [ 157.419842][ T5703] REISERFS (device loop4): checking transaction log (loop4) [ 157.430777][ T5697] REISERFS (device loop5): Using r5 hash to sort names [ 157.459111][ T5697] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5697] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5707] chdir("./49" [pid 5706] <... prctl resumed>) = 0 [pid 5705] symlink("/dev/binderfs", "./binderfs" [pid 5697] <... mmap resumed>) = 0x20000000 [pid 5707] <... chdir resumed>) = 0 [pid 5706] setpgid(0, 0 [pid 5705] <... symlink resumed>) = 0 [pid 5697] ioctl(4, FS_IOC_GETVERSION [pid 5707] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5706] <... setpgid resumed>) = 0 [pid 5705] memfd_create("syzkaller", 0 [pid 5697] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5707] <... prctl resumed>) = 0 [pid 5706] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5705] <... memfd_create resumed>) = 3 [pid 5697] exit_group(0 [pid 5707] setpgid(0, 0 [pid 5706] <... openat resumed>) = 3 [pid 5705] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5697] <... exit_group resumed>) = ? [pid 5707] <... setpgid resumed>) = 0 [pid 5706] write(3, "1000", 4 [pid 5705] <... mmap resumed>) = 0x7f12a0a40000 [pid 5697] +++ exited with 0 +++ [pid 5707] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5706] <... write resumed>) = 4 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5697, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5706] close(3) = 0 [pid 5706] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5706] memfd_create("syzkaller", 0) = 3 [pid 5706] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5707] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5707] write(3, "1000", 4 [pid 5095] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5707] <... write resumed>) = 4 [pid 5095] <... openat resumed>) = 3 [pid 5707] close(3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5707] <... close resumed>) = 0 [pid 5095] getdents64(3, [pid 5707] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5707] <... symlink resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./49/binderfs", [pid 5707] memfd_create("syzkaller", 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5707] <... memfd_create resumed>) = 3 [pid 5095] unlink("./49/binderfs" [pid 5707] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... unlink resumed>) = 0 [pid 5707] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5705] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5707] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5706] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] lstat("./49/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./49/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./49/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./49") = 0 [pid 5095] mkdir("./50", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5093] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./49/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./49/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./49/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5095] <... openat resumed>) = 3 [pid 5093] <... close resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5093] rmdir("./49" [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] close(3 [pid 5093] <... rmdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] mkdir("./50", 0777) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5708 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5708 attached ) = 3 [pid 5708] chdir("./50" [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5708] <... chdir resumed>) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5708] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] close(3 [pid 5708] <... prctl resumed>) = 0 [pid 5708] setpgid(0, 0 [pid 5093] <... close resumed>) = 0 [pid 5708] <... setpgid resumed>) = 0 [pid 5708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5708] <... openat resumed>) = 3 [pid 5705] <... write resumed>) = 4194304 [pid 5703] <... mount resumed>) = 0 [pid 5708] write(3, "1000", 4) = 4 [pid 5708] close(3) = 0 [pid 5708] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5708] memfd_create("syzkaller", 0 [pid 5705] munmap(0x7f12a0a40000, 4194304 [ 157.735873][ T5703] REISERFS (device loop4): Using r5 hash to sort names [ 157.774469][ T5703] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5703] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5709 attached [pid 5708] <... memfd_create resumed>) = 3 [pid 5707] <... write resumed>) = 4194304 [pid 5705] <... munmap resumed>) = 0 [pid 5703] <... openat resumed>) = 3 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5709 [pid 5708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5709] chdir("./50" [pid 5708] <... mmap resumed>) = 0x7f12a0a40000 [pid 5707] munmap(0x7f12a0a40000, 4194304 [pid 5705] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5703] chdir("./file1" [pid 5709] <... chdir resumed>) = 0 [pid 5707] <... munmap resumed>) = 0 [pid 5706] <... write resumed>) = 4194304 [pid 5705] <... openat resumed>) = 4 [pid 5703] <... chdir resumed>) = 0 [pid 5709] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5707] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5706] munmap(0x7f12a0a40000, 4194304 [pid 5705] ioctl(4, LOOP_SET_FD, 3 [pid 5703] ioctl(4, LOOP_CLR_FD [pid 5709] <... prctl resumed>) = 0 [pid 5707] <... openat resumed>) = 4 [pid 5706] <... munmap resumed>) = 0 [pid 5705] <... ioctl resumed>) = 0 [pid 5703] <... ioctl resumed>) = 0 [pid 5709] setpgid(0, 0 [pid 5707] ioctl(4, LOOP_SET_FD, 3 [pid 5706] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5705] close(3 [pid 5703] close(4 [pid 5709] <... setpgid resumed>) = 0 [pid 5706] <... openat resumed>) = 4 [pid 5705] <... close resumed>) = 0 [pid 5709] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5708] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5707] <... ioctl resumed>) = 0 [pid 5703] <... close resumed>) = 0 [pid 5709] <... openat resumed>) = 3 [pid 5707] close(3 [pid 5706] ioctl(4, LOOP_SET_FD, 3 [pid 5705] mkdir("./file1", 0777 [pid 5703] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5709] write(3, "1000", 4 [pid 5707] <... close resumed>) = 0 [pid 5705] <... mkdir resumed>) = 0 [pid 5703] <... openat resumed>) = 4 [pid 5709] <... write resumed>) = 4 [pid 5709] close(3 [pid 5705] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5703] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5709] <... close resumed>) = 0 [pid 5703] <... mmap resumed>) = 0x20000000 [pid 5709] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5707] mkdir("./file1", 0777 [pid 5703] ioctl(4, FS_IOC_GETVERSION [pid 5709] memfd_create("syzkaller", 0 [pid 5703] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5709] <... memfd_create resumed>) = 3 [pid 5707] <... mkdir resumed>) = 0 [ 157.851179][ T5705] loop2: detected capacity change from 0 to 8192 [ 157.866828][ T5707] loop0: detected capacity change from 0 to 8192 [ 157.890666][ T5706] loop1: detected capacity change from 0 to 8192 [pid 5703] exit_group(0 [pid 5709] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5703] <... exit_group resumed>) = ? [pid 5707] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5709] <... mmap resumed>) = 0x7f12a0a40000 [pid 5703] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5703, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=17 /* 0.17 s */} --- [pid 5094] umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./51/binderfs") = 0 [pid 5094] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5706] <... ioctl resumed>) = 0 [pid 5706] close(3) = 0 [pid 5706] mkdir("./file1", 0777) = 0 [ 157.913603][ T5705] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 157.953961][ T5707] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 157.971794][ T5706] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 157.981090][ T5705] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 157.994943][ T5705] REISERFS (device loop2): using ordered data mode [pid 5706] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./51/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 158.002006][ T5705] reiserfs: using flush barriers [ 158.003209][ T5707] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 158.008384][ T5706] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 158.016962][ T5705] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 158.026219][ T5706] REISERFS (device loop1): using ordered data mode [ 158.049212][ T5706] reiserfs: using flush barriers [pid 5094] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./51/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, [pid 5709] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [ 158.058952][ T5706] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 158.077348][ T5707] REISERFS (device loop0): using ordered data mode [ 158.085182][ T5707] reiserfs: using flush barriers [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4 [pid 5708] <... write resumed>) = 4194304 [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./51/file1" [pid 5708] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... rmdir resumed>) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5708] <... munmap resumed>) = 0 [pid 5094] close(3 [pid 5708] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... close resumed>) = 0 [pid 5708] <... openat resumed>) = 4 [pid 5094] rmdir("./51") = 0 [pid 5094] mkdir("./52", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 158.094312][ T5707] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 158.103821][ T5706] REISERFS (device loop1): checking transaction log (loop1) [ 158.111747][ T5707] REISERFS (device loop0): checking transaction log (loop0) [ 158.147171][ T5705] REISERFS (device loop2): checking transaction log (loop2) [pid 5708] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5708] close(3) = 0 [pid 5708] mkdir("./file1", 0777) = 0 [pid 5708] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5714 ./strace-static-x86_64: Process 5714 attached [pid 5714] chdir("./52") = 0 [ 158.159354][ T5708] loop5: detected capacity change from 0 to 8192 [ 158.191924][ T5708] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5714] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5714] setpgid(0, 0) = 0 [pid 5714] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5714] write(3, "1000", 4) = 4 [pid 5714] close(3) = 0 [pid 5714] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5714] memfd_create("syzkaller", 0) = 3 [pid 5707] <... mount resumed>) = 0 [ 158.248205][ T5708] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 158.258792][ T5707] REISERFS (device loop0): Using r5 hash to sort names [ 158.266816][ T5707] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 158.277313][ T5708] REISERFS (device loop5): using ordered data mode [ 158.284643][ T5708] reiserfs: using flush barriers [pid 5714] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5707] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5709] <... write resumed>) = 4194304 [pid 5707] <... openat resumed>) = 3 [pid 5709] munmap(0x7f12a0a40000, 4194304 [pid 5707] chdir("./file1" [pid 5709] <... munmap resumed>) = 0 [pid 5707] <... chdir resumed>) = 0 [pid 5709] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5707] ioctl(4, LOOP_CLR_FD [pid 5709] <... openat resumed>) = 4 [pid 5707] <... ioctl resumed>) = 0 [pid 5709] ioctl(4, LOOP_SET_FD, 3 [pid 5707] close(4 [pid 5714] <... mmap resumed>) = 0x7f12a0a40000 [pid 5707] <... close resumed>) = 0 [pid 5707] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5707] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5707] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5707] exit_group(0) = ? [pid 5707] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5707, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5090] umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./49/binderfs") = 0 [pid 5709] <... ioctl resumed>) = 0 [pid 5090] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5709] close(3) = 0 [pid 5709] mkdir("./file1", 0777) = 0 [ 158.292591][ T5708] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 158.315768][ T5709] loop3: detected capacity change from 0 to 8192 [ 158.342573][ T5708] REISERFS (device loop5): checking transaction log (loop5) [ 158.401659][ T5709] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 158.426540][ T5709] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5709] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5708] <... mount resumed>) = 0 [pid 5708] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5708] chdir("./file1") = 0 [pid 5714] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5708] ioctl(4, LOOP_CLR_FD) = 0 [ 158.462390][ T5709] REISERFS (device loop3): using ordered data mode [ 158.486729][ T5708] REISERFS (device loop5): Using r5 hash to sort names [ 158.498567][ T5709] reiserfs: using flush barriers [ 158.501464][ T5708] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5708] close(4) = 0 [pid 5708] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5708] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5708] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5708] exit_group(0) = ? [pid 5708] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5708, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5095] umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 158.551183][ T5709] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 158.581879][ T5709] REISERFS (device loop3): checking transaction log (loop3) [pid 5095] lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./50/binderfs") = 0 [pid 5095] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5714] <... write resumed>) = 4194304 [pid 5714] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5714] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5714] ioctl(4, LOOP_SET_FD, 3 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./49/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5714] <... ioctl resumed>) = 0 [pid 5090] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./49/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./49/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5714] close(3 [pid 5090] close(3 [pid 5714] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5714] mkdir("./file1", 0777 [pid 5090] rmdir("./49" [pid 5714] <... mkdir resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5714] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 158.662373][ T5706] REISERFS (device loop1): Using r5 hash to sort names [ 158.672897][ T5714] loop4: detected capacity change from 0 to 8192 [ 158.687276][ T5705] REISERFS (device loop2): Using r5 hash to sort names [ 158.693830][ T5706] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] mkdir("./50", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5717 ./strace-static-x86_64: Process 5717 attached [pid 5717] chdir("./50") = 0 [pid 5717] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5717] setpgid(0, 0) = 0 [pid 5717] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5717] write(3, "1000", 4) = 4 [pid 5717] close(3) = 0 [pid 5717] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5717] memfd_create("syzkaller", 0) = 3 [pid 5717] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5705] <... mount resumed>) = 0 [pid 5705] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5705] chdir("./file1") = 0 [pid 5705] ioctl(4, LOOP_CLR_FD) = 0 [pid 5705] close(4) = 0 [pid 5705] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5705] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5706] <... mount resumed>) = 0 [pid 5705] <... mmap resumed>) = 0x20000000 [pid 5705] ioctl(4, FS_IOC_GETVERSION [pid 5706] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5705] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 158.715369][ T5705] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 158.734431][ T5714] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5717] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5706] <... openat resumed>) = 3 [pid 5705] exit_group(0 [pid 5706] chdir("./file1") = 0 [pid 5706] ioctl(4, LOOP_CLR_FD) = 0 [pid 5706] close(4) = 0 [pid 5706] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5705] <... exit_group resumed>) = ? [pid 5706] <... openat resumed>) = 4 [pid 5705] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5705, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5706] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5706] ioctl(4, FS_IOC_GETVERSION [pid 5092] umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5706] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5706] exit_group(0 [pid 5092] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5706] <... exit_group resumed>) = ? [pid 5092] <... openat resumed>) = 3 [pid 5706] +++ exited with 0 +++ [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 158.789606][ T5714] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 158.824449][ T5709] REISERFS (device loop3): Using r5 hash to sort names [pid 5092] getdents64(3, [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5706, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5709] <... mount resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5092] umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... restart_syscall resumed>) = 0 [pid 5709] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5709] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = 0 [pid 5092] lstat("./49/binderfs", [pid 5709] chdir("./file1" [pid 5095] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5709] <... chdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] unlink("./49/binderfs" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5709] ioctl(4, LOOP_CLR_FD [pid 5095] lstat("./50/file1", [pid 5092] <... unlink resumed>) = 0 [ 158.831956][ T5709] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 158.842103][ T5714] REISERFS (device loop4): using ordered data mode [ 158.848683][ T5714] reiserfs: using flush barriers [ 158.856604][ T5714] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5091] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [ 158.885956][ T5714] REISERFS (device loop4): checking transaction log (loop4) [pid 5091] fstat(3, [pid 5717] <... write resumed>) = 4194304 [pid 5709] <... ioctl resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5717] munmap(0x7f12a0a40000, 4194304 [pid 5709] close(4 [pid 5095] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5717] <... munmap resumed>) = 0 [pid 5709] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./49/binderfs") = 0 [pid 5091] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5717] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5709] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] openat(AT_FDCWD, "./50/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5717] <... openat resumed>) = 4 [pid 5709] <... openat resumed>) = 4 [pid 5095] <... openat resumed>) = 4 [pid 5717] ioctl(4, LOOP_SET_FD, 3 [pid 5709] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] fstat(4, [pid 5709] <... mmap resumed>) = 0x20000000 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, [pid 5709] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5709] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5717] <... ioctl resumed>) = 0 [pid 5709] exit_group(0 [pid 5095] close(4 [pid 5717] close(3 [pid 5709] <... exit_group resumed>) = ? [pid 5095] <... close resumed>) = 0 [pid 5709] +++ exited with 0 +++ [pid 5095] rmdir("./50/file1" [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5709, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5095] <... rmdir resumed>) = 0 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5717] <... close resumed>) = 0 [pid 5095] close(3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5717] mkdir("./file1", 0777 [pid 5095] <... close resumed>) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./50/binderfs") = 0 [pid 5093] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5717] <... mkdir resumed>) = 0 [pid 5095] rmdir("./50" [pid 5717] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... rmdir resumed>) = 0 [ 158.985979][ T5717] loop0: detected capacity change from 0 to 8192 [pid 5095] mkdir("./51", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5714] <... mount resumed>) = 0 [pid 5714] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5714] chdir("./file1") = 0 [pid 5714] ioctl(4, LOOP_CLR_FD) = 0 [pid 5714] close(4) = 0 [pid 5714] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5714] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5714] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5714] exit_group(0) = ? [pid 5714] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5714, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./52/binderfs") = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5719 [ 159.037580][ T5714] REISERFS (device loop4): Using r5 hash to sort names [ 159.055507][ T5714] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 159.058920][ T5717] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5719 attached [pid 5719] chdir("./51") = 0 [pid 5719] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5719] setpgid(0, 0) = 0 [pid 5719] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 159.092296][ T5717] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 159.105749][ T5717] REISERFS (device loop0): using ordered data mode [ 159.112722][ T5717] reiserfs: using flush barriers [pid 5719] write(3, "1000", 4) = 4 [pid 5719] close(3) = 0 [pid 5719] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5719] memfd_create("syzkaller", 0) = 3 [pid 5719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 159.148635][ T5717] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./50/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 159.191767][ T5717] REISERFS (device loop0): checking transaction log (loop0) [pid 5093] openat(AT_FDCWD, "./50/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./50/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./50") = 0 [pid 5093] mkdir("./51", 0777 [pid 5091] <... umount2 resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] <... umount2 resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] close(3) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] lstat("./49/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5720 [pid 5092] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./49/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] close(4) = 0 [pid 5092] rmdir("./49/file1") = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5720 attached [pid 5091] lstat("./49/file1", [pid 5720] chdir("./51" [pid 5092] getdents64(3, [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5720] <... chdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5720] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] close(3 [pid 5091] umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5720] <... prctl resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5720] setpgid(0, 0 [pid 5719] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] rmdir("./49" [pid 5091] openat(AT_FDCWD, "./49/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5720] <... setpgid resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./50", 0777 [pid 5091] <... openat resumed>) = 4 [pid 5720] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... mkdir resumed>) = 0 [pid 5091] fstat(4, [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5720] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5720] write(3, "1000", 4 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5720] <... write resumed>) = 4 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] getdents64(4, [pid 5720] close(3 [pid 5092] close(3 [pid 5720] <... close resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] getdents64(4, [pid 5720] symlink("/dev/binderfs", "./binderfs" [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5720] <... symlink resumed>) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5721 [pid 5091] close(4 [pid 5720] memfd_create("syzkaller", 0) = 3 [pid 5091] <... close resumed>) = 0 [pid 5720] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] rmdir("./49/file1"./strace-static-x86_64: Process 5721 attached [pid 5721] chdir("./50") = 0 [pid 5721] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5721] setpgid(0, 0) = 0 [pid 5721] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5720] <... mmap resumed>) = 0x7f12a0a40000 [pid 5721] <... openat resumed>) = 3 [pid 5091] <... rmdir resumed>) = 0 [pid 5721] write(3, "1000", 4) = 4 [pid 5721] close(3) = 0 [pid 5721] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5721] memfd_create("syzkaller", 0) = 3 [pid 5721] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./49") = 0 [pid 5091] mkdir("./50", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... umount2 resumed>) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5722 ./strace-static-x86_64: Process 5722 attached [pid 5722] chdir("./50" [pid 5094] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5722] <... chdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5722] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] lstat("./52/file1", [pid 5722] <... prctl resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5722] setpgid(0, 0 [pid 5094] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5722] <... setpgid resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5722] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] openat(AT_FDCWD, "./52/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5722] <... openat resumed>) = 3 [pid 5722] write(3, "1000", 4 [pid 5094] fstat(4, [pid 5722] <... write resumed>) = 4 [pid 5720] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5722] close(3 [pid 5094] getdents64(4, [pid 5722] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5722] symlink("/dev/binderfs", "./binderfs" [pid 5094] getdents64(4, [pid 5722] <... symlink resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5722] memfd_create("syzkaller", 0 [pid 5094] close(4 [pid 5722] <... memfd_create resumed>) = 3 [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./52/file1" [pid 5722] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5722] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./52") = 0 [pid 5094] mkdir("./53", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5721] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5723 attached , child_tidptr=0x555556fb25d0) = 5723 [pid 5723] chdir("./53") = 0 [pid 5723] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5723] setpgid(0, 0 [pid 5719] <... write resumed>) = 4194304 [pid 5719] munmap(0x7f12a0a40000, 4194304 [pid 5723] <... setpgid resumed>) = 0 [pid 5719] <... munmap resumed>) = 0 [pid 5719] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5723] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5719] <... openat resumed>) = 4 [pid 5719] ioctl(4, LOOP_SET_FD, 3 [pid 5723] <... openat resumed>) = 3 [pid 5723] write(3, "1000", 4) = 4 [pid 5723] close(3) = 0 [ 159.523194][ T5717] REISERFS (device loop0): Using r5 hash to sort names [ 159.552999][ T5719] loop5: detected capacity change from 0 to 8192 [pid 5723] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5719] <... ioctl resumed>) = 0 [pid 5719] close(3) = 0 [pid 5719] mkdir("./file1", 0777) = 0 [pid 5719] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5723] memfd_create("syzkaller", 0) = 3 [pid 5723] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5722] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5720] <... write resumed>) = 4194304 [pid 5717] <... mount resumed>) = 0 [pid 5723] <... mmap resumed>) = 0x7f12a0a40000 [pid 5717] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5717] chdir("./file1") = 0 [pid 5717] ioctl(4, LOOP_CLR_FD) = 0 [pid 5717] close(4) = 0 [pid 5717] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5717] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5717] ioctl(4, FS_IOC_GETVERSION [pid 5720] munmap(0x7f12a0a40000, 4194304 [pid 5717] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5720] <... munmap resumed>) = 0 [ 159.566333][ T5717] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 159.582729][ T5719] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 159.597420][ T5719] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 159.607189][ T5719] REISERFS (device loop5): using ordered data mode [ 159.613916][ T5719] reiserfs: using flush barriers [pid 5717] exit_group(0 [pid 5723] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5721] <... write resumed>) = 4194304 [pid 5720] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5717] <... exit_group resumed>) = ? [pid 5721] munmap(0x7f12a0a40000, 4194304 [pid 5720] <... openat resumed>) = 4 [pid 5717] +++ exited with 0 +++ [pid 5721] <... munmap resumed>) = 0 [pid 5720] ioctl(4, LOOP_SET_FD, 3 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5717, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5721] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5721] <... openat resumed>) = 4 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5721] ioctl(4, LOOP_SET_FD, 3 [pid 5720] <... ioctl resumed>) = 0 [pid 5720] close(3) = 0 [pid 5720] mkdir("./file1", 0777) = 0 [pid 5090] umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5721] <... ioctl resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5721] close(3 [pid 5720] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5721] <... close resumed>) = 0 [pid 5721] mkdir("./file1", 0777 [pid 5090] <... openat resumed>) = 3 [pid 5721] <... mkdir resumed>) = 0 [pid 5090] fstat(3, [pid 5721] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 159.654638][ T5719] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 159.677929][ T5720] loop3: detected capacity change from 0 to 8192 [ 159.688551][ T5721] loop2: detected capacity change from 0 to 8192 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./50/binderfs", [pid 5722] <... write resumed>) = 4194304 [pid 5722] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5722] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5722] ioctl(4, LOOP_SET_FD, 3 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 159.714197][ T5720] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 159.732734][ T5721] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 159.738926][ T5722] loop1: detected capacity change from 0 to 8192 [ 159.754520][ T5721] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5090] unlink("./50/binderfs") = 0 [pid 5090] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5723] <... write resumed>) = 4194304 [pid 5723] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5723] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5723] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5723] close(3) = 0 [ 159.756314][ T5719] REISERFS (device loop5): checking transaction log (loop5) [ 159.772485][ T5720] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 159.803402][ T5723] loop4: detected capacity change from 0 to 8192 [pid 5723] mkdir("./file1", 0777 [pid 5722] <... ioctl resumed>) = 0 [pid 5722] close(3 [pid 5723] <... mkdir resumed>) = 0 [pid 5722] <... close resumed>) = 0 [pid 5722] mkdir("./file1", 0777 [pid 5723] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5722] <... mkdir resumed>) = 0 [ 159.813310][ T5721] REISERFS (device loop2): using ordered data mode [ 159.819913][ T5721] reiserfs: using flush barriers [ 159.831450][ T5720] REISERFS (device loop3): using ordered data mode [ 159.838477][ T5720] reiserfs: using flush barriers [ 159.845148][ T5721] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 159.864993][ T5722] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 159.881858][ T5723] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 159.898677][ T5720] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5722] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./50/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 159.915173][ T5722] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 159.924963][ T5723] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 159.926374][ T5722] REISERFS (device loop1): using ordered data mode [ 159.935413][ T5720] REISERFS (device loop3): checking transaction log (loop3) [ 159.940723][ T5722] reiserfs: using flush barriers [pid 5090] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./50/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./50/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [ 159.957740][ T5722] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 159.957916][ T5721] REISERFS (device loop2): checking transaction log (loop2) [ 159.997051][ T5723] REISERFS (device loop4): using ordered data mode [pid 5090] rmdir("./50") = 0 [pid 5090] mkdir("./51", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 160.027409][ T5723] reiserfs: using flush barriers [ 160.042205][ T5722] REISERFS (device loop1): checking transaction log (loop1) [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5729 ./strace-static-x86_64: Process 5729 attached [pid 5729] chdir("./51") = 0 [ 160.070904][ T5723] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 160.092159][ T5719] REISERFS (device loop5): Using r5 hash to sort names [ 160.099457][ T5719] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5729] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5729] setpgid(0, 0) = 0 [pid 5729] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 160.115763][ T5723] REISERFS (device loop4): checking transaction log (loop4) [pid 5729] write(3, "1000", 4) = 4 [pid 5729] close(3) = 0 [pid 5729] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5729] memfd_create("syzkaller", 0) = 3 [pid 5729] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5719] <... mount resumed>) = 0 [pid 5719] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5719] chdir("./file1") = 0 [pid 5719] ioctl(4, LOOP_CLR_FD) = 0 [pid 5719] close(4) = 0 [pid 5719] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5719] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5719] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5719] exit_group(0) = ? [pid 5719] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5719, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5095] umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./51/binderfs") = 0 [pid 5095] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 160.269764][ T5721] REISERFS (device loop2): Using r5 hash to sort names [ 160.301302][ T5720] REISERFS (device loop3): Using r5 hash to sort names [ 160.309975][ T5721] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5729] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5721] <... mount resumed>) = 0 [pid 5721] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5721] chdir("./file1") = 0 [pid 5721] ioctl(4, LOOP_CLR_FD) = 0 [pid 5721] close(4) = 0 [pid 5721] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5721] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5721] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5721] exit_group(0) = ? [ 160.334465][ T5720] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5721] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5721, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5092] umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, [pid 5720] <... mount resumed>) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5720] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] getdents64(3, [pid 5720] <... openat resumed>) = 3 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5720] chdir("./file1" [pid 5092] umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5720] <... chdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5720] ioctl(4, LOOP_CLR_FD [pid 5092] lstat("./50/binderfs", [pid 5720] <... ioctl resumed>) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5720] close(4 [pid 5092] unlink("./50/binderfs" [pid 5720] <... close resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5720] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5720] <... openat resumed>) = 4 [pid 5720] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5720] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5720] exit_group(0) = ? [pid 5720] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5720, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5093] umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 160.374921][ T5722] REISERFS (device loop1): Using r5 hash to sort names [ 160.395272][ T5722] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] unlink("./51/binderfs") = 0 [pid 5093] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5723] <... mount resumed>) = 0 [pid 5722] <... mount resumed>) = 0 [pid 5722] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5723] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5722] <... openat resumed>) = 3 [pid 5723] <... openat resumed>) = 3 [pid 5722] chdir("./file1" [pid 5723] chdir("./file1" [pid 5722] <... chdir resumed>) = 0 [pid 5722] ioctl(4, LOOP_CLR_FD) = 0 [pid 5722] close(4) = 0 [ 160.421466][ T5723] REISERFS (device loop4): Using r5 hash to sort names [ 160.428839][ T5723] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5722] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5723] <... chdir resumed>) = 0 [pid 5722] <... openat resumed>) = 4 [pid 5722] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5722] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5722] exit_group(0) = ? [pid 5723] ioctl(4, LOOP_CLR_FD [pid 5722] +++ exited with 0 +++ [pid 5723] <... ioctl resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5722, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} --- [pid 5091] umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, [pid 5723] close(4 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5729] <... write resumed>) = 4194304 [pid 5723] <... close resumed>) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./50/binderfs") = 0 [pid 5091] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5723] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5729] munmap(0x7f12a0a40000, 4194304 [pid 5723] <... openat resumed>) = 4 [pid 5723] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5729] <... munmap resumed>) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5729] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5723] <... mmap resumed>) = 0x20000000 [pid 5729] <... openat resumed>) = 4 [pid 5723] ioctl(4, FS_IOC_GETVERSION [pid 5093] lstat("./51/file1", [pid 5729] ioctl(4, LOOP_SET_FD, 3 [pid 5723] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./51/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./51/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5729] <... ioctl resumed>) = 0 [pid 5723] exit_group(0 [pid 5093] close(3) = 0 [pid 5723] <... exit_group resumed>) = ? [pid 5093] rmdir("./51") = 0 [pid 5093] mkdir("./52", 0777 [pid 5723] +++ exited with 0 +++ [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5729] close(3 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5723, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5729] <... close resumed>) = 0 [pid 5094] umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5729] mkdir("./file1", 0777 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./53/binderfs") = 0 [pid 5094] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5729] <... mkdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [ 160.544533][ T5729] loop0: detected capacity change from 0 to 8192 [pid 5729] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./51/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./51/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./51/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [ 160.611431][ T5729] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5095] rmdir("./51") = 0 [pid 5095] mkdir("./52", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5731 [ 160.670042][ T5729] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 160.680093][ T5729] REISERFS (device loop0): using ordered data mode [ 160.687393][ T5729] reiserfs: using flush barriers [ 160.701782][ T5729] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5732 ./strace-static-x86_64: Process 5732 attached [pid 5732] chdir("./52") = 0 [pid 5732] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5732] setpgid(0, 0) = 0 [pid 5732] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5732] write(3, "1000", 4) = 4 [pid 5732] close(3) = 0 [pid 5732] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 5731 attached [pid 5732] memfd_create("syzkaller", 0) = 3 [pid 5732] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5731] chdir("./52" [pid 5094] <... umount2 resumed>) = 0 [pid 5731] <... chdir resumed>) = 0 [pid 5094] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5731] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5731] setpgid(0, 0 [pid 5094] lstat("./53/file1", [pid 5731] <... setpgid resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5731] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5731] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5731] write(3, "1000", 4 [pid 5094] openat(AT_FDCWD, "./53/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] lstat("./50/file1", [pid 5091] <... umount2 resumed>) = 0 [ 160.721539][ T5729] REISERFS (device loop0): checking transaction log (loop0) [pid 5731] <... write resumed>) = 4 [pid 5094] <... openat resumed>) = 4 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5731] close(3 [pid 5094] fstat(4, [pid 5092] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5731] <... close resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5731] symlink("/dev/binderfs", "./binderfs" [pid 5094] getdents64(4, [pid 5092] openat(AT_FDCWD, "./50/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5731] <... symlink resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... openat resumed>) = 4 [pid 5731] memfd_create("syzkaller", 0 [pid 5094] getdents64(4, [pid 5092] fstat(4, [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5731] <... memfd_create resumed>) = 3 [pid 5731] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] close(4 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] lstat("./50/file1", [pid 5094] <... close resumed>) = 0 [pid 5092] getdents64(4, [pid 5731] <... mmap resumed>) = 0x7f12a0a40000 [pid 5094] rmdir("./53/file1" [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] getdents64(4, [pid 5094] getdents64(3, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(4 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] close(3 [pid 5092] <... close resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] rmdir("./50/file1" [pid 5091] umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] rmdir("./53") = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5094] mkdir("./54", 0777 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... close resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./50/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... openat resumed>) = 3 [pid 5092] rmdir("./50" [pid 5091] <... openat resumed>) = 4 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] <... rmdir resumed>) = 0 [pid 5091] fstat(4, [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] mkdir("./51", 0777 [pid 5094] close(3 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5091] getdents64(4, [pid 5094] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] getdents64(4, [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5733 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5091] close(4 [pid 5092] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] rmdir("./50/file1"./strace-static-x86_64: Process 5734 attached ) = 0 [pid 5734] chdir("./51" [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5734 ./strace-static-x86_64: Process 5733 attached [pid 5091] getdents64(3, [pid 5733] chdir("./54" [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3 [pid 5734] <... chdir resumed>) = 0 [pid 5734] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5733] <... chdir resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5733] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5733] setpgid(0, 0) = 0 [pid 5733] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5734] <... prctl resumed>) = 0 [pid 5734] setpgid(0, 0 [pid 5733] write(3, "1000", 4 [pid 5091] rmdir("./50" [pid 5734] <... setpgid resumed>) = 0 [pid 5733] <... write resumed>) = 4 [pid 5733] close(3) = 0 [pid 5733] symlink("/dev/binderfs", "./binderfs" [pid 5734] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5733] <... symlink resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5734] <... openat resumed>) = 3 [pid 5733] memfd_create("syzkaller", 0 [pid 5091] mkdir("./51", 0777 [pid 5734] write(3, "1000", 4 [pid 5733] <... memfd_create resumed>) = 3 [pid 5732] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5733] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5734] <... write resumed>) = 4 [pid 5733] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] <... mkdir resumed>) = 0 [pid 5734] close(3 [pid 5731] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5734] <... close resumed>) = 0 [pid 5734] symlink("/dev/binderfs", "./binderfs" [pid 5091] <... openat resumed>) = 3 [pid 5734] <... symlink resumed>) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5734] memfd_create("syzkaller", 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] close(3 [pid 5734] <... memfd_create resumed>) = 3 [pid 5734] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] <... close resumed>) = 0 [pid 5734] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5735 ./strace-static-x86_64: Process 5735 attached [pid 5735] chdir("./51") = 0 [pid 5735] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5735] setpgid(0, 0) = 0 [pid 5735] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5735] write(3, "1000", 4) = 4 [pid 5735] close(3) = 0 [pid 5735] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5735] memfd_create("syzkaller", 0) = 3 [pid 5735] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5733] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5735] <... mmap resumed>) = 0x7f12a0a40000 [pid 5734] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5735] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5731] <... write resumed>) = 4194304 [pid 5731] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5731] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5731] ioctl(4, LOOP_SET_FD, 3 [pid 5732] <... write resumed>) = 4194304 [pid 5732] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5732] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5732] ioctl(4, LOOP_SET_FD, 3 [pid 5731] <... ioctl resumed>) = 0 [ 161.092707][ T5729] REISERFS (device loop0): Using r5 hash to sort names [ 161.099986][ T5729] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 161.126631][ T5731] loop3: detected capacity change from 0 to 8192 [pid 5732] <... ioctl resumed>) = 0 [pid 5731] close(3) = 0 [pid 5731] mkdir("./file1", 0777) = 0 [pid 5731] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5732] close(3) = 0 [pid 5732] mkdir("./file1", 0777 [pid 5729] <... mount resumed>) = 0 [pid 5729] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5732] <... mkdir resumed>) = 0 [pid 5729] <... openat resumed>) = 3 [pid 5732] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5729] chdir("./file1") = 0 [pid 5729] ioctl(4, LOOP_CLR_FD) = 0 [pid 5729] close(4) = 0 [pid 5729] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5729] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5729] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5729] exit_group(0) = ? [pid 5729] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5729, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5090] umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./51/binderfs") = 0 [pid 5090] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5734] <... write resumed>) = 4194304 [ 161.142204][ T5732] loop5: detected capacity change from 0 to 8192 [ 161.162752][ T5731] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 161.178534][ T5732] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5734] munmap(0x7f12a0a40000, 4194304 [pid 5733] <... write resumed>) = 4194304 [pid 5734] <... munmap resumed>) = 0 [pid 5734] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5734] ioctl(4, LOOP_SET_FD, 3 [pid 5733] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5733] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 161.230145][ T5732] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 161.239960][ T5731] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 161.245725][ T5734] loop2: detected capacity change from 0 to 8192 [ 161.249800][ T5731] REISERFS (device loop3): using ordered data mode [ 161.262422][ T5731] reiserfs: using flush barriers [ 161.268930][ T5732] REISERFS (device loop5): using ordered data mode [pid 5733] ioctl(4, LOOP_SET_FD, 3 [pid 5734] <... ioctl resumed>) = 0 [pid 5734] close(3) = 0 [pid 5734] mkdir("./file1", 0777) = 0 [ 161.272843][ T5733] loop4: detected capacity change from 0 to 8192 [ 161.275633][ T5731] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 161.298628][ T5731] REISERFS (device loop3): checking transaction log (loop3) [pid 5733] <... ioctl resumed>) = 0 [pid 5734] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5733] close(3) = 0 [pid 5733] mkdir("./file1", 0777) = 0 [pid 5735] <... write resumed>) = 4194304 [ 161.331619][ T5732] reiserfs: using flush barriers [pid 5733] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 161.361621][ T5734] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 161.377527][ T5733] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5735] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5735] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5735] ioctl(4, LOOP_SET_FD, 3 [pid 5090] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5735] <... ioctl resumed>) = 0 [pid 5735] close(3) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5735] mkdir("./file1", 0777) = 0 [ 161.403742][ T5732] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 161.407857][ T5734] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 161.425958][ T5735] loop1: detected capacity change from 0 to 8192 [ 161.430179][ T5734] REISERFS (device loop2): using ordered data mode [ 161.443240][ T5731] REISERFS (device loop3): Using r5 hash to sort names [ 161.450467][ T5731] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5735] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] lstat("./51/file1", [pid 5731] <... mount resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5731] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5731] <... openat resumed>) = 3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5731] chdir("./file1" [pid 5090] openat(AT_FDCWD, "./51/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5731] <... chdir resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5731] ioctl(4, LOOP_CLR_FD [pid 5090] fstat(4, [pid 5731] <... ioctl resumed>) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 161.456710][ T5733] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 161.459906][ T5734] reiserfs: using flush barriers [ 161.473088][ T5735] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 161.475793][ T5732] REISERFS (device loop5): checking transaction log (loop5) [ 161.494388][ T5734] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5731] close(4 [pid 5090] getdents64(4, [pid 5731] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5731] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] getdents64(4, [pid 5731] <... openat resumed>) = 4 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5731] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] close(4 [pid 5731] <... mmap resumed>) = 0x20000000 [pid 5090] <... close resumed>) = 0 [pid 5731] ioctl(4, FS_IOC_GETVERSION [pid 5090] rmdir("./51/file1" [pid 5731] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] <... rmdir resumed>) = 0 [pid 5731] exit_group(0 [pid 5090] getdents64(3, [pid 5731] <... exit_group resumed>) = ? [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5731] +++ exited with 0 +++ [pid 5090] close(3) = 0 [pid 5090] rmdir("./51") = 0 [pid 5090] mkdir("./52", 0777 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5731, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5090] <... mkdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5093] umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 161.515454][ T5733] REISERFS (device loop4): using ordered data mode [ 161.524812][ T5733] reiserfs: using flush barriers [ 161.533540][ T5733] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 161.550963][ T5734] REISERFS (device loop2): checking transaction log (loop2) [pid 5090] close(3 [pid 5093] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... close resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5741 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./52/binderfs") = 0 [pid 5093] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5741 attached [pid 5741] chdir("./52") = 0 [pid 5741] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5741] setpgid(0, 0) = 0 [pid 5741] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 161.581174][ T5735] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 161.595644][ T5735] REISERFS (device loop1): using ordered data mode [ 161.621352][ T5735] reiserfs: using flush barriers [pid 5741] write(3, "1000", 4) = 4 [pid 5741] close(3) = 0 [pid 5741] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5741] memfd_create("syzkaller", 0) = 3 [pid 5741] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 161.634763][ T5735] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 161.639566][ T5733] REISERFS (device loop4): checking transaction log (loop4) [pid 5734] <... mount resumed>) = 0 [pid 5734] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5734] chdir("./file1") = 0 [pid 5734] ioctl(4, LOOP_CLR_FD) = 0 [pid 5734] close(4) = 0 [ 161.690771][ T5734] REISERFS (device loop2): Using r5 hash to sort names [ 161.699323][ T5734] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5734] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5734] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5734] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5734] exit_group(0) = ? [pid 5734] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5734, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5092] umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./51/binderfs", [pid 5741] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 161.771773][ T5735] REISERFS (device loop1): checking transaction log (loop1) [pid 5092] unlink("./51/binderfs") = 0 [pid 5092] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./52/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./52/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [ 161.888741][ T5732] REISERFS (device loop5): Using r5 hash to sort names [ 161.927342][ T5732] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./52/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./52") = 0 [pid 5093] mkdir("./53", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5742 ./strace-static-x86_64: Process 5742 attached [pid 5742] chdir("./53") = 0 [pid 5742] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5742] setpgid(0, 0) = 0 [pid 5742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5742] write(3, "1000", 4) = 4 [pid 5742] close(3 [pid 5732] <... mount resumed>) = 0 [pid 5742] <... close resumed>) = 0 [pid 5732] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5742] symlink("/dev/binderfs", "./binderfs" [pid 5732] <... openat resumed>) = 3 [pid 5742] <... symlink resumed>) = 0 [pid 5732] chdir("./file1" [pid 5742] memfd_create("syzkaller", 0 [pid 5732] <... chdir resumed>) = 0 [ 161.932432][ T5733] REISERFS (device loop4): Using r5 hash to sort names [pid 5742] <... memfd_create resumed>) = 3 [pid 5732] ioctl(4, LOOP_CLR_FD [pid 5742] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5732] <... ioctl resumed>) = 0 [pid 5742] <... mmap resumed>) = 0x7f12a0a40000 [pid 5741] <... write resumed>) = 4194304 [pid 5732] close(4) = 0 [pid 5732] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5732] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5732] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5732] exit_group(0) = ? [pid 5732] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5732, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=26 /* 0.26 s */} --- [pid 5741] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5095] umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5741] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5741] <... openat resumed>) = 4 [pid 5095] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5741] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... openat resumed>) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./52/binderfs") = 0 [pid 5095] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5741] <... ioctl resumed>) = 0 [pid 5733] <... mount resumed>) = 0 [pid 5741] close(3 [pid 5733] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5741] <... close resumed>) = 0 [pid 5741] mkdir("./file1", 0777 [pid 5733] <... openat resumed>) = 3 [pid 5741] <... mkdir resumed>) = 0 [pid 5733] chdir("./file1" [pid 5741] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5733] <... chdir resumed>) = 0 [ 162.002078][ T5733] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 162.025207][ T5741] loop0: detected capacity change from 0 to 8192 [pid 5733] ioctl(4, LOOP_CLR_FD) = 0 [pid 5733] close(4) = 0 [pid 5733] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./51/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./51/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, [pid 5733] <... openat resumed>) = 4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./51/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5733] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./51" [pid 5733] <... mmap resumed>) = 0x20000000 [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./52", 0777 [pid 5733] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5733] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5733] exit_group(0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5744 [pid 5733] <... exit_group resumed>) = ? [pid 5733] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5733, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./54/binderfs") = 0 [ 162.107837][ T5741] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5744 attached [pid 5744] chdir("./52" [pid 5742] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5744] <... chdir resumed>) = 0 [pid 5744] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5744] setpgid(0, 0) = 0 [pid 5744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 162.192168][ T5741] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 162.203321][ T5741] REISERFS (device loop0): using ordered data mode [ 162.211849][ T5741] reiserfs: using flush barriers [ 162.224896][ T5741] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./52/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./52/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, [pid 5744] write(3, "1000", 4 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, [pid 5744] <... write resumed>) = 4 [pid 5744] close(3) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5744] symlink("/dev/binderfs", "./binderfs" [pid 5095] rmdir("./52/file1" [pid 5744] <... symlink resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./52") = 0 [pid 5095] mkdir("./53", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5744] memfd_create("syzkaller", 0 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5744] <... memfd_create resumed>) = 3 [pid 5095] close(3 [pid 5744] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5744] <... mmap resumed>) = 0x7f12a0a40000 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5745 ./strace-static-x86_64: Process 5745 attached [pid 5745] chdir("./53") = 0 [pid 5745] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5745] setpgid(0, 0) = 0 [pid 5745] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5745] write(3, "1000", 4) = 4 [pid 5745] close(3) = 0 [pid 5745] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5745] memfd_create("syzkaller", 0) = 3 [pid 5745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5735] <... mount resumed>) = 0 [ 162.241289][ T5735] REISERFS (device loop1): Using r5 hash to sort names [ 162.256197][ T5735] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5735] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5735] chdir("./file1") = 0 [pid 5735] ioctl(4, LOOP_CLR_FD) = 0 [pid 5735] close(4) = 0 [pid 5735] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5735] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5735] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5735] exit_group(0) = ? [pid 5735] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5735, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./51/binderfs") = 0 [ 162.325816][ T5741] REISERFS (device loop0): checking transaction log (loop0) [pid 5091] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5742] <... write resumed>) = 4194304 [pid 5744] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5745] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5742] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5742] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5742] ioctl(4, LOOP_SET_FD, 3 [pid 5091] <... umount2 resumed>) = 0 [pid 5742] <... ioctl resumed>) = 0 [pid 5091] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5742] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5742] <... close resumed>) = 0 [pid 5742] mkdir("./file1", 0777 [pid 5091] lstat("./51/file1", [pid 5742] <... mkdir resumed>) = 0 [ 162.439504][ T5742] loop3: detected capacity change from 0 to 8192 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5742] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5091] umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./51/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./51/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./51") = 0 [pid 5091] mkdir("./52", 0777) = 0 [pid 5094] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... openat resumed>) = 3 [pid 5094] lstat("./54/file1", [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] close(3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./54/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... openat resumed>) = 4 [pid 5094] fstat(4, [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5747 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 162.518447][ T5742] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5747 attached [pid 5744] <... write resumed>) = 4194304 [pid 5094] getdents64(4, [pid 5747] chdir("./52" [pid 5744] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5747] <... chdir resumed>) = 0 [pid 5744] <... munmap resumed>) = 0 [pid 5094] close(4 [pid 5747] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5744] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] <... close resumed>) = 0 [pid 5747] <... prctl resumed>) = 0 [pid 5744] <... openat resumed>) = 4 [pid 5094] rmdir("./54/file1" [pid 5747] setpgid(0, 0 [pid 5745] <... write resumed>) = 4194304 [pid 5744] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... rmdir resumed>) = 0 [pid 5094] getdents64(3, [pid 5747] <... setpgid resumed>) = 0 [pid 5745] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./54") = 0 [pid 5094] mkdir("./55", 0777 [pid 5744] <... ioctl resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5744] close(3) = 0 [pid 5745] <... munmap resumed>) = 0 [pid 5744] mkdir("./file1", 0777 [pid 5747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5745] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5744] <... mkdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5747] <... openat resumed>) = 3 [pid 5744] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5745] <... openat resumed>) = 4 [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5747] write(3, "1000", 4 [pid 5745] ioctl(4, LOOP_SET_FD, 3 [pid 5747] <... write resumed>) = 4 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 162.581978][ T5742] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 162.605490][ T5742] REISERFS (device loop3): using ordered data mode [ 162.612698][ T5744] loop2: detected capacity change from 0 to 8192 [ 162.625479][ T5745] loop5: detected capacity change from 0 to 8192 [pid 5747] close(3 [pid 5745] <... ioctl resumed>) = 0 [pid 5094] close(3 [pid 5747] <... close resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5747] symlink("/dev/binderfs", "./binderfs" [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5747] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5749 attached [pid 5747] memfd_create("syzkaller", 0 [pid 5745] close(3 [pid 5747] <... memfd_create resumed>) = 3 [pid 5745] <... close resumed>) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5749 [pid 5747] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5749] chdir("./55" [pid 5745] mkdir("./file1", 0777) = 0 [pid 5745] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5749] <... chdir resumed>) = 0 [pid 5749] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5749] setpgid(0, 0) = 0 [ 162.626361][ T5742] reiserfs: using flush barriers [ 162.641120][ T5744] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 162.655161][ T5742] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 162.675065][ T5742] REISERFS (device loop3): checking transaction log (loop3) [pid 5749] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5749] write(3, "1000", 4) = 4 [pid 5749] close(3) = 0 [pid 5749] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5749] memfd_create("syzkaller", 0) = 3 [pid 5749] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 162.701919][ T5745] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 162.742740][ T5744] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 162.759482][ T5745] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 162.794337][ T5744] REISERFS (device loop2): using ordered data mode [ 162.795811][ T5741] REISERFS (device loop0): Using r5 hash to sort names [ 162.801361][ T5744] reiserfs: using flush barriers [ 162.824805][ T5745] REISERFS (device loop5): using ordered data mode [pid 5749] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5747] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5749] munmap(0x7f12a0a40000, 4194304 [pid 5741] <... mount resumed>) = 0 [pid 5749] <... munmap resumed>) = 0 [pid 5749] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5741] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5749] <... openat resumed>) = 4 [pid 5741] <... openat resumed>) = 3 [ 162.833126][ T5744] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 162.853486][ T5741] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 162.863636][ T5745] reiserfs: using flush barriers [ 162.872080][ T5745] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5749] ioctl(4, LOOP_SET_FD, 3 [pid 5741] chdir("./file1") = 0 [pid 5741] ioctl(4, LOOP_CLR_FD [pid 5749] <... ioctl resumed>) = 0 [pid 5741] <... ioctl resumed>) = 0 [pid 5749] close(3 [pid 5741] close(4 [pid 5749] <... close resumed>) = 0 [pid 5741] <... close resumed>) = 0 [pid 5749] mkdir("./file1", 0777 [pid 5741] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5749] <... mkdir resumed>) = 0 [pid 5741] <... openat resumed>) = 4 [pid 5749] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5741] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5741] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 162.889630][ T5744] REISERFS (device loop2): checking transaction log (loop2) [ 162.898338][ T5749] loop4: detected capacity change from 0 to 8192 [ 162.909919][ T5745] REISERFS (device loop5): checking transaction log (loop5) [ 162.927868][ T5749] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5741] exit_group(0) = ? [pid 5741] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5741, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 162.951093][ T5749] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 162.973841][ T5749] REISERFS (device loop4): using ordered data mode [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./52/binderfs") = 0 [pid 5090] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5747] <... write resumed>) = 4194304 [pid 5747] munmap(0x7f12a0a40000, 4194304) = 0 [ 163.003496][ T5742] REISERFS (device loop3): Using r5 hash to sort names [ 163.003714][ T5749] reiserfs: using flush barriers [ 163.010704][ T5742] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5747] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5747] ioctl(4, LOOP_SET_FD, 3 [pid 5742] <... mount resumed>) = 0 [pid 5742] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5742] chdir("./file1") = 0 [pid 5742] ioctl(4, LOOP_CLR_FD) = 0 [ 163.066719][ T5749] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 163.073630][ T5747] loop1: detected capacity change from 0 to 8192 [pid 5742] close(4) = 0 [pid 5742] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5742] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5742] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5742] exit_group(0) = ? [pid 5742] +++ exited with 0 +++ [pid 5747] <... ioctl resumed>) = 0 [pid 5747] close(3) = 0 [ 163.125153][ T5749] REISERFS (device loop4): checking transaction log (loop4) [ 163.135417][ T5745] REISERFS (device loop5): Using r5 hash to sort names [ 163.156793][ T5745] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5747] mkdir("./file1", 0777) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5742, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5747] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5745] <... mount resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5745] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5745] <... openat resumed>) = 3 [pid 5745] chdir("./file1" [pid 5093] <... openat resumed>) = 3 [pid 5745] <... chdir resumed>) = 0 [ 163.172867][ T5744] REISERFS (device loop2): Using r5 hash to sort names [ 163.180163][ T5744] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5744] <... mount resumed>) = 0 [pid 5093] fstat(3, [pid 5745] ioctl(4, LOOP_CLR_FD [pid 5744] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5745] <... ioctl resumed>) = 0 [pid 5744] <... openat resumed>) = 3 [pid 5093] getdents64(3, [pid 5745] close(4 [pid 5744] chdir("./file1" [pid 5745] <... close resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5744] <... chdir resumed>) = 0 [pid 5745] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5744] ioctl(4, LOOP_CLR_FD [pid 5093] umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5745] <... openat resumed>) = 4 [pid 5744] <... ioctl resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5745] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5744] close(4 [pid 5093] lstat("./53/binderfs", [pid 5745] <... mmap resumed>) = 0x20000000 [pid 5744] <... close resumed>) = 0 [pid 5745] ioctl(4, FS_IOC_GETVERSION [pid 5744] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5745] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5745] exit_group(0 [pid 5744] <... openat resumed>) = 4 [pid 5093] unlink("./53/binderfs" [pid 5745] <... exit_group resumed>) = ? [pid 5744] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... unlink resumed>) = 0 [pid 5744] <... mmap resumed>) = 0x20000000 [pid 5093] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5745] +++ exited with 0 +++ [pid 5744] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5745, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5095] umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5744] exit_group(0 [pid 5095] fstat(3, [pid 5744] <... exit_group resumed>) = ? [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, [pid 5744] +++ exited with 0 +++ [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [ 163.213074][ T5747] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5095] umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5744, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5095] lstat("./53/binderfs", [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... restart_syscall resumed>) = 0 [pid 5095] unlink("./53/binderfs") = 0 [pid 5095] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./52/binderfs") = 0 [ 163.262088][ T5747] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 163.276913][ T5747] REISERFS (device loop1): using ordered data mode [ 163.294949][ T5747] reiserfs: using flush barriers [pid 5092] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./52/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./52/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./52/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./52") = 0 [pid 5090] mkdir("./53", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] <... umount2 resumed>) = 0 [ 163.304667][ T5747] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 163.339287][ T5747] REISERFS (device loop1): checking transaction log (loop1) [pid 5090] close(3 [pid 5095] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] lstat("./53/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5753 [pid 5095] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./53/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5753 attached [pid 5095] getdents64(4, [pid 5753] chdir("./53") = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5753] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] getdents64(4, [pid 5753] <... prctl resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5753] setpgid(0, 0 [pid 5095] close(4 [pid 5753] <... setpgid resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5753] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] rmdir("./53/file1" [pid 5753] <... openat resumed>) = 3 [pid 5095] <... rmdir resumed>) = 0 [pid 5753] write(3, "1000", 4 [pid 5095] getdents64(3, [pid 5753] <... write resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5753] close(3 [pid 5095] close(3 [pid 5753] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5753] symlink("/dev/binderfs", "./binderfs" [pid 5095] rmdir("./53" [pid 5753] <... symlink resumed>) = 0 [pid 5753] memfd_create("syzkaller", 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5753] <... memfd_create resumed>) = 3 [pid 5095] mkdir("./54", 0777 [pid 5753] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5754 [pid 5749] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5754 attached [pid 5749] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 163.486321][ T5749] REISERFS (device loop4): Using r5 hash to sort names [ 163.521404][ T5749] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5754] chdir("./54" [pid 5749] chdir("./file1" [pid 5754] <... chdir resumed>) = 0 [pid 5749] <... chdir resumed>) = 0 [pid 5754] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5749] ioctl(4, LOOP_CLR_FD [pid 5754] <... prctl resumed>) = 0 [pid 5749] <... ioctl resumed>) = 0 [pid 5754] setpgid(0, 0 [pid 5749] close(4 [pid 5093] <... umount2 resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5754] <... setpgid resumed>) = 0 [pid 5749] <... close resumed>) = 0 [pid 5093] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5754] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5749] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5754] <... openat resumed>) = 3 [pid 5749] <... openat resumed>) = 4 [pid 5754] write(3, "1000", 4 [pid 5093] lstat("./53/file1", [pid 5092] lstat("./52/file1", [pid 5754] <... write resumed>) = 4 [pid 5753] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5749] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5754] close(3 [pid 5749] <... mmap resumed>) = 0x20000000 [pid 5093] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5754] <... close resumed>) = 0 [pid 5749] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5754] symlink("/dev/binderfs", "./binderfs" [pid 5749] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5747] <... mount resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./53/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] openat(AT_FDCWD, "./52/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5754] <... symlink resumed>) = 0 [pid 5749] exit_group(0 [pid 5747] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... openat resumed>) = 4 [pid 5092] <... openat resumed>) = 4 [pid 5754] memfd_create("syzkaller", 0 [pid 5749] <... exit_group resumed>) = ? [pid 5747] <... openat resumed>) = 3 [pid 5093] fstat(4, [pid 5092] fstat(4, [pid 5754] <... memfd_create resumed>) = 3 [pid 5749] +++ exited with 0 +++ [pid 5747] chdir("./file1" [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5754] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5747] <... chdir resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5749, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} --- [pid 5093] getdents64(4, [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5754] <... mmap resumed>) = 0x7f12a0a40000 [pid 5747] ioctl(4, LOOP_CLR_FD [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, [pid 5094] umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5747] <... ioctl resumed>) = 0 [pid 5094] fstat(3, [pid 5093] getdents64(4, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5747] close(4 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] getdents64(4, [pid 5747] <... close resumed>) = 0 [pid 5094] getdents64(3, [pid 5093] close(4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5747] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... close resumed>) = 0 [pid 5092] close(4 [pid 5747] <... openat resumed>) = 4 [pid 5094] umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] rmdir("./53/file1" [pid 5092] <... close resumed>) = 0 [pid 5747] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./55/binderfs", [pid 5093] <... rmdir resumed>) = 0 [pid 5092] rmdir("./52/file1" [pid 5747] <... mmap resumed>) = 0x20000000 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] getdents64(3, [pid 5747] ioctl(4, FS_IOC_GETVERSION [pid 5094] unlink("./55/binderfs" [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5747] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... unlink resumed>) = 0 [pid 5093] close(3 [ 163.612080][ T5747] REISERFS (device loop1): Using r5 hash to sort names [ 163.631901][ T5747] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] getdents64(3, [pid 5747] exit_group(0 [pid 5094] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5747] <... exit_group resumed>) = ? [pid 5093] rmdir("./53" [pid 5092] close(3 [pid 5747] +++ exited with 0 +++ [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5093] mkdir("./54", 0777 [pid 5092] rmdir("./52" [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] <... rmdir resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5747, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5093] <... openat resumed>) = 3 [pid 5092] mkdir("./53", 0777 [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5092] <... mkdir resumed>) = 0 [pid 5091] <... restart_syscall resumed>) = 0 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5093] close(3 [pid 5092] <... openat resumed>) = 3 [pid 5093] <... close resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] close(3 [pid 5091] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5755 [pid 5092] <... close resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] fstat(3, ./strace-static-x86_64: Process 5755 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5755] chdir("./54" [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5756 [pid 5091] getdents64(3, [pid 5755] <... chdir resumed>) = 0 [pid 5755] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5755] <... prctl resumed>) = 0 [pid 5091] umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5755] setpgid(0, 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5755] <... setpgid resumed>) = 0 [pid 5091] lstat("./52/binderfs", ./strace-static-x86_64: Process 5756 attached [pid 5755] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5756] chdir("./53" [pid 5755] <... openat resumed>) = 3 [pid 5091] unlink("./52/binderfs" [pid 5756] <... chdir resumed>) = 0 [pid 5755] write(3, "1000", 4 [pid 5091] <... unlink resumed>) = 0 [pid 5756] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5755] <... write resumed>) = 4 [pid 5091] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5755] close(3) = 0 [pid 5755] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5755] memfd_create("syzkaller", 0) = 3 [pid 5756] <... prctl resumed>) = 0 [pid 5755] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5756] setpgid(0, 0 [pid 5755] <... mmap resumed>) = 0x7f12a0a40000 [pid 5756] <... setpgid resumed>) = 0 [pid 5756] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5756] write(3, "1000", 4) = 4 [pid 5753] <... write resumed>) = 4194304 [pid 5756] close(3 [pid 5753] munmap(0x7f12a0a40000, 4194304 [pid 5756] <... close resumed>) = 0 [pid 5756] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5756] memfd_create("syzkaller", 0 [pid 5754] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5753] <... munmap resumed>) = 0 [pid 5756] <... memfd_create resumed>) = 3 [pid 5756] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5753] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5756] <... mmap resumed>) = 0x7f12a0a40000 [pid 5753] <... openat resumed>) = 4 [pid 5753] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5753] close(3) = 0 [pid 5753] mkdir("./file1", 0777) = 0 [ 163.802056][ T5753] loop0: detected capacity change from 0 to 8192 [pid 5753] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5755] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5756] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... umount2 resumed>) = 0 [ 163.861339][ T5753] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 163.891905][ T5753] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5754] <... write resumed>) = 4194304 [pid 5754] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5094] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = 0 [pid 5754] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5754] <... openat resumed>) = 4 [ 163.945990][ T5753] REISERFS (device loop0): using ordered data mode [ 163.981638][ T5753] reiserfs: using flush barriers [pid 5091] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./52/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./52/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5754] ioctl(4, LOOP_SET_FD, 3 [pid 5094] lstat("./55/file1", [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5754] <... ioctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5754] close(3 [pid 5094] openat(AT_FDCWD, "./55/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5754] <... close resumed>) = 0 [pid 5754] mkdir("./file1", 0777 [pid 5094] <... openat resumed>) = 4 [pid 5094] fstat(4, [pid 5754] <... mkdir resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5754] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [ 163.993198][ T5753] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 164.010140][ T5754] loop5: detected capacity change from 0 to 8192 [pid 5756] <... write resumed>) = 4194304 [pid 5094] getdents64(4, [pid 5091] getdents64(4, [pid 5756] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4 [pid 5091] close(4 [pid 5756] <... munmap resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5094] rmdir("./55/file1" [pid 5756] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] rmdir("./52/file1" [pid 5094] <... rmdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./52") = 0 [pid 5091] mkdir("./53", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3 [pid 5756] <... openat resumed>) = 4 [pid 5094] getdents64(3, [pid 5091] <... close resumed>) = 0 [pid 5756] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5759 [pid 5756] <... ioctl resumed>) = 0 [pid 5094] close(3) = 0 [ 164.039326][ T5753] REISERFS (device loop0): checking transaction log (loop0) [ 164.052346][ T5754] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 164.073637][ T5756] loop2: detected capacity change from 0 to 8192 [pid 5094] rmdir("./55") = 0 [pid 5094] mkdir("./56", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5760 ./strace-static-x86_64: Process 5759 attached [pid 5759] chdir("./53") = 0 [pid 5759] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5759] setpgid(0, 0) = 0 [pid 5759] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5759] write(3, "1000", 4) = 4 [pid 5759] close(3) = 0 [pid 5759] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5759] memfd_create("syzkaller", 0) = 3 [pid 5759] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5756] close(3) = 0 ./strace-static-x86_64: Process 5760 attached [pid 5756] mkdir("./file1", 0777) = 0 [pid 5760] chdir("./56" [pid 5756] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5760] <... chdir resumed>) = 0 [pid 5760] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5760] setpgid(0, 0) = 0 [pid 5760] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5760] write(3, "1000", 4) = 4 [ 164.082621][ T5754] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 164.093743][ T5754] REISERFS (device loop5): using ordered data mode [ 164.101289][ T5754] reiserfs: using flush barriers [ 164.115880][ T5754] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5760] close(3) = 0 [pid 5755] <... write resumed>) = 4194304 [pid 5760] symlink("/dev/binderfs", "./binderfs" [pid 5755] munmap(0x7f12a0a40000, 4194304 [pid 5760] <... symlink resumed>) = 0 [pid 5755] <... munmap resumed>) = 0 [pid 5760] memfd_create("syzkaller", 0 [pid 5755] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5760] <... memfd_create resumed>) = 3 [pid 5755] <... openat resumed>) = 4 [pid 5760] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5755] ioctl(4, LOOP_SET_FD, 3 [pid 5760] <... mmap resumed>) = 0x7f12a0a40000 [ 164.173085][ T5756] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 164.183008][ T5754] REISERFS (device loop5): checking transaction log (loop5) [ 164.208355][ T5755] loop3: detected capacity change from 0 to 8192 [pid 5760] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5755] <... ioctl resumed>) = 0 [pid 5755] close(3) = 0 [pid 5755] mkdir("./file1", 0777 [pid 5759] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5755] <... mkdir resumed>) = 0 [ 164.246770][ T5756] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 164.256421][ T5756] REISERFS (device loop2): using ordered data mode [ 164.263355][ T5756] reiserfs: using flush barriers [ 164.269620][ T5756] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 164.286225][ T5756] REISERFS (device loop2): checking transaction log (loop2) [ 164.301642][ T5755] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5755] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5759] <... write resumed>) = 4194304 [pid 5759] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5759] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 164.372892][ T5753] REISERFS (device loop0): Using r5 hash to sort names [ 164.388900][ T5755] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5759] ioctl(4, LOOP_SET_FD, 3 [pid 5753] <... mount resumed>) = 0 [pid 5759] <... ioctl resumed>) = 0 [pid 5753] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5759] close(3 [ 164.414861][ T5755] REISERFS (device loop3): using ordered data mode [ 164.415529][ T5753] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 164.433150][ T5759] loop1: detected capacity change from 0 to 8192 [ 164.446165][ T5755] reiserfs: using flush barriers [ 164.450874][ T5756] REISERFS (device loop2): Using r5 hash to sort names [pid 5753] <... openat resumed>) = 3 [pid 5760] <... write resumed>) = 4194304 [pid 5759] <... close resumed>) = 0 [pid 5753] chdir("./file1" [pid 5760] munmap(0x7f12a0a40000, 4194304 [pid 5759] mkdir("./file1", 0777 [pid 5753] <... chdir resumed>) = 0 [pid 5760] <... munmap resumed>) = 0 [pid 5759] <... mkdir resumed>) = 0 [pid 5753] ioctl(4, LOOP_CLR_FD [pid 5760] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5759] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5753] <... ioctl resumed>) = 0 [pid 5760] <... openat resumed>) = 4 [pid 5753] close(4 [pid 5760] ioctl(4, LOOP_SET_FD, 3 [pid 5753] <... close resumed>) = 0 [pid 5760] <... ioctl resumed>) = 0 [pid 5753] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5760] close(3 [pid 5753] <... openat resumed>) = 4 [pid 5760] <... close resumed>) = 0 [pid 5753] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5760] mkdir("./file1", 0777 [pid 5753] <... mmap resumed>) = 0x20000000 [ 164.459752][ T5760] loop4: detected capacity change from 0 to 8192 [ 164.466511][ T5755] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 164.470412][ T5756] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 164.496847][ T5754] REISERFS (device loop5): Using r5 hash to sort names [ 164.506177][ T5754] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5760] <... mkdir resumed>) = 0 [pid 5756] <... mount resumed>) = 0 [pid 5754] <... mount resumed>) = 0 [pid 5753] ioctl(4, FS_IOC_GETVERSION [pid 5760] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5756] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5754] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5753] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5756] <... openat resumed>) = 3 [pid 5754] <... openat resumed>) = 3 [pid 5753] exit_group(0 [pid 5756] chdir("./file1" [pid 5754] chdir("./file1" [pid 5753] <... exit_group resumed>) = ? [pid 5756] <... chdir resumed>) = 0 [pid 5754] <... chdir resumed>) = 0 [pid 5756] ioctl(4, LOOP_CLR_FD [pid 5754] ioctl(4, LOOP_CLR_FD [pid 5753] +++ exited with 0 +++ [pid 5756] <... ioctl resumed>) = 0 [pid 5754] <... ioctl resumed>) = 0 [pid 5756] close(4 [pid 5754] close(4 [pid 5756] <... close resumed>) = 0 [pid 5754] <... close resumed>) = 0 [pid 5756] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 164.520760][ T5755] REISERFS (device loop3): checking transaction log (loop3) [ 164.531751][ T5759] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 164.548180][ T5759] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 164.558211][ T5759] REISERFS (device loop1): using ordered data mode [pid 5754] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5756] <... openat resumed>) = 4 [pid 5754] <... openat resumed>) = 4 [pid 5756] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5754] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5753, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} --- [pid 5756] <... mmap resumed>) = 0x20000000 [pid 5754] <... mmap resumed>) = 0x20000000 [pid 5756] ioctl(4, FS_IOC_GETVERSION [pid 5754] ioctl(4, FS_IOC_GETVERSION [pid 5090] umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5756] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5754] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5756] exit_group(0 [pid 5754] exit_group(0 [pid 5090] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5756] <... exit_group resumed>) = ? [pid 5754] <... exit_group resumed>) = ? [ 164.564388][ T5760] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 164.565201][ T5759] reiserfs: using flush barriers [pid 5090] <... openat resumed>) = 3 [pid 5756] +++ exited with 0 +++ [pid 5754] +++ exited with 0 +++ [pid 5090] fstat(3, [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5754, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5756, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=21 /* 0.21 s */} --- [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] lstat("./53/binderfs", [pid 5095] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [ 164.614610][ T5759] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 164.619607][ T5760] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 164.648953][ T5760] REISERFS (device loop4): using ordered data mode [ 164.655865][ T5760] reiserfs: using flush barriers [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] fstat(3, [pid 5092] fstat(3, [pid 5090] unlink("./53/binderfs" [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5095] getdents64(3, [pid 5092] getdents64(3, [pid 5090] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./54/binderfs", [pid 5092] lstat("./53/binderfs", [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5755] <... mount resumed>) = 0 [pid 5095] unlink("./54/binderfs" [pid 5092] unlink("./53/binderfs" [pid 5095] <... unlink resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5095] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 164.662433][ T5755] REISERFS (device loop3): Using r5 hash to sort names [ 164.669652][ T5755] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 164.678962][ T5760] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 164.696256][ T5760] REISERFS (device loop4): checking transaction log (loop4) [pid 5755] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5755] chdir("./file1") = 0 [pid 5755] ioctl(4, LOOP_CLR_FD) = 0 [pid 5755] close(4) = 0 [pid 5755] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 164.711542][ T5759] REISERFS (device loop1): checking transaction log (loop1) [pid 5755] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5755] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5755] exit_group(0) = ? [pid 5755] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5755, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5095] <... umount2 resumed>) = 0 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5093] umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, [pid 5095] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] getdents64(3, [pid 5095] lstat("./54/file1", [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./54/binderfs", [pid 5095] openat(AT_FDCWD, "./54/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5093] unlink("./54/binderfs" [pid 5092] <... umount2 resumed>) = 0 [pid 5095] fstat(4, [pid 5093] <... unlink resumed>) = 0 [pid 5092] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] getdents64(4, [pid 5092] lstat("./53/file1", [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, [pid 5092] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./53/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] rmdir("./54/file1" [pid 5092] <... openat resumed>) = 4 [pid 5095] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5092] fstat(4, [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] close(3 [pid 5092] getdents64(4, [pid 5095] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] rmdir("./54" [pid 5092] getdents64(4, [pid 5095] <... rmdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] mkdir("./55", 0777 [pid 5092] close(4 [pid 5095] <... mkdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] rmdir("./53/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./53") = 0 [pid 5092] mkdir("./54", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5765 [pid 5095] <... openat resumed>) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5765 attached , child_tidptr=0x555556fb25d0) = 5766 [pid 5765] chdir("./54") = 0 [pid 5765] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5765] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5766 attached [pid 5765] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5766] chdir("./55" [pid 5765] <... openat resumed>) = 3 [pid 5766] <... chdir resumed>) = 0 [pid 5765] write(3, "1000", 4 [pid 5766] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5765] <... write resumed>) = 4 [pid 5765] close(3) = 0 [pid 5766] <... prctl resumed>) = 0 [pid 5765] symlink("/dev/binderfs", "./binderfs" [pid 5766] setpgid(0, 0 [pid 5765] <... symlink resumed>) = 0 [pid 5766] <... setpgid resumed>) = 0 [pid 5765] memfd_create("syzkaller", 0 [pid 5766] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5765] <... memfd_create resumed>) = 3 [pid 5766] <... openat resumed>) = 3 [pid 5765] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5766] write(3, "1000", 4 [pid 5765] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5766] <... write resumed>) = 4 [pid 5766] close(3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5766] <... close resumed>) = 0 [pid 5766] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5766] memfd_create("syzkaller", 0) = 3 [pid 5090] lstat("./53/file1", [pid 5766] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5760] <... mount resumed>) = 0 [pid 5760] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5760] chdir("./file1") = 0 [pid 5760] ioctl(4, LOOP_CLR_FD) = 0 [ 165.022713][ T5760] REISERFS (device loop4): Using r5 hash to sort names [ 165.031539][ T5760] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5760] close(4) = 0 [pid 5760] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5090] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5760] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5760] <... mmap resumed>) = 0x20000000 [pid 5090] openat(AT_FDCWD, "./53/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5760] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5090] <... openat resumed>) = 4 [pid 5760] exit_group(0 [pid 5090] fstat(4, [pid 5760] <... exit_group resumed>) = ? [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5760] +++ exited with 0 +++ [pid 5090] getdents64(4, [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5760, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5090] getdents64(4, [pid 5094] <... restart_syscall resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4 [pid 5094] umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] rmdir("./53/file1" [pid 5765] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5759] <... mount resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5093] <... umount2 resumed>) = 0 [ 165.072424][ T5759] REISERFS (device loop1): Using r5 hash to sort names [ 165.079688][ T5759] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] <... rmdir resumed>) = 0 [pid 5759] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] fstat(3, [pid 5090] getdents64(3, [pid 5759] <... openat resumed>) = 3 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5759] chdir("./file1" [pid 5094] getdents64(3, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5759] <... chdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] close(3 [pid 5759] ioctl(4, LOOP_CLR_FD [pid 5094] umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5759] <... ioctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... close resumed>) = 0 [pid 5759] close(4 [pid 5094] lstat("./56/binderfs", [pid 5093] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] rmdir("./53" [pid 5759] <... close resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5759] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] unlink("./56/binderfs" [pid 5093] lstat("./54/file1", [pid 5090] <... rmdir resumed>) = 0 [pid 5759] <... openat resumed>) = 4 [pid 5094] <... unlink resumed>) = 0 [pid 5090] mkdir("./54", 0777 [pid 5759] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5759] <... mmap resumed>) = 0x20000000 [pid 5093] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5759] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5766] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5759] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] openat(AT_FDCWD, "./54/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... openat resumed>) = 3 [pid 5759] exit_group(0 [pid 5093] <... openat resumed>) = 4 [pid 5759] <... exit_group resumed>) = ? [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5093] fstat(4, [pid 5759] +++ exited with 0 +++ [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5759, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] getdents64(4, [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] close(3 [pid 5091] umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] getdents64(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... close resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] close(4 [pid 5091] <... openat resumed>) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... close resumed>) = 0 [pid 5091] umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5767 [pid 5093] rmdir("./54/file1" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./53/binderfs" [pid 5093] <... rmdir resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5093] getdents64(3, [pid 5091] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./54") = 0 [pid 5093] mkdir("./55", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 ./strace-static-x86_64: Process 5767 attached [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5768 [pid 5767] chdir("./54") = 0 [pid 5767] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5768 attached [pid 5768] chdir("./55" [pid 5767] <... prctl resumed>) = 0 [pid 5768] <... chdir resumed>) = 0 [pid 5767] setpgid(0, 0) = 0 [pid 5768] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5767] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5768] <... prctl resumed>) = 0 [pid 5768] setpgid(0, 0) = 0 [pid 5767] <... openat resumed>) = 3 [pid 5768] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5767] write(3, "1000", 4 [pid 5768] <... openat resumed>) = 3 [pid 5767] <... write resumed>) = 4 [pid 5768] write(3, "1000", 4 [pid 5767] close(3 [pid 5768] <... write resumed>) = 4 [pid 5767] <... close resumed>) = 0 [pid 5765] <... write resumed>) = 4194304 [pid 5768] close(3) = 0 [pid 5767] symlink("/dev/binderfs", "./binderfs" [pid 5765] munmap(0x7f12a0a40000, 4194304 [pid 5768] symlink("/dev/binderfs", "./binderfs" [pid 5767] <... symlink resumed>) = 0 [pid 5768] <... symlink resumed>) = 0 [pid 5767] memfd_create("syzkaller", 0 [pid 5765] <... munmap resumed>) = 0 [pid 5768] memfd_create("syzkaller", 0 [pid 5767] <... memfd_create resumed>) = 3 [pid 5768] <... memfd_create resumed>) = 3 [pid 5767] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5765] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5768] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5767] <... mmap resumed>) = 0x7f12a0a40000 [pid 5765] <... openat resumed>) = 4 [pid 5765] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5765] close(3) = 0 [pid 5765] mkdir("./file1", 0777) = 0 [ 165.298489][ T5765] loop2: detected capacity change from 0 to 8192 [pid 5765] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5766] <... write resumed>) = 4194304 [ 165.335846][ T5765] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5766] munmap(0x7f12a0a40000, 4194304) = 0 [ 165.381199][ T5765] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 165.390554][ T5765] REISERFS (device loop2): using ordered data mode [ 165.397703][ T5765] reiserfs: using flush barriers [pid 5768] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5767] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5766] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5091] <... umount2 resumed>) = 0 [pid 5766] ioctl(4, LOOP_SET_FD, 3 [pid 5091] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./53/file1", [pid 5766] <... ioctl resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./53/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5766] close(3 [pid 5091] <... openat resumed>) = 4 [pid 5766] <... close resumed>) = 0 [pid 5091] fstat(4, [pid 5766] mkdir("./file1", 0777) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 165.417474][ T5765] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 165.439651][ T5766] loop5: detected capacity change from 0 to 8192 [pid 5766] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... umount2 resumed>) = 0 [pid 5091] getdents64(4, [pid 5094] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] lstat("./56/file1", [pid 5091] getdents64(4, [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] close(4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./56/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... close resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5091] rmdir("./53/file1") = 0 [pid 5094] fstat(4, [pid 5091] getdents64(3, [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] getdents64(4, [pid 5091] close(3 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... close resumed>) = 0 [pid 5094] getdents64(4, [pid 5091] rmdir("./53" [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5094] close(4 [ 165.479638][ T5765] REISERFS (device loop2): checking transaction log (loop2) [ 165.493585][ T5766] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5091] mkdir("./54", 0777 [pid 5094] <... close resumed>) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5094] rmdir("./56/file1" [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] <... rmdir resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5094] getdents64(3, [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5091] close(3 [pid 5768] <... write resumed>) = 4194304 [pid 5094] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5094] rmdir("./56" [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5768] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... rmdir resumed>) = 0 [pid 5094] mkdir("./57", 0777) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5771 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5768] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5771 attached [pid 5768] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] <... openat resumed>) = 3 [pid 5771] chdir("./54") = 0 [pid 5771] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5771] setpgid(0, 0) = 0 [pid 5771] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5771] write(3, "1000", 4) = 4 [pid 5768] <... openat resumed>) = 4 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5771] close(3 [pid 5768] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5771] <... close resumed>) = 0 [pid 5771] symlink("/dev/binderfs", "./binderfs") = 0 [ 165.528194][ T5766] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 165.567698][ T5766] REISERFS (device loop5): using ordered data mode [pid 5771] memfd_create("syzkaller", 0) = 3 [pid 5771] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5768] <... ioctl resumed>) = 0 [pid 5767] <... write resumed>) = 4194304 [pid 5094] close(3 [pid 5767] munmap(0x7f12a0a40000, 4194304 [pid 5768] close(3 [pid 5094] <... close resumed>) = 0 [pid 5768] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5768] mkdir("./file1", 0777) = 0 [pid 5767] <... munmap resumed>) = 0 [pid 5767] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5768] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5767] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5772 [ 165.588671][ T5768] loop3: detected capacity change from 0 to 8192 [ 165.601136][ T5766] reiserfs: using flush barriers [ 165.626603][ T5767] loop0: detected capacity change from 0 to 8192 ./strace-static-x86_64: Process 5772 attached [ 165.627882][ T5766] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 165.650183][ T5768] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 165.669894][ T5768] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 165.670118][ T5766] REISERFS (device loop5): checking transaction log (loop5) [pid 5771] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5767] <... ioctl resumed>) = 0 [pid 5767] close(3) = 0 [pid 5767] mkdir("./file1", 0777) = 0 [pid 5767] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5772] chdir("./57") = 0 [pid 5772] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5772] setpgid(0, 0) = 0 [ 165.679680][ T5765] REISERFS (device loop2): Using r5 hash to sort names [ 165.696105][ T5768] REISERFS (device loop3): using ordered data mode [ 165.705764][ T5768] reiserfs: using flush barriers [ 165.706401][ T5767] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 165.715135][ T5765] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5772] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5772] write(3, "1000", 4) = 4 [pid 5772] close(3) = 0 [pid 5772] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5772] memfd_create("syzkaller", 0) = 3 [pid 5772] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 165.733723][ T5768] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 165.778335][ T5767] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5772] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5765] <... mount resumed>) = 0 [pid 5765] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5765] chdir("./file1") = 0 [pid 5765] ioctl(4, LOOP_CLR_FD) = 0 [ 165.790031][ T5768] REISERFS (device loop3): checking transaction log (loop3) [pid 5765] close(4 [pid 5772] <... write resumed>) = 4194304 [pid 5765] <... close resumed>) = 0 [pid 5772] munmap(0x7f12a0a40000, 4194304 [pid 5771] <... write resumed>) = 4194304 [pid 5765] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5772] <... munmap resumed>) = 0 [pid 5771] munmap(0x7f12a0a40000, 4194304 [pid 5765] <... openat resumed>) = 4 [pid 5772] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5771] <... munmap resumed>) = 0 [pid 5765] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5772] <... openat resumed>) = 4 [pid 5771] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5765] <... mmap resumed>) = 0x20000000 [pid 5772] ioctl(4, LOOP_SET_FD, 3 [pid 5771] <... openat resumed>) = 4 [pid 5765] ioctl(4, FS_IOC_GETVERSION [pid 5772] <... ioctl resumed>) = 0 [pid 5771] ioctl(4, LOOP_SET_FD, 3 [pid 5765] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 165.840133][ T5767] REISERFS (device loop0): using ordered data mode [ 165.846926][ T5767] reiserfs: using flush barriers [ 165.854188][ T5767] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 165.871393][ T5772] loop4: detected capacity change from 0 to 8192 [ 165.873557][ T5767] REISERFS (device loop0): checking transaction log (loop0) [pid 5772] close(3) = 0 [pid 5765] exit_group(0 [pid 5772] mkdir("./file1", 0777 [pid 5771] <... ioctl resumed>) = 0 [pid 5765] <... exit_group resumed>) = ? [pid 5772] <... mkdir resumed>) = 0 [pid 5771] close(3 [pid 5765] +++ exited with 0 +++ [pid 5772] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5771] <... close resumed>) = 0 [pid 5771] mkdir("./file1", 0777 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5765, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5771] <... mkdir resumed>) = 0 [ 165.909927][ T5771] loop1: detected capacity change from 0 to 8192 [pid 5771] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./54/binderfs") = 0 [ 165.948693][ T5771] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 165.961776][ T5768] REISERFS (device loop3): Using r5 hash to sort names [ 165.962072][ T5768] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 165.970867][ T5771] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 165.984182][ T5772] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5092] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5768] <... mount resumed>) = 0 [pid 5768] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 166.011249][ T5771] REISERFS (device loop1): using ordered data mode [ 166.019082][ T5771] reiserfs: using flush barriers [ 166.026493][ T5771] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 166.044795][ T5771] REISERFS (device loop1): checking transaction log (loop1) [ 166.046461][ T5772] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5768] chdir("./file1") = 0 [pid 5768] ioctl(4, LOOP_CLR_FD) = 0 [pid 5768] close(4 [pid 5766] <... mount resumed>) = 0 [pid 5768] <... close resumed>) = 0 [pid 5768] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5768] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5766] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5768] ioctl(4, FS_IOC_GETVERSION [pid 5766] chdir("./file1" [pid 5768] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5766] <... chdir resumed>) = 0 [pid 5766] ioctl(4, LOOP_CLR_FD [pid 5768] exit_group(0 [pid 5766] <... ioctl resumed>) = 0 [pid 5768] <... exit_group resumed>) = ? [pid 5766] close(4) = 0 [pid 5766] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5768] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5768, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5766] <... openat resumed>) = 4 [pid 5766] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 166.073889][ T5766] REISERFS (device loop5): Using r5 hash to sort names [ 166.081956][ T5766] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5766] <... mmap resumed>) = 0x20000000 [pid 5093] <... openat resumed>) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, [pid 5766] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5766] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5766] exit_group(0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5766] <... exit_group resumed>) = ? [pid 5093] lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./55/binderfs" [pid 5766] +++ exited with 0 +++ [pid 5093] <... unlink resumed>) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5766, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5093] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./55/binderfs") = 0 [ 166.170738][ T5772] REISERFS (device loop4): using ordered data mode [pid 5095] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./55/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./55/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./55/file1") = 0 [ 166.213776][ T5772] reiserfs: using flush barriers [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./55") = 0 [pid 5093] mkdir("./56", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] <... umount2 resumed>) = 0 [ 166.252901][ T5772] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 166.288395][ T5767] REISERFS (device loop0): Using r5 hash to sort names [pid 5095] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./55/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./55/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./55/file1") = 0 [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] getdents64(3, [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5777 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./55") = 0 [pid 5095] mkdir("./56", 0777./strace-static-x86_64: Process 5777 attached [pid 5777] chdir("./56") = 0 [pid 5777] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... mkdir resumed>) = 0 [pid 5777] <... prctl resumed>) = 0 [pid 5777] setpgid(0, 0) = 0 [ 166.307240][ T5771] REISERFS (device loop1): Using r5 hash to sort names [ 166.324897][ T5772] REISERFS (device loop4): checking transaction log (loop4) [ 166.331480][ T5767] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5777] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5767] <... mount resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = 0 [pid 5777] <... openat resumed>) = 3 [pid 5767] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5777] write(3, "1000", 4) = 4 [pid 5777] close(3 [pid 5092] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5767] <... openat resumed>) = 3 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5777] <... close resumed>) = 0 [pid 5777] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5767] chdir("./file1" [pid 5095] close(3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5777] memfd_create("syzkaller", 0 [pid 5767] <... chdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5092] lstat("./54/file1", [pid 5777] <... memfd_create resumed>) = 3 [pid 5767] ioctl(4, LOOP_CLR_FD [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5777] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5767] <... ioctl resumed>) = 0 [pid 5777] <... mmap resumed>) = 0x7f12a0a40000 [pid 5767] close(4 [pid 5092] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5767] <... close resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5778 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5767] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] openat(AT_FDCWD, "./54/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5767] <... openat resumed>) = 4 [pid 5092] <... openat resumed>) = 4 [pid 5767] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] fstat(4, [pid 5767] <... mmap resumed>) = 0x20000000 [pid 5767] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5767] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, [pid 5767] exit_group(0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5767] <... exit_group resumed>) = ? [pid 5092] close(4 [pid 5767] +++ exited with 0 +++ [pid 5092] <... close resumed>) = 0 ./strace-static-x86_64: Process 5778 attached [pid 5771] <... mount resumed>) = 0 [pid 5092] rmdir("./54/file1" [pid 5778] chdir("./56" [pid 5771] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5778] <... chdir resumed>) = 0 [pid 5771] <... openat resumed>) = 3 [ 166.366137][ T5771] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] <... rmdir resumed>) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5767, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5778] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5771] chdir("./file1" [pid 5778] <... prctl resumed>) = 0 [pid 5771] <... chdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5090] umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5771] ioctl(4, LOOP_CLR_FD [pid 5778] setpgid(0, 0) = 0 [pid 5771] <... ioctl resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5771] close(4 [pid 5090] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] close(3 [pid 5778] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5771] <... close resumed>) = 0 [pid 5771] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5778] <... openat resumed>) = 3 [pid 5771] <... openat resumed>) = 4 [pid 5092] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5778] write(3, "1000", 4 [pid 5771] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] rmdir("./54" [pid 5090] fstat(3, [pid 5778] <... write resumed>) = 4 [pid 5771] <... mmap resumed>) = 0x20000000 [pid 5771] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5092] <... rmdir resumed>) = 0 [pid 5778] close(3 [pid 5771] exit_group(0 [pid 5092] mkdir("./55", 0777 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5778] <... close resumed>) = 0 [pid 5771] <... exit_group resumed>) = ? [pid 5778] symlink("/dev/binderfs", "./binderfs" [pid 5771] +++ exited with 0 +++ [pid 5092] <... mkdir resumed>) = 0 [pid 5090] getdents64(3, [pid 5778] <... symlink resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5771, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... openat resumed>) = 3 [pid 5090] umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5778] memfd_create("syzkaller", 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./54/binderfs", [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] close(3 [pid 5090] unlink("./54/binderfs" [pid 5778] <... memfd_create resumed>) = 3 [pid 5091] umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... close resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5778] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5778] <... mmap resumed>) = 0x7f12a0a40000 [pid 5091] <... openat resumed>) = 3 [pid 5090] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5779 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./54/binderfs") = 0 [pid 5091] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5779 attached [pid 5779] chdir("./55") = 0 [pid 5779] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5779] setpgid(0, 0 [pid 5777] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5779] <... setpgid resumed>) = 0 [pid 5779] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5779] write(3, "1000", 4) = 4 [pid 5779] close(3) = 0 [pid 5779] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5779] memfd_create("syzkaller", 0) = 3 [pid 5779] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./54/file1", [pid 5778] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./54/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./54/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./54") = 0 [pid 5090] mkdir("./55", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = 0 [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5780 ./strace-static-x86_64: Process 5780 attached [pid 5780] chdir("./55") = 0 [pid 5780] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5780] setpgid(0, 0) = 0 [pid 5780] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5780] write(3, "1000", 4) = 4 [pid 5780] close(3) = 0 [pid 5780] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5780] memfd_create("syzkaller", 0) = 3 [pid 5780] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 166.658309][ T5772] REISERFS (device loop4): Using r5 hash to sort names [pid 5779] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = 0 [pid 5772] <... mount resumed>) = 0 [pid 5772] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5772] chdir("./file1") = 0 [pid 5772] ioctl(4, LOOP_CLR_FD) = 0 [ 166.722986][ T5772] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5772] close(4) = 0 [pid 5772] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5091] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5772] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5772] <... mmap resumed>) = 0x20000000 [pid 5091] lstat("./54/file1", [pid 5772] ioctl(4, FS_IOC_GETVERSION [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5772] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5780] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5772] exit_group(0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5772] <... exit_group resumed>) = ? [pid 5091] openat(AT_FDCWD, "./54/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5772] +++ exited with 0 +++ [pid 5091] <... openat resumed>) = 4 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5772, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, [pid 5094] umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] getdents64(4, [pid 5094] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5091] close(4 [pid 5094] fstat(3, [pid 5091] <... close resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] rmdir("./54/file1" [pid 5094] getdents64(3, [pid 5091] <... rmdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] getdents64(3, [pid 5094] umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] close(3 [pid 5094] lstat("./57/binderfs", [pid 5091] <... close resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] rmdir("./54" [pid 5094] unlink("./57/binderfs" [pid 5091] <... rmdir resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5091] mkdir("./55", 0777 [pid 5094] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... mkdir resumed>) = 0 [pid 5777] <... write resumed>) = 4194304 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5777] munmap(0x7f12a0a40000, 4194304 [pid 5091] close(3 [pid 5777] <... munmap resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5777] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5777] <... openat resumed>) = 4 [pid 5777] ioctl(4, LOOP_SET_FD, 3 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5781 ./strace-static-x86_64: Process 5781 attached [pid 5781] chdir("./55") = 0 [pid 5781] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5781] setpgid(0, 0) = 0 [pid 5781] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5781] write(3, "1000", 4) = 4 [pid 5781] close(3) = 0 [pid 5781] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5781] memfd_create("syzkaller", 0) = 3 [pid 5781] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5777] <... ioctl resumed>) = 0 [pid 5777] close(3) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5777] mkdir("./file1", 0777 [pid 5094] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5777] <... mkdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 166.842637][ T5777] loop3: detected capacity change from 0 to 8192 [pid 5094] lstat("./57/file1", [pid 5777] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5778] <... write resumed>) = 4194304 [pid 5094] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./57/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5778] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... openat resumed>) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./57/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./57") = 0 [pid 5094] mkdir("./58", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5778] <... munmap resumed>) = 0 [pid 5778] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5778] ioctl(4, LOOP_SET_FD, 3 [pid 5780] <... write resumed>) = 4194304 [pid 5778] <... ioctl resumed>) = 0 [pid 5780] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5780] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5778] close(3 [pid 5780] <... openat resumed>) = 4 [pid 5780] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... openat resumed>) = 3 [pid 5778] <... close resumed>) = 0 [ 166.925240][ T5777] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 166.952272][ T5778] loop5: detected capacity change from 0 to 8192 [pid 5778] mkdir("./file1", 0777) = 0 [pid 5778] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5780] <... ioctl resumed>) = 0 [pid 5780] close(3 [pid 5779] <... write resumed>) = 4194304 [pid 5094] close(3 [pid 5780] <... close resumed>) = 0 [pid 5094] <... close resumed>) = 0 [ 166.982503][ T5780] loop0: detected capacity change from 0 to 8192 [ 166.991524][ T5777] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 167.019764][ T5778] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5780] mkdir("./file1", 0777 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5779] munmap(0x7f12a0a40000, 4194304 [pid 5780] <... mkdir resumed>) = 0 [pid 5780] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5784 ./strace-static-x86_64: Process 5784 attached [pid 5779] <... munmap resumed>) = 0 [pid 5781] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5779] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5779] ioctl(4, LOOP_SET_FD, 3 [ 167.023994][ T5777] REISERFS (device loop3): using ordered data mode [ 167.039790][ T5777] reiserfs: using flush barriers [ 167.051890][ T5780] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 167.057201][ T5779] loop2: detected capacity change from 0 to 8192 [pid 5784] chdir("./58") = 0 [pid 5779] <... ioctl resumed>) = 0 [pid 5784] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5784] setpgid(0, 0) = 0 [pid 5784] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5779] close(3) = 0 [pid 5779] mkdir("./file1", 0777) = 0 [pid 5779] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5784] <... openat resumed>) = 3 [pid 5784] write(3, "1000", 4) = 4 [pid 5784] close(3) = 0 [pid 5784] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5784] memfd_create("syzkaller", 0) = 3 [pid 5784] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 167.067838][ T5777] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 167.082309][ T5778] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 167.088924][ T5780] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 167.108766][ T5777] REISERFS (device loop3): checking transaction log (loop3) [ 167.118402][ T5780] REISERFS (device loop0): using ordered data mode [ 167.126840][ T5780] reiserfs: using flush barriers [ 167.134396][ T5778] REISERFS (device loop5): using ordered data mode [ 167.135817][ T5779] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 167.151214][ T5780] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 167.170378][ T5778] reiserfs: using flush barriers [pid 5781] <... write resumed>) = 4194304 [pid 5781] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5781] openat(AT_FDCWD, "/dev/loop1", O_RDWR [ 167.180796][ T5778] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 167.195656][ T5779] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5784] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5781] <... openat resumed>) = 4 [pid 5781] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5781] close(3) = 0 [pid 5781] mkdir("./file1", 0777) = 0 [ 167.232159][ T5778] REISERFS (device loop5): checking transaction log (loop5) [ 167.243012][ T5781] loop1: detected capacity change from 0 to 8192 [ 167.243979][ T5780] REISERFS (device loop0): checking transaction log (loop0) [ 167.262563][ T5779] REISERFS (device loop2): using ordered data mode [pid 5781] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5784] <... write resumed>) = 4194304 [pid 5784] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5784] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 167.278676][ T5779] reiserfs: using flush barriers [ 167.286821][ T5781] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 167.300171][ T5779] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5784] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5784] close(3) = 0 [pid 5784] mkdir("./file1", 0777) = 0 [ 167.351181][ T5781] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 167.351461][ T5784] loop4: detected capacity change from 0 to 8192 [ 167.360677][ T5781] REISERFS (device loop1): using ordered data mode [ 167.373873][ T5781] reiserfs: using flush barriers [ 167.380590][ T5779] REISERFS (device loop2): checking transaction log (loop2) [ 167.381201][ T5781] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 167.440018][ T5781] REISERFS (device loop1): checking transaction log (loop1) [ 167.456965][ T5784] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 167.480748][ T5784] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5784] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5780] <... mount resumed>) = 0 [pid 5780] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5780] chdir("./file1") = 0 [pid 5780] ioctl(4, LOOP_CLR_FD) = 0 [pid 5780] close(4) = 0 [pid 5780] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5777] <... mount resumed>) = 0 [pid 5777] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5777] chdir("./file1") = 0 [pid 5777] ioctl(4, LOOP_CLR_FD) = 0 [pid 5777] close(4) = 0 [ 167.498310][ T5777] REISERFS (device loop3): Using r5 hash to sort names [ 167.500752][ T5780] REISERFS (device loop0): Using r5 hash to sort names [ 167.514820][ T5780] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 167.535604][ T5777] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5777] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5780] <... openat resumed>) = 4 [pid 5777] <... openat resumed>) = 4 [pid 5780] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5777] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 167.561634][ T5784] REISERFS (device loop4): using ordered data mode [ 167.568659][ T5784] reiserfs: using flush barriers [pid 5777] ioctl(4, FS_IOC_GETVERSION [pid 5780] <... mmap resumed>) = 0x20000000 [pid 5777] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5780] ioctl(4, FS_IOC_GETVERSION [pid 5777] exit_group(0 [pid 5780] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5777] <... exit_group resumed>) = ? [pid 5780] exit_group(0) = ? [pid 5780] +++ exited with 0 +++ [pid 5777] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5777, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=23 /* 0.23 s */} --- [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5780, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5093] umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 167.598334][ T5784] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 167.613210][ T5778] REISERFS (device loop5): Using r5 hash to sort names [pid 5093] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./56/binderfs") = 0 [pid 5093] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./55/binderfs", [pid 5778] <... mount resumed>) = 0 [pid 5778] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5778] <... openat resumed>) = 3 [pid 5778] chdir("./file1") = 0 [pid 5778] ioctl(4, LOOP_CLR_FD) = 0 [ 167.653861][ T5778] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 167.657569][ T5784] REISERFS (device loop4): checking transaction log (loop4) [ 167.684291][ T5779] REISERFS (device loop2): Using r5 hash to sort names [pid 5778] close(4) = 0 [pid 5090] unlink("./55/binderfs" [pid 5778] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5090] <... unlink resumed>) = 0 [pid 5778] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5778] <... mmap resumed>) = 0x20000000 [pid 5778] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5778] exit_group(0) = ? [pid 5778] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5778, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5095] umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./56/binderfs") = 0 [pid 5095] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5779] <... mount resumed>) = 0 [ 167.722419][ T5779] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5779] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5779] chdir("./file1") = 0 [pid 5779] ioctl(4, LOOP_CLR_FD) = 0 [pid 5779] close(4) = 0 [pid 5779] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5779] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5779] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5779] exit_group(0) = ? [pid 5779] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5779, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5092] umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./55/binderfs") = 0 [pid 5092] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5781] <... mount resumed>) = 0 [ 167.802609][ T5781] REISERFS (device loop1): Using r5 hash to sort names [ 167.834538][ T5781] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5781] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5781] chdir("./file1") = 0 [pid 5781] ioctl(4, LOOP_CLR_FD) = 0 [pid 5781] close(4) = 0 [pid 5781] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5781] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5781] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5781] exit_group(0) = ? [pid 5781] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5781, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5091] umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./55/binderfs") = 0 [pid 5091] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./56/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./56/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./56/file1" [pid 5095] <... umount2 resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5093] getdents64(3, [pid 5090] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] lstat("./56/file1", [pid 5093] close(3 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./55/file1", [pid 5095] openat(AT_FDCWD, "./56/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] rmdir("./56" [pid 5095] <... openat resumed>) = 4 [pid 5093] <... rmdir resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] mkdir("./57", 0777 [pid 5090] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] <... mkdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] close(4) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5095] rmdir("./56/file1") = 0 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5090] openat(AT_FDCWD, "./55/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] getdents64(3, [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5095] close(3 [pid 5093] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5095] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] fstat(4, [pid 5095] rmdir("./56") = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] mkdir("./57", 0777 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5789 [pid 5095] <... mkdir resumed>) = 0 [pid 5090] getdents64(4, [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5789 attached [pid 5789] chdir("./57" [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5790 [pid 5789] <... chdir resumed>) = 0 [pid 5789] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5789] setpgid(0, 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5789] <... setpgid resumed>) = 0 [pid 5090] getdents64(4, [pid 5789] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5789] write(3, "1000", 4) = 4 [pid 5090] close(4 [pid 5789] close(3) = 0 [pid 5090] <... close resumed>) = 0 [pid 5789] symlink("/dev/binderfs", "./binderfs" [pid 5090] rmdir("./55/file1" [pid 5789] <... symlink resumed>) = 0 [pid 5789] memfd_create("syzkaller", 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5789] <... memfd_create resumed>) = 3 [pid 5090] getdents64(3, [pid 5789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5790 attached [pid 5090] close(3 [pid 5790] chdir("./57" [pid 5090] <... close resumed>) = 0 [pid 5790] <... chdir resumed>) = 0 [pid 5090] rmdir("./55") = 0 [pid 5090] mkdir("./56", 0777 [pid 5790] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5790] setpgid(0, 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5790] <... setpgid resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5790] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5790] <... openat resumed>) = 3 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5790] write(3, "1000", 4 [pid 5090] close(3 [pid 5790] <... write resumed>) = 4 [pid 5790] close(3 [pid 5090] <... close resumed>) = 0 [pid 5790] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5790] symlink("/dev/binderfs", "./binderfs") = 0 [ 168.077572][ T5784] REISERFS (device loop4): Using r5 hash to sort names [ 168.102696][ T5784] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5791 [pid 5790] memfd_create("syzkaller", 0) = 3 [pid 5790] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5790] <... mmap resumed>) = 0x7f12a0a40000 ./strace-static-x86_64: Process 5791 attached [pid 5791] chdir("./56") = 0 [pid 5791] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5791] setpgid(0, 0) = 0 [pid 5092] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5791] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5791] <... openat resumed>) = 3 [pid 5791] write(3, "1000", 4 [pid 5092] lstat("./55/file1", [pid 5791] <... write resumed>) = 4 [pid 5791] close(3 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5791] <... close resumed>) = 0 [pid 5791] symlink("/dev/binderfs", "./binderfs" [pid 5092] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5791] <... symlink resumed>) = 0 [pid 5784] <... mount resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5791] memfd_create("syzkaller", 0 [pid 5092] openat(AT_FDCWD, "./55/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5784] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5791] <... memfd_create resumed>) = 3 [pid 5092] <... openat resumed>) = 4 [pid 5791] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5784] <... openat resumed>) = 3 [pid 5092] fstat(4, [pid 5791] <... mmap resumed>) = 0x7f12a0a40000 [pid 5784] chdir("./file1" [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5784] <... chdir resumed>) = 0 [pid 5092] getdents64(4, [pid 5784] ioctl(4, LOOP_CLR_FD [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5784] <... ioctl resumed>) = 0 [pid 5092] getdents64(4, [pid 5784] close(4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5784] <... close resumed>) = 0 [pid 5092] close(4 [pid 5784] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./55/file1" [pid 5784] <... openat resumed>) = 4 [pid 5092] <... rmdir resumed>) = 0 [pid 5784] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5784] <... mmap resumed>) = 0x20000000 [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./55" [pid 5784] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... rmdir resumed>) = 0 [pid 5784] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] mkdir("./56", 0777 [pid 5784] exit_group(0 [pid 5092] <... mkdir resumed>) = 0 [pid 5784] <... exit_group resumed>) = ? [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3 [pid 5784] +++ exited with 0 +++ [pid 5092] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5784, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=15 /* 0.15 s */} --- [pid 5094] umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5792 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5792 attached ) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = 0 [pid 5792] chdir("./56" [pid 5094] lstat("./58/binderfs", [pid 5792] <... chdir resumed>) = 0 [pid 5789] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5792] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] unlink("./58/binderfs" [pid 5792] <... prctl resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5792] setpgid(0, 0 [pid 5094] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5792] <... setpgid resumed>) = 0 [pid 5091] lstat("./55/file1", [pid 5792] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5792] write(3, "1000", 4) = 4 [pid 5792] close(3) = 0 [pid 5792] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5792] memfd_create("syzkaller", 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5792] <... memfd_create resumed>) = 3 [pid 5091] umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5792] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./55/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5790] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... close resumed>) = 0 [pid 5091] rmdir("./55/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3 [pid 5791] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... close resumed>) = 0 [pid 5091] rmdir("./55") = 0 [pid 5091] mkdir("./56", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5793 ./strace-static-x86_64: Process 5793 attached [pid 5793] chdir("./56") = 0 [pid 5793] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5793] setpgid(0, 0) = 0 [pid 5793] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5793] write(3, "1000", 4) = 4 [pid 5793] close(3) = 0 [pid 5793] symlink("/dev/binderfs", "./binderfs" [pid 5792] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5793] <... symlink resumed>) = 0 [pid 5793] memfd_create("syzkaller", 0) = 3 [pid 5793] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5790] <... write resumed>) = 4194304 [pid 5793] <... mmap resumed>) = 0x7f12a0a40000 [pid 5790] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5790] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5789] <... write resumed>) = 4194304 [pid 5790] <... openat resumed>) = 4 [pid 5790] ioctl(4, LOOP_SET_FD, 3 [pid 5789] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5789] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5789] ioctl(4, LOOP_SET_FD, 3 [pid 5790] <... ioctl resumed>) = 0 [pid 5790] close(3) = 0 [pid 5790] mkdir("./file1", 0777) = 0 [pid 5790] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5789] <... ioctl resumed>) = 0 [pid 5789] close(3) = 0 [pid 5789] mkdir("./file1", 0777) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5789] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5793] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5791] <... write resumed>) = 4194304 [ 168.453514][ T5790] loop5: detected capacity change from 0 to 8192 [ 168.468035][ T5789] loop3: detected capacity change from 0 to 8192 [pid 5792] <... write resumed>) = 4194304 [pid 5792] munmap(0x7f12a0a40000, 4194304 [pid 5094] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5792] <... munmap resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5792] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] lstat("./58/file1", [pid 5792] <... openat resumed>) = 4 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5792] ioctl(4, LOOP_SET_FD, 3 [pid 5094] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./58/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, [pid 5791] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5792] <... ioctl resumed>) = 0 [pid 5791] <... munmap resumed>) = 0 [pid 5094] getdents64(4, [pid 5792] close(3 [pid 5791] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5792] <... close resumed>) = 0 [pid 5791] <... openat resumed>) = 4 [pid 5094] getdents64(4, [pid 5792] mkdir("./file1", 0777 [pid 5791] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [ 168.512367][ T5790] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 168.525813][ T5789] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 168.551394][ T5792] loop2: detected capacity change from 0 to 8192 [pid 5793] <... write resumed>) = 4194304 [pid 5792] <... mkdir resumed>) = 0 [pid 5791] <... ioctl resumed>) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./58/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./58" [pid 5793] munmap(0x7f12a0a40000, 4194304 [pid 5792] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... rmdir resumed>) = 0 [pid 5094] mkdir("./59", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 168.564323][ T5791] loop0: detected capacity change from 0 to 8192 [ 168.564940][ T5790] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 168.580355][ T5790] REISERFS (device loop5): using ordered data mode [ 168.588995][ T5790] reiserfs: using flush barriers [ 168.595369][ T5789] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5094] close(3 [pid 5793] <... munmap resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5793] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5793] <... openat resumed>) = 4 [pid 5791] close(3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5797 ./strace-static-x86_64: Process 5797 attached [pid 5797] chdir("./59") = 0 [pid 5797] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 168.595583][ T5790] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 168.604690][ T5789] REISERFS (device loop3): using ordered data mode [ 168.627524][ T5789] reiserfs: using flush barriers [ 168.634712][ T5789] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 168.634872][ T5792] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5797] setpgid(0, 0 [pid 5793] ioctl(4, LOOP_SET_FD, 3 [pid 5791] <... close resumed>) = 0 [pid 5791] mkdir("./file1", 0777) = 0 [pid 5797] <... setpgid resumed>) = 0 [ 168.664009][ T5792] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 168.673378][ T5792] REISERFS (device loop2): using ordered data mode [ 168.673936][ T5793] loop1: detected capacity change from 0 to 8192 [ 168.679898][ T5792] reiserfs: using flush barriers [ 168.692953][ T5790] REISERFS (device loop5): checking transaction log (loop5) [pid 5791] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5797] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5793] <... ioctl resumed>) = 0 [pid 5793] close(3) = 0 [pid 5793] mkdir("./file1", 0777 [pid 5797] <... openat resumed>) = 3 [pid 5797] write(3, "1000", 4) = 4 [pid 5797] close(3 [pid 5793] <... mkdir resumed>) = 0 [pid 5793] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5797] <... close resumed>) = 0 [ 168.694202][ T5792] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 168.706173][ T5789] REISERFS (device loop3): checking transaction log (loop3) [ 168.743343][ T5792] REISERFS (device loop2): checking transaction log (loop2) [pid 5797] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5797] memfd_create("syzkaller", 0) = 3 [pid 5797] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 168.753203][ T5793] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 168.767092][ T5791] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5789] <... mount resumed>) = 0 [ 168.830071][ T5791] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 168.840430][ T5791] REISERFS (device loop0): using ordered data mode [ 168.847647][ T5789] REISERFS (device loop3): Using r5 hash to sort names [ 168.855630][ T5789] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 168.865756][ T5793] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5789] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5789] chdir("./file1") = 0 [pid 5789] ioctl(4, LOOP_CLR_FD) = 0 [pid 5789] close(4) = 0 [pid 5789] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5789] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5789] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5789] exit_group(0) = ? [pid 5789] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5789, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [ 168.876468][ T5793] REISERFS (device loop1): using ordered data mode [ 168.883515][ T5793] reiserfs: using flush barriers [pid 5093] umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./57/binderfs") = 0 [pid 5093] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 168.923200][ T5793] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 168.927510][ T5791] reiserfs: using flush barriers [ 168.941910][ T5793] REISERFS (device loop1): checking transaction log (loop1) [ 169.044408][ T5791] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 169.082540][ T5790] REISERFS (device loop5): Using r5 hash to sort names [ 169.099458][ T5790] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 169.123118][ T5791] REISERFS (device loop0): checking transaction log (loop0) [pid 5797] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5790] <... mount resumed>) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5790] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5790] chdir("./file1" [pid 5797] <... write resumed>) = 4194304 [pid 5093] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5790] <... chdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5790] ioctl(4, LOOP_CLR_FD [pid 5093] lstat("./57/file1", [pid 5790] <... ioctl resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5790] close(4 [pid 5093] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5790] <... close resumed>) = 0 [ 169.151801][ T5792] REISERFS (device loop2): Using r5 hash to sort names [pid 5790] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5797] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5093] openat(AT_FDCWD, "./57/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5790] <... openat resumed>) = 4 [pid 5093] <... openat resumed>) = 4 [pid 5790] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] fstat(4, [pid 5797] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5790] <... mmap resumed>) = 0x20000000 [pid 5790] ioctl(4, FS_IOC_GETVERSION [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5790] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] getdents64(4, [pid 5797] ioctl(4, LOOP_SET_FD, 3 [pid 5790] exit_group(0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5790] <... exit_group resumed>) = ? [pid 5093] getdents64(4, [pid 5792] <... mount resumed>) = 0 [pid 5790] +++ exited with 0 +++ [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5790, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5093] close(4 [pid 5095] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5093] rmdir("./57/file1" [pid 5095] umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... rmdir resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5093] getdents64(3, [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5792] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] getdents64(3, [pid 5093] close(3 [pid 5792] <... openat resumed>) = 3 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... close resumed>) = 0 [pid 5797] <... ioctl resumed>) = 0 [pid 5792] chdir("./file1" [pid 5095] umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] rmdir("./57" [pid 5797] close(3 [pid 5792] <... chdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5797] <... close resumed>) = 0 [pid 5792] ioctl(4, LOOP_CLR_FD [ 169.187377][ T5792] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 169.215431][ T5797] loop4: detected capacity change from 0 to 8192 [pid 5095] lstat("./57/binderfs", [pid 5797] mkdir("./file1", 0777 [pid 5792] <... ioctl resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5797] <... mkdir resumed>) = 0 [pid 5792] close(4 [pid 5095] unlink("./57/binderfs" [pid 5797] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5792] <... close resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5093] mkdir("./58", 0777 [pid 5792] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5792] <... openat resumed>) = 4 [pid 5093] <... mkdir resumed>) = 0 [pid 5792] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5792] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5792] exit_group(0) = ? [pid 5792] +++ exited with 0 +++ [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5792, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5793] <... mount resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5801 [pid 5793] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5793] chdir("./file1" [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5793] <... chdir resumed>) = 0 [pid 5092] umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./56/binderfs", [pid 5793] ioctl(4, LOOP_CLR_FD [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5793] <... ioctl resumed>) = 0 [pid 5092] unlink("./56/binderfs" [pid 5793] close(4) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5793] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5092] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5793] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5793] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5793] exit_group(0) = ? [pid 5793] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5793, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5091] umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 169.237431][ T5793] REISERFS (device loop1): Using r5 hash to sort names [ 169.261418][ T5793] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 169.272158][ T5797] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5091] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./56/binderfs") = 0 [pid 5091] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5801 attached [pid 5801] chdir("./58") = 0 [ 169.322968][ T5797] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 169.332953][ T5797] REISERFS (device loop4): using ordered data mode [ 169.339521][ T5797] reiserfs: using flush barriers [ 169.347829][ T5797] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5801] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5801] setpgid(0, 0) = 0 [pid 5801] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5801] write(3, "1000", 4) = 4 [pid 5801] close(3) = 0 [pid 5801] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5801] memfd_create("syzkaller", 0) = 3 [pid 5801] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 169.370474][ T5797] REISERFS (device loop4): checking transaction log (loop4) [pid 5801] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./56/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./56/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 169.484727][ T5791] REISERFS (device loop0): Using r5 hash to sort names [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./56/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./56") = 0 [pid 5091] mkdir("./57", 0777) = 0 [pid 5791] <... mount resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5791] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5791] chdir("./file1") = 0 [ 169.527967][ T5791] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5791] ioctl(4, LOOP_CLR_FD) = 0 [pid 5791] close(4 [pid 5091] <... openat resumed>) = 3 [pid 5791] <... close resumed>) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5802 [pid 5791] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5791] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0./strace-static-x86_64: Process 5802 attached [pid 5802] chdir("./57" [pid 5791] <... mmap resumed>) = 0x20000000 [pid 5791] ioctl(4, FS_IOC_GETVERSION [pid 5802] <... chdir resumed>) = 0 [pid 5791] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5802] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5791] exit_group(0 [pid 5802] <... prctl resumed>) = 0 [pid 5791] <... exit_group resumed>) = ? [pid 5802] setpgid(0, 0 [pid 5791] +++ exited with 0 +++ [pid 5802] <... setpgid resumed>) = 0 [pid 5802] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5791, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5802] write(3, "1000", 4) = 4 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5802] close(3 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5802] <... close resumed>) = 0 [pid 5802] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5802] memfd_create("syzkaller", 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5802] <... memfd_create resumed>) = 3 [pid 5090] umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5802] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./56/binderfs") = 0 [pid 5090] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./57/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] lstat("./56/file1", [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./57/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5801] <... write resumed>) = 4194304 [pid 5095] <... openat resumed>) = 4 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5801] munmap(0x7f12a0a40000, 4194304 [pid 5095] fstat(4, [pid 5801] <... munmap resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5801] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] getdents64(4, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5801] <... openat resumed>) = 4 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5801] ioctl(4, LOOP_SET_FD, 3 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] openat(AT_FDCWD, "./56/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] close(4) = 0 [pid 5095] rmdir("./57/file1" [pid 5092] <... openat resumed>) = 4 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] fstat(4, [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] close(3 [pid 5092] getdents64(4, [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./57") = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] mkdir("./58", 0777 [pid 5092] getdents64(4, [pid 5095] <... mkdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] close(4 [pid 5095] <... openat resumed>) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5092] <... close resumed>) = 0 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] close(3 [pid 5092] rmdir("./56/file1" [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5803 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5801] <... ioctl resumed>) = 0 [pid 5801] close(3 [pid 5092] <... close resumed>) = 0 [pid 5801] <... close resumed>) = 0 [pid 5092] rmdir("./56" [pid 5801] mkdir("./file1", 0777./strace-static-x86_64: Process 5803 attached [pid 5802] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5801] <... mkdir resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5803] chdir("./58" [pid 5801] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] mkdir("./57", 0777 [pid 5803] <... chdir resumed>) = 0 [pid 5803] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5803] setpgid(0, 0) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5803] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 169.710502][ T5801] loop3: detected capacity change from 0 to 8192 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5803] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5803] write(3, "1000", 4 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5803] <... write resumed>) = 4 [pid 5803] close(3 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5803] <... close resumed>) = 0 [pid 5803] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5803] memfd_create("syzkaller", 0) = 3 [pid 5803] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5805 [ 169.763136][ T5801] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 169.801658][ T5797] REISERFS (device loop4): Using r5 hash to sort names ./strace-static-x86_64: Process 5805 attached [pid 5805] chdir("./57") = 0 [pid 5805] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5805] setpgid(0, 0) = 0 [pid 5805] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5805] write(3, "1000", 4) = 4 [pid 5805] close(3) = 0 [pid 5805] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5805] memfd_create("syzkaller", 0) = 3 [pid 5805] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 169.808968][ T5797] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 169.827573][ T5801] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5797] <... mount resumed>) = 0 [pid 5797] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5797] chdir("./file1") = 0 [pid 5803] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5797] ioctl(4, LOOP_CLR_FD) = 0 [pid 5797] close(4) = 0 [pid 5797] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5797] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5797] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5797] exit_group(0) = ? [pid 5797] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5797, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 169.863138][ T5801] REISERFS (device loop3): using ordered data mode [ 169.892187][ T5801] reiserfs: using flush barriers [pid 5094] unlink("./59/binderfs") = 0 [pid 5094] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5805] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5802] <... write resumed>) = 4194304 [pid 5090] <... umount2 resumed>) = 0 [ 169.939919][ T5801] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5802] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5090] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5802] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5802] ioctl(4, LOOP_SET_FD, 3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./56/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./56/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5802] <... ioctl resumed>) = 0 [pid 5802] close(3) = 0 [pid 5802] mkdir("./file1", 0777 [pid 5090] <... openat resumed>) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5802] <... mkdir resumed>) = 0 [pid 5802] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./56/file1") = 0 [ 170.001639][ T5802] loop1: detected capacity change from 0 to 8192 [ 170.003639][ T5801] REISERFS (device loop3): checking transaction log (loop3) [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./56") = 0 [pid 5090] mkdir("./57", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5803] <... write resumed>) = 4194304 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5807 ./strace-static-x86_64: Process 5807 attached [ 170.048315][ T5802] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5807] chdir("./57" [pid 5803] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5803] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5803] ioctl(4, LOOP_SET_FD, 3 [pid 5807] <... chdir resumed>) = 0 [pid 5807] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5807] setpgid(0, 0) = 0 [pid 5807] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5807] write(3, "1000", 4) = 4 [pid 5803] <... ioctl resumed>) = 0 [pid 5803] close(3 [pid 5807] close(3 [pid 5803] <... close resumed>) = 0 [pid 5803] mkdir("./file1", 0777 [pid 5807] <... close resumed>) = 0 [pid 5803] <... mkdir resumed>) = 0 [pid 5807] symlink("/dev/binderfs", "./binderfs" [pid 5803] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5807] <... symlink resumed>) = 0 [pid 5807] memfd_create("syzkaller", 0 [pid 5805] <... write resumed>) = 4194304 [pid 5805] munmap(0x7f12a0a40000, 4194304 [pid 5807] <... memfd_create resumed>) = 3 [ 170.113931][ T5803] loop5: detected capacity change from 0 to 8192 [ 170.132565][ T5802] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5807] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5805] <... munmap resumed>) = 0 [pid 5805] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5805] ioctl(4, LOOP_SET_FD, 3 [pid 5807] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5805] <... ioctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5805] close(3 [pid 5094] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5805] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5805] mkdir("./file1", 0777 [pid 5094] lstat("./59/file1", [pid 5805] <... mkdir resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5805] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 170.165788][ T5805] loop2: detected capacity change from 0 to 8192 [ 170.173806][ T5802] REISERFS (device loop1): using ordered data mode [ 170.181661][ T5803] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 170.212098][ T5802] reiserfs: using flush barriers [pid 5094] openat(AT_FDCWD, "./59/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [ 170.223052][ T5802] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 170.242825][ T5803] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 170.242990][ T5805] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 170.254566][ T5803] REISERFS (device loop5): using ordered data mode [pid 5094] rmdir("./59/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./59") = 0 [pid 5094] mkdir("./60", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5807] <... write resumed>) = 4194304 [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 170.272250][ T5802] REISERFS (device loop1): checking transaction log (loop1) [ 170.305303][ T5805] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 170.314861][ T5805] REISERFS (device loop2): using ordered data mode [ 170.321680][ T5805] reiserfs: using flush barriers [ 170.327787][ T5803] reiserfs: using flush barriers [ 170.332146][ T5805] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 170.337391][ T5807] loop0: detected capacity change from 0 to 8192 [ 170.349946][ T5803] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5094] close(3 [pid 5807] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... close resumed>) = 0 [pid 5807] <... munmap resumed>) = 0 [pid 5807] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5807] ioctl(4, LOOP_SET_FD, 3 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5807] <... ioctl resumed>) = 0 [pid 5807] close(3) = 0 [pid 5807] mkdir("./file1", 0777) = 0 [pid 5807] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5811 attached [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5811 [pid 5811] chdir("./60") = 0 [pid 5811] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5811] setpgid(0, 0) = 0 [pid 5811] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5811] write(3, "1000", 4) = 4 [pid 5811] close(3) = 0 [pid 5811] symlink("/dev/binderfs", "./binderfs") = 0 [ 170.376171][ T5805] REISERFS (device loop2): checking transaction log (loop2) [ 170.385653][ T5807] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 170.390832][ T5803] REISERFS (device loop5): checking transaction log (loop5) [pid 5811] memfd_create("syzkaller", 0) = 3 [pid 5811] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 170.428229][ T5801] REISERFS (device loop3): Using r5 hash to sort names [ 170.433283][ T5807] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 170.446553][ T5807] REISERFS (device loop0): using ordered data mode [ 170.453330][ T5807] reiserfs: using flush barriers [pid 5811] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5801] <... mount resumed>) = 0 [pid 5801] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5801] chdir("./file1") = 0 [pid 5801] ioctl(4, LOOP_CLR_FD) = 0 [pid 5801] close(4) = 0 [pid 5801] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5801] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 170.465522][ T5807] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 170.485625][ T5801] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 170.497299][ T5807] REISERFS (device loop0): checking transaction log (loop0) [pid 5801] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5801] exit_group(0) = ? [pid 5801] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5801, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5811] <... write resumed>) = 4194304 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5811] munmap(0x7f12a0a40000, 4194304 [pid 5093] umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5811] <... munmap resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5811] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] lstat("./58/binderfs", [pid 5811] <... openat resumed>) = 4 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5811] ioctl(4, LOOP_SET_FD, 3 [pid 5093] unlink("./58/binderfs") = 0 [pid 5093] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5811] <... ioctl resumed>) = 0 [pid 5811] close(3) = 0 [ 170.614460][ T5802] REISERFS (device loop1): Using r5 hash to sort names [ 170.641832][ T5811] loop4: detected capacity change from 0 to 8192 [pid 5811] mkdir("./file1", 0777) = 0 [ 170.672630][ T5802] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 170.698517][ T5811] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 170.716297][ T5805] REISERFS (device loop2): Using r5 hash to sort names [pid 5811] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5802] <... mount resumed>) = 0 [pid 5805] <... mount resumed>) = 0 [ 170.718593][ T5811] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 170.725708][ T5807] REISERFS (device loop0): Using r5 hash to sort names [ 170.732651][ T5811] REISERFS (device loop4): using ordered data mode [ 170.746096][ T5811] reiserfs: using flush barriers [ 170.752972][ T5805] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 170.762861][ T5807] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5802] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5807] <... mount resumed>) = 0 [pid 5805] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5802] <... openat resumed>) = 3 [pid 5807] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5805] <... openat resumed>) = 3 [pid 5802] chdir("./file1" [pid 5807] <... openat resumed>) = 3 [ 170.764506][ T5811] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5805] chdir("./file1" [pid 5802] <... chdir resumed>) = 0 [pid 5807] chdir("./file1" [pid 5805] <... chdir resumed>) = 0 [pid 5802] ioctl(4, LOOP_CLR_FD [pid 5093] <... umount2 resumed>) = 0 [pid 5807] <... chdir resumed>) = 0 [pid 5805] ioctl(4, LOOP_CLR_FD [pid 5802] <... ioctl resumed>) = 0 [pid 5093] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5807] ioctl(4, LOOP_CLR_FD [pid 5805] <... ioctl resumed>) = 0 [pid 5802] close(4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5807] <... ioctl resumed>) = 0 [pid 5805] close(4 [pid 5802] <... close resumed>) = 0 [pid 5807] close(4 [pid 5805] <... close resumed>) = 0 [pid 5802] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] lstat("./58/file1", [pid 5807] <... close resumed>) = 0 [pid 5805] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5802] <... openat resumed>) = 4 [pid 5807] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5805] <... openat resumed>) = 4 [pid 5807] <... openat resumed>) = 4 [pid 5807] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5805] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5802] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5807] <... mmap resumed>) = 0x20000000 [pid 5805] <... mmap resumed>) = 0x20000000 [pid 5807] ioctl(4, FS_IOC_GETVERSION [pid 5805] ioctl(4, FS_IOC_GETVERSION [pid 5802] <... mmap resumed>) = 0x20000000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5807] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5805] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5802] ioctl(4, FS_IOC_GETVERSION [pid 5093] openat(AT_FDCWD, "./58/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5807] exit_group(0 [pid 5805] exit_group(0 [pid 5802] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... openat resumed>) = 4 [pid 5807] <... exit_group resumed>) = ? [pid 5805] <... exit_group resumed>) = ? [pid 5802] exit_group(0 [pid 5093] fstat(4, [pid 5807] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5807, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5805] +++ exited with 0 +++ [pid 5802] <... exit_group resumed>) = ? [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5802] +++ exited with 0 +++ [pid 5093] getdents64(4, [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5805, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5090] <... restart_syscall resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5802, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [ 170.813797][ T5803] REISERFS (device loop5): Using r5 hash to sort names [ 170.818112][ T5811] REISERFS (device loop4): checking transaction log (loop4) [ 170.845454][ T5803] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] getdents64(4, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5803] <... mount resumed>) = 0 [pid 5093] close(4 [pid 5092] <... openat resumed>) = 3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5803] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... close resumed>) = 0 [pid 5092] fstat(3, [pid 5090] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5803] <... openat resumed>) = 3 [pid 5093] rmdir("./58/file1" [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5803] chdir("./file1" [pid 5093] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5091] umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] fstat(3, [pid 5803] <... chdir resumed>) = 0 [pid 5093] getdents64(3, [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5803] ioctl(4, LOOP_CLR_FD [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] getdents64(3, [pid 5803] <... ioctl resumed>) = 0 [pid 5093] close(3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... openat resumed>) = 3 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5803] close(4 [pid 5093] <... close resumed>) = 0 [pid 5092] lstat("./57/binderfs", [pid 5091] fstat(3, [pid 5090] umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5803] <... close resumed>) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5803] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] unlink("./57/binderfs" [pid 5091] getdents64(3, [pid 5090] lstat("./57/binderfs", [pid 5803] <... openat resumed>) = 4 [pid 5093] rmdir("./58" [pid 5092] <... unlink resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5803] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] unlink("./57/binderfs" [pid 5803] <... mmap resumed>) = 0x20000000 [pid 5093] mkdir("./59", 0777 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... unlink resumed>) = 0 [pid 5803] ioctl(4, FS_IOC_GETVERSION [pid 5091] lstat("./57/binderfs", [pid 5090] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5803] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... mkdir resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5803] exit_group(0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] unlink("./57/binderfs" [pid 5803] <... exit_group resumed>) = ? [pid 5093] <... openat resumed>) = 3 [pid 5091] <... unlink resumed>) = 0 [pid 5803] +++ exited with 0 +++ [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5091] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5803, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=28 /* 0.28 s */} --- [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5813 [pid 5095] umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5813 attached ) = -1 EINVAL (Invalid argument) [pid 5813] chdir("./59" [pid 5095] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5813] <... chdir resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5813] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] fstat(3, [pid 5813] <... prctl resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5813] setpgid(0, 0 [pid 5095] getdents64(3, [pid 5813] <... setpgid resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5813] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5813] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5813] write(3, "1000", 4 [pid 5095] lstat("./58/binderfs", [pid 5813] <... write resumed>) = 4 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./58/binderfs" [pid 5813] close(3 [pid 5095] <... unlink resumed>) = 0 [pid 5813] <... close resumed>) = 0 [pid 5095] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 171.011638][ T5811] REISERFS (device loop4): Using r5 hash to sort names [ 171.019025][ T5811] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5813] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5813] memfd_create("syzkaller", 0) = 3 [pid 5811] <... mount resumed>) = 0 [pid 5813] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5811] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5813] <... mmap resumed>) = 0x7f12a0a40000 [pid 5811] <... openat resumed>) = 3 [pid 5811] chdir("./file1") = 0 [pid 5811] ioctl(4, LOOP_CLR_FD) = 0 [pid 5811] close(4) = 0 [pid 5811] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5811] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5811] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5811] exit_group(0) = ? [pid 5811] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5811, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./60/binderfs") = 0 [pid 5094] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5813] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./57/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./57/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./57/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./57") = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5092] mkdir("./58", 0777 [pid 5090] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... mkdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] lstat("./57/file1", [pid 5092] <... openat resumed>) = 3 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5090] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] close(3 [pid 5090] openat(AT_FDCWD, "./57/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... openat resumed>) = 4 [pid 5091] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] fstat(4, [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5814 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./57/file1" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./57/file1", [pid 5090] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5814 attached [pid 5091] umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] close(3 [pid 5814] chdir("./58" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... close resumed>) = 0 [pid 5090] rmdir("./57" [pid 5814] <... chdir resumed>) = 0 [pid 5814] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] openat(AT_FDCWD, "./57/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... rmdir resumed>) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5814] <... prctl resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] mkdir("./58", 0777 [pid 5814] setpgid(0, 0 [pid 5091] rmdir("./57/file1" [pid 5814] <... setpgid resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5814] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] getdents64(3, [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5814] <... openat resumed>) = 3 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5814] write(3, "1000", 4 [pid 5091] close(3 [pid 5090] <... openat resumed>) = 3 [pid 5814] <... write resumed>) = 4 [pid 5091] <... close resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5814] close(3 [pid 5091] rmdir("./57" [pid 5814] <... close resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5814] symlink("/dev/binderfs", "./binderfs" [pid 5091] mkdir("./58", 0777 [pid 5090] close(3 [pid 5814] <... symlink resumed>) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5814] memfd_create("syzkaller", 0 [pid 5813] <... write resumed>) = 4194304 [pid 5095] <... umount2 resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] <... close resumed>) = 0 [pid 5814] <... memfd_create resumed>) = 3 [pid 5813] munmap(0x7f12a0a40000, 4194304 [pid 5095] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5813] <... munmap resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5814] <... mmap resumed>) = 0x7f12a0a40000 [pid 5813] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5816 ./strace-static-x86_64: Process 5815 attached [pid 5815] chdir("./58") = 0 ./strace-static-x86_64: Process 5816 attached [pid 5815] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] lstat("./58/file1", [pid 5813] <... openat resumed>) = 4 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5815 [pid 5816] chdir("./58" [pid 5815] <... prctl resumed>) = 0 [pid 5813] ioctl(4, LOOP_SET_FD, 3 [pid 5095] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5816] <... chdir resumed>) = 0 [pid 5815] setpgid(0, 0 [pid 5816] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5815] <... setpgid resumed>) = 0 [pid 5816] <... prctl resumed>) = 0 [pid 5815] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5816] setpgid(0, 0 [pid 5815] <... openat resumed>) = 3 [pid 5816] <... setpgid resumed>) = 0 [pid 5815] write(3, "1000", 4 [pid 5816] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5815] <... write resumed>) = 4 [pid 5816] <... openat resumed>) = 3 [pid 5815] close(3 [pid 5816] write(3, "1000", 4 [pid 5815] <... close resumed>) = 0 [pid 5813] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5816] <... write resumed>) = 4 [pid 5815] symlink("/dev/binderfs", "./binderfs" [pid 5095] openat(AT_FDCWD, "./58/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5813] close(3 [pid 5816] close(3 [pid 5815] <... symlink resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5816] <... close resumed>) = 0 [pid 5815] memfd_create("syzkaller", 0 [pid 5813] <... close resumed>) = 0 [pid 5095] fstat(4, [pid 5816] symlink("/dev/binderfs", "./binderfs" [pid 5815] <... memfd_create resumed>) = 3 [pid 5813] mkdir("./file1", 0777 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5816] <... symlink resumed>) = 0 [pid 5815] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5813] <... mkdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5095] getdents64(4, [pid 5816] memfd_create("syzkaller", 0 [pid 5815] <... mmap resumed>) = 0x7f12a0a40000 [pid 5813] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5816] <... memfd_create resumed>) = 3 [pid 5814] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 171.374082][ T5813] loop3: detected capacity change from 0 to 8192 [pid 5816] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] getdents64(4, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] lstat("./60/file1", [pid 5095] close(4 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./58/file1" [pid 5094] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... rmdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] getdents64(3, [pid 5094] openat(AT_FDCWD, "./60/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5095] close(3 [pid 5094] fstat(4, [pid 5095] <... close resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] rmdir("./58" [pid 5094] getdents64(4, [pid 5095] <... rmdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] mkdir("./59", 0777 [pid 5094] getdents64(4, [pid 5095] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5094] close(4 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] <... close resumed>) = 0 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] rmdir("./60/file1" [pid 5095] close(3 [pid 5094] <... rmdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5818 [pid 5094] close(3) = 0 [pid 5094] rmdir("./60") = 0 [pid 5094] mkdir("./61", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5819 ./strace-static-x86_64: Process 5818 attached [pid 5818] chdir("./59") = 0 ./strace-static-x86_64: Process 5819 attached [pid 5818] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5816] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5818] <... prctl resumed>) = 0 [pid 5818] setpgid(0, 0) = 0 [pid 5818] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5819] chdir("./61" [ 171.447666][ T5813] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5818] write(3, "1000", 4 [pid 5819] <... chdir resumed>) = 0 [pid 5818] <... write resumed>) = 4 [pid 5819] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5819] setpgid(0, 0) = 0 [pid 5819] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5818] close(3 [pid 5819] <... openat resumed>) = 3 [pid 5818] <... close resumed>) = 0 [pid 5816] <... write resumed>) = 4194304 [pid 5819] write(3, "1000", 4) = 4 [pid 5818] symlink("/dev/binderfs", "./binderfs" [pid 5819] close(3) = 0 [pid 5819] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5819] memfd_create("syzkaller", 0 [pid 5818] <... symlink resumed>) = 0 [pid 5819] <... memfd_create resumed>) = 3 [pid 5818] memfd_create("syzkaller", 0 [pid 5819] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5818] <... memfd_create resumed>) = 3 [pid 5819] <... mmap resumed>) = 0x7f12a0a40000 [pid 5818] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5816] munmap(0x7f12a0a40000, 4194304 [pid 5818] <... mmap resumed>) = 0x7f12a0a40000 [pid 5816] <... munmap resumed>) = 0 [pid 5816] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5816] ioctl(4, LOOP_SET_FD, 3 [pid 5815] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5814] <... write resumed>) = 4194304 [ 171.531435][ T5813] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 171.565011][ T5816] loop1: detected capacity change from 0 to 8192 [pid 5814] munmap(0x7f12a0a40000, 4194304 [pid 5816] <... ioctl resumed>) = 0 [pid 5815] <... write resumed>) = 4194304 [pid 5814] <... munmap resumed>) = 0 [pid 5814] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5816] close(3 [pid 5814] <... openat resumed>) = 4 [pid 5816] <... close resumed>) = 0 [pid 5815] munmap(0x7f12a0a40000, 4194304 [pid 5814] ioctl(4, LOOP_SET_FD, 3 [pid 5816] mkdir("./file1", 0777 [pid 5815] <... munmap resumed>) = 0 [pid 5816] <... mkdir resumed>) = 0 [pid 5815] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5818] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5816] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5815] <... openat resumed>) = 4 [pid 5815] ioctl(4, LOOP_SET_FD, 3 [pid 5814] <... ioctl resumed>) = 0 [pid 5814] close(3) = 0 [pid 5814] mkdir("./file1", 0777) = 0 [ 171.602482][ T5813] REISERFS (device loop3): using ordered data mode [ 171.624820][ T5814] loop2: detected capacity change from 0 to 8192 [ 171.633342][ T5813] reiserfs: using flush barriers [ 171.643646][ T5815] loop0: detected capacity change from 0 to 8192 [pid 5814] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5815] <... ioctl resumed>) = 0 [pid 5819] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5815] close(3) = 0 [pid 5815] mkdir("./file1", 0777) = 0 [ 171.651492][ T5816] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 171.666962][ T5814] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5815] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5819] <... write resumed>) = 4194304 [pid 5819] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5819] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 171.696350][ T5813] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 171.718186][ T5816] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 171.719577][ T5815] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 171.741514][ T5815] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 171.751432][ T5815] REISERFS (device loop0): using ordered data mode [ 171.751924][ T5819] loop4: detected capacity change from 0 to 8192 [ 171.758444][ T5815] reiserfs: using flush barriers [ 171.765661][ T5814] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 171.776408][ T5815] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 171.779372][ T5814] REISERFS (device loop2): using ordered data mode [pid 5819] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5818] <... write resumed>) = 4194304 [pid 5819] close(3 [pid 5818] munmap(0x7f12a0a40000, 4194304 [pid 5819] <... close resumed>) = 0 [pid 5819] mkdir("./file1", 0777 [pid 5818] <... munmap resumed>) = 0 [pid 5818] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5819] <... mkdir resumed>) = 0 [ 171.801290][ T5813] REISERFS (device loop3): checking transaction log (loop3) [ 171.802398][ T5814] reiserfs: using flush barriers [ 171.815325][ T5814] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 171.815725][ T5816] REISERFS (device loop1): using ordered data mode [ 171.835909][ T5814] REISERFS (device loop2): checking transaction log (loop2) [ 171.838097][ T5816] reiserfs: using flush barriers [pid 5819] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5818] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5818] close(3) = 0 [pid 5818] mkdir("./file1", 0777) = 0 [ 171.854597][ T5815] REISERFS (device loop0): checking transaction log (loop0) [ 171.862323][ T5818] loop5: detected capacity change from 0 to 8192 [ 171.862861][ T5816] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 171.889425][ T5816] REISERFS (device loop1): checking transaction log (loop1) [ 171.900615][ T5819] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 171.914307][ T5818] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 171.950874][ T5819] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 171.960897][ T5819] REISERFS (device loop4): using ordered data mode [ 171.968332][ T5819] reiserfs: using flush barriers [ 171.975189][ T5818] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 171.982709][ T5819] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 171.984939][ T5818] REISERFS (device loop5): using ordered data mode [ 172.008636][ T5818] reiserfs: using flush barriers [ 172.016168][ T5818] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 172.062095][ T5818] REISERFS (device loop5): checking transaction log (loop5) [ 172.112662][ T5819] REISERFS (device loop4): checking transaction log (loop4) [ 172.150216][ T5816] REISERFS (device loop1): Using r5 hash to sort names [pid 5818] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5816] <... mount resumed>) = 0 [pid 5816] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5816] chdir("./file1") = 0 [pid 5816] ioctl(4, LOOP_CLR_FD) = 0 [ 172.187889][ T5816] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 172.193249][ T5814] REISERFS (device loop2): Using r5 hash to sort names [pid 5816] close(4) = 0 [pid 5816] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5816] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5816] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5816] exit_group(0) = ? [pid 5816] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5816, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5091] umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./58/binderfs") = 0 [ 172.244909][ T5814] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 172.265876][ T5813] REISERFS (device loop3): Using r5 hash to sort names [ 172.267498][ T5815] REISERFS (device loop0): Using r5 hash to sort names [pid 5091] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5814] <... mount resumed>) = 0 [pid 5814] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5814] chdir("./file1") = 0 [pid 5814] ioctl(4, LOOP_CLR_FD) = 0 [pid 5814] close(4) = 0 [pid 5814] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5814] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5814] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5814] exit_group(0) = ? [pid 5814] +++ exited with 0 +++ [pid 5813] <... mount resumed>) = 0 [pid 5813] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5814, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5813] <... openat resumed>) = 3 [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5813] chdir("./file1" [pid 5092] <... restart_syscall resumed>) = 0 [pid 5813] <... chdir resumed>) = 0 [pid 5813] ioctl(4, LOOP_CLR_FD) = 0 [pid 5092] umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5813] close(4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5813] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5813] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... openat resumed>) = 3 [pid 5813] <... openat resumed>) = 4 [ 172.297153][ T5813] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 172.323353][ T5815] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] fstat(3, [pid 5813] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5813] <... mmap resumed>) = 0x20000000 [pid 5092] getdents64(3, [pid 5813] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5815] <... mount resumed>) = 0 [pid 5813] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5815] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5813] exit_group(0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5815] <... openat resumed>) = 3 [pid 5813] <... exit_group resumed>) = ? [pid 5092] lstat("./58/binderfs", [pid 5815] chdir("./file1" [pid 5813] +++ exited with 0 +++ [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5815] <... chdir resumed>) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5813, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5092] unlink("./58/binderfs" [pid 5815] ioctl(4, LOOP_CLR_FD [pid 5092] <... unlink resumed>) = 0 [pid 5815] <... ioctl resumed>) = 0 [pid 5092] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5815] close(4 [pid 5093] umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5815] <... close resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5815] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5815] <... openat resumed>) = 4 [pid 5093] <... openat resumed>) = 3 [pid 5815] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] fstat(3, [pid 5815] <... mmap resumed>) = 0x20000000 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5815] ioctl(4, FS_IOC_GETVERSION [pid 5093] getdents64(3, [pid 5815] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5815] exit_group(0 [pid 5093] umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5815] <... exit_group resumed>) = ? [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5815] +++ exited with 0 +++ [pid 5093] lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5815, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5093] unlink("./59/binderfs" [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5093] <... unlink resumed>) = 0 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5093] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 172.430000][ T5818] REISERFS (device loop5): Using r5 hash to sort names [ 172.444386][ T5819] REISERFS (device loop4): Using r5 hash to sort names [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./58/binderfs") = 0 [ 172.476540][ T5818] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5818] <... mount resumed>) = 0 [pid 5818] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5818] chdir("./file1") = 0 [pid 5818] ioctl(4, LOOP_CLR_FD) = 0 [pid 5818] close(4) = 0 [pid 5818] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5818] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5818] <... mmap resumed>) = 0x20000000 [ 172.518084][ T5819] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5819] <... mount resumed>) = 0 [pid 5818] ioctl(4, FS_IOC_GETVERSION [pid 5091] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5819] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5818] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5819] <... openat resumed>) = 3 [pid 5818] exit_group(0 [pid 5091] lstat("./58/file1", [pid 5819] chdir("./file1" [pid 5818] <... exit_group resumed>) = ? [pid 5819] <... chdir resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5819] ioctl(4, LOOP_CLR_FD [pid 5818] +++ exited with 0 +++ [pid 5091] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5819] <... ioctl resumed>) = 0 [pid 5819] close(4 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5818, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5819] <... close resumed>) = 0 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5091] openat(AT_FDCWD, "./58/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... restart_syscall resumed>) = 0 [pid 5819] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] <... openat resumed>) = 4 [pid 5090] <... umount2 resumed>) = 0 [pid 5819] <... openat resumed>) = 4 [pid 5819] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] fstat(4, [pid 5090] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5819] <... mmap resumed>) = 0x20000000 [pid 5095] umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5819] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = 0 [pid 5091] getdents64(4, [pid 5090] lstat("./58/file1", [pid 5819] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5819] exit_group(0 [pid 5095] <... openat resumed>) = 3 [pid 5092] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(4, [pid 5090] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5819] <... exit_group resumed>) = ? [pid 5095] fstat(3, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./58/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5819] +++ exited with 0 +++ [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] lstat("./58/file1", [pid 5091] close(4 [pid 5090] <... openat resumed>) = 4 [pid 5095] getdents64(3, [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5819, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] fstat(4, [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] rmdir("./58/file1" [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... rmdir resumed>) = 0 [pid 5090] getdents64(4, [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./58/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] getdents64(3, [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] lstat("./59/binderfs", [pid 5092] <... openat resumed>) = 4 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] getdents64(4, [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] fstat(4, [pid 5091] close(3 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] unlink("./59/binderfs" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] close(4 [pid 5095] <... unlink resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] getdents64(4, [pid 5091] rmdir("./58" [pid 5090] <... close resumed>) = 0 [pid 5095] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 3 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] rmdir("./58/file1" [pid 5094] fstat(3, [pid 5092] getdents64(4, [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] mkdir("./59", 0777 [pid 5090] getdents64(3, [pid 5094] getdents64(3, [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(4 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... mkdir resumed>) = 0 [pid 5090] close(3 [pid 5094] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] rmdir("./58/file1" [pid 5090] rmdir("./58" [pid 5094] lstat("./61/binderfs", [pid 5092] <... rmdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] <... rmdir resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] getdents64(3, [pid 5091] <... openat resumed>) = 3 [pid 5090] mkdir("./59", 0777 [pid 5094] unlink("./61/binderfs" [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... mkdir resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5092] close(3 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5094] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... close resumed>) = 0 [pid 5091] close(3 [pid 5092] rmdir("./58" [pid 5091] <... close resumed>) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./59", 0777 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5825 [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5826 ./strace-static-x86_64: Process 5826 attached [pid 5826] chdir("./59" [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5826] <... chdir resumed>) = 0 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] close(3 [pid 5826] <... prctl resumed>) = 0 [pid 5826] setpgid(0, 0 [pid 5090] <... close resumed>) = 0 [pid 5826] <... setpgid resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5825 attached ) = 3 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5827 [pid 5826] write(3, "1000", 4./strace-static-x86_64: Process 5827 attached ) = 4 [pid 5827] chdir("./59" [pid 5826] close(3 [pid 5825] chdir("./59" [pid 5827] <... chdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5827] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] symlink("/dev/binderfs", "./binderfs" [pid 5827] <... prctl resumed>) = 0 [pid 5826] <... symlink resumed>) = 0 [pid 5825] <... chdir resumed>) = 0 [pid 5827] setpgid(0, 0 [pid 5825] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5826] memfd_create("syzkaller", 0 [pid 5825] setpgid(0, 0 [pid 5827] <... setpgid resumed>) = 0 [pid 5826] <... memfd_create resumed>) = 3 [pid 5825] <... setpgid resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] <... openat resumed>) = 3 [pid 5826] <... mmap resumed>) = 0x7f12a0a40000 [pid 5825] <... openat resumed>) = 3 [pid 5827] write(3, "1000", 4 [pid 5825] write(3, "1000", 4 [pid 5827] <... write resumed>) = 4 [pid 5825] <... write resumed>) = 4 [pid 5093] <... umount2 resumed>) = 0 [pid 5827] close(3 [pid 5825] close(3 [pid 5827] <... close resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5825] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5825] memfd_create("syzkaller", 0) = 3 [pid 5825] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5827] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5093] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5827] memfd_create("syzkaller", 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... memfd_create resumed>) = 3 [pid 5827] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] lstat("./59/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./59/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./59/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./59") = 0 [pid 5093] mkdir("./60", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5828 ./strace-static-x86_64: Process 5828 attached [pid 5828] chdir("./60") = 0 [pid 5828] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] setpgid(0, 0) = 0 [pid 5828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5828] write(3, "1000", 4) = 4 [pid 5828] close(3) = 0 [pid 5828] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5828] memfd_create("syzkaller", 0) = 3 [pid 5828] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5826] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5825] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5827] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./59/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./59/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./59/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./59") = 0 [pid 5095] mkdir("./60", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5829 ./strace-static-x86_64: Process 5829 attached [pid 5829] chdir("./60" [pid 5828] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5829] <... chdir resumed>) = 0 [pid 5829] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] <... write resumed>) = 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5829] <... prctl resumed>) = 0 [pid 5827] <... write resumed>) = 4194304 [pid 5826] munmap(0x7f12a0a40000, 4194304 [pid 5094] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5829] setpgid(0, 0 [pid 5827] munmap(0x7f12a0a40000, 4194304 [pid 5826] <... munmap resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... setpgid resumed>) = 0 [pid 5827] <... munmap resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] lstat("./61/file1", [pid 5829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] <... openat resumed>) = 4 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5827] <... openat resumed>) = 4 [pid 5826] ioctl(4, LOOP_SET_FD, 3 [pid 5094] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5829] write(3, "1000", 4 [pid 5827] ioctl(4, LOOP_SET_FD, 3 [pid 5829] <... write resumed>) = 4 [pid 5829] close(3) = 0 [pid 5829] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5829] memfd_create("syzkaller", 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] <... memfd_create resumed>) = 3 [pid 5829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5827] <... ioctl resumed>) = 0 [pid 5826] <... ioctl resumed>) = 0 [pid 5825] <... write resumed>) = 4194304 [pid 5094] openat(AT_FDCWD, "./61/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] close(3 [pid 5826] close(3 [pid 5825] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... openat resumed>) = 4 [pid 5827] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5825] <... munmap resumed>) = 0 [pid 5094] fstat(4, [pid 5827] mkdir("./file1", 0777 [pid 5826] mkdir("./file1", 0777 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5094] getdents64(4, [pid 5827] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5826] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5825] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5825] <... ioctl resumed>) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./61/file1") = 0 [ 173.076593][ T5826] loop2: detected capacity change from 0 to 8192 [ 173.083716][ T5827] loop0: detected capacity change from 0 to 8192 [ 173.101629][ T5825] loop1: detected capacity change from 0 to 8192 [ 173.113286][ T5826] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./61") = 0 [pid 5094] mkdir("./62", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] close(3 [pid 5094] <... openat resumed>) = 3 [pid 5825] <... close resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5825] mkdir("./file1", 0777 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] <... mkdir resumed>) = 0 [pid 5094] close(3 [pid 5825] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5833 [ 173.126467][ T5827] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 173.156841][ T5827] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5829] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5828] <... write resumed>) = 4194304 ./strace-static-x86_64: Process 5833 attached [pid 5833] chdir("./62" [pid 5828] munmap(0x7f12a0a40000, 4194304 [pid 5833] <... chdir resumed>) = 0 [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5833] setpgid(0, 0) = 0 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5833] write(3, "1000", 4) = 4 [pid 5833] close(3) = 0 [pid 5829] <... write resumed>) = 4194304 [ 173.159753][ T5826] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 173.180053][ T5827] REISERFS (device loop0): using ordered data mode [ 173.186996][ T5827] reiserfs: using flush barriers [ 173.187090][ T5825] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 173.205549][ T5827] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5828] <... munmap resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5828] ioctl(4, LOOP_SET_FD, 3 [pid 5833] symlink("/dev/binderfs", "./binderfs" [pid 5829] munmap(0x7f12a0a40000, 4194304 [pid 5833] <... symlink resumed>) = 0 [pid 5829] <... munmap resumed>) = 0 [pid 5828] <... ioctl resumed>) = 0 [pid 5828] close(3) = 0 [pid 5828] mkdir("./file1", 0777) = 0 [pid 5828] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5833] memfd_create("syzkaller", 0 [pid 5829] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5833] <... memfd_create resumed>) = 3 [pid 5829] <... openat resumed>) = 4 [ 173.230022][ T5826] REISERFS (device loop2): using ordered data mode [ 173.235674][ T5828] loop3: detected capacity change from 0 to 8192 [ 173.237435][ T5826] reiserfs: using flush barriers [ 173.245350][ T5827] REISERFS (device loop0): checking transaction log (loop0) [ 173.251268][ T5825] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5829] ioctl(4, LOOP_SET_FD, 3 [pid 5833] <... mmap resumed>) = 0x7f12a0a40000 [pid 5829] <... ioctl resumed>) = 0 [ 173.266062][ T5826] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 173.267392][ T5828] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 173.288540][ T5826] REISERFS (device loop2): checking transaction log (loop2) [ 173.304280][ T5829] loop5: detected capacity change from 0 to 8192 [ 173.311499][ T5825] REISERFS (device loop1): using ordered data mode [ 173.318064][ T5825] reiserfs: using flush barriers [pid 5829] close(3) = 0 [ 173.324815][ T5828] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 173.325255][ T5825] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 173.334258][ T5828] REISERFS (device loop3): using ordered data mode [ 173.356889][ T5828] reiserfs: using flush barriers [pid 5829] mkdir("./file1", 0777 [pid 5833] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5829] <... mkdir resumed>) = 0 [pid 5829] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 173.368417][ T5828] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 173.388982][ T5825] REISERFS (device loop1): checking transaction log (loop1) [ 173.414221][ T5829] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5833] <... write resumed>) = 4194304 [pid 5833] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5833] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5833] ioctl(4, LOOP_SET_FD, 3) = 0 [ 173.438107][ T5828] REISERFS (device loop3): checking transaction log (loop3) [ 173.466492][ T5833] loop4: detected capacity change from 0 to 8192 [pid 5833] close(3) = 0 [pid 5833] mkdir("./file1", 0777) = 0 [ 173.480230][ T5829] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 173.506522][ T5833] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 173.511574][ T5829] REISERFS (device loop5): using ordered data mode [ 173.526152][ T5829] reiserfs: using flush barriers [ 173.532780][ T5833] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 173.541916][ T5829] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 173.544044][ T5829] REISERFS (device loop5): checking transaction log (loop5) [ 173.558514][ T5833] REISERFS (device loop4): using ordered data mode [ 173.572551][ T5833] reiserfs: using flush barriers [pid 5833] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5828] <... mount resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 173.583377][ T5833] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 173.613244][ T5833] REISERFS (device loop4): checking transaction log (loop4) [ 173.621328][ T5828] REISERFS (device loop3): Using r5 hash to sort names [ 173.628700][ T5828] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5828] chdir("./file1") = 0 [pid 5828] ioctl(4, LOOP_CLR_FD) = 0 [pid 5828] close(4) = 0 [pid 5828] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5826] <... mount resumed>) = 0 [pid 5828] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5826] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 173.664465][ T5826] REISERFS (device loop2): Using r5 hash to sort names [ 173.681553][ T5826] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5828] <... mmap resumed>) = 0x20000000 [pid 5826] <... openat resumed>) = 3 [pid 5828] ioctl(4, FS_IOC_GETVERSION [pid 5826] chdir("./file1" [pid 5828] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5826] <... chdir resumed>) = 0 [pid 5828] exit_group(0 [pid 5826] ioctl(4, LOOP_CLR_FD [pid 5828] <... exit_group resumed>) = ? [pid 5826] <... ioctl resumed>) = 0 [pid 5828] +++ exited with 0 +++ [pid 5826] close(4) = 0 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5828, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5826] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5826] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5826] <... mmap resumed>) = 0x20000000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] ioctl(4, FS_IOC_GETVERSION [pid 5093] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... openat resumed>) = 3 [pid 5826] exit_group(0 [pid 5093] fstat(3, [pid 5826] <... exit_group resumed>) = ? [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5826] +++ exited with 0 +++ [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5826, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5093] umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... restart_syscall resumed>) = 0 [pid 5093] lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./60/binderfs" [pid 5092] umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 173.789458][ T5827] REISERFS (device loop0): Using r5 hash to sort names [ 173.825578][ T5827] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... unlink resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./59/binderfs") = 0 [pid 5092] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5827] <... mount resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 173.836530][ T5825] REISERFS (device loop1): Using r5 hash to sort names [ 173.856776][ T5833] REISERFS (device loop4): Using r5 hash to sort names [ 173.867727][ T5825] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5827] chdir("./file1") = 0 [pid 5827] ioctl(4, LOOP_CLR_FD) = 0 [pid 5827] close(4) = 0 [pid 5827] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5827] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5827] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5827] exit_group(0) = ? [pid 5827] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5827, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5825] <... mount resumed>) = 0 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5825] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] <... restart_syscall resumed>) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5833] <... mount resumed>) = 0 [ 173.898164][ T5833] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 173.923093][ T5829] REISERFS (device loop5): Using r5 hash to sort names [pid 5825] chdir("./file1" [pid 5833] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5825] <... chdir resumed>) = 0 [pid 5090] umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5833] <... openat resumed>) = 3 [pid 5825] ioctl(4, LOOP_CLR_FD [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5833] chdir("./file1" [pid 5825] <... ioctl resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5833] <... chdir resumed>) = 0 [pid 5825] close(4 [pid 5833] ioctl(4, LOOP_CLR_FD [pid 5829] <... mount resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5833] <... ioctl resumed>) = 0 [pid 5829] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5825] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] fstat(3, [pid 5833] close(4 [pid 5829] <... openat resumed>) = 3 [pid 5825] <... openat resumed>) = 4 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5833] <... close resumed>) = 0 [pid 5829] chdir("./file1" [ 173.940245][ T5829] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5825] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] getdents64(3, [pid 5833] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5829] <... chdir resumed>) = 0 [pid 5825] <... mmap resumed>) = 0x20000000 [pid 5833] <... openat resumed>) = 4 [pid 5829] ioctl(4, LOOP_CLR_FD [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5825] ioctl(4, FS_IOC_GETVERSION [pid 5833] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5829] <... ioctl resumed>) = 0 [pid 5833] <... mmap resumed>) = 0x20000000 [pid 5825] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5829] close(4 [pid 5090] umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5833] ioctl(4, FS_IOC_GETVERSION [pid 5829] <... close resumed>) = 0 [pid 5825] exit_group(0 [pid 5092] <... umount2 resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5833] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5829] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5825] <... exit_group resumed>) = ? [pid 5092] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] lstat("./59/binderfs", [pid 5833] exit_group(0 [pid 5829] <... openat resumed>) = 4 [pid 5833] <... exit_group resumed>) = ? [pid 5829] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5825] +++ exited with 0 +++ [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5833] +++ exited with 0 +++ [pid 5829] <... mmap resumed>) = 0x20000000 [pid 5829] ioctl(4, FS_IOC_GETVERSION [pid 5092] lstat("./59/file1", [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5825, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} --- [pid 5090] unlink("./59/binderfs" [pid 5829] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5833, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5829] exit_group(0 [pid 5094] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... restart_syscall resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5829] <... exit_group resumed>) = ? [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5829] +++ exited with 0 +++ [pid 5094] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5829, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5094] <... openat resumed>) = 3 [pid 5092] openat(AT_FDCWD, "./59/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] lstat("./62/binderfs", [pid 5095] <... openat resumed>) = 3 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] fstat(3, [pid 5094] unlink("./62/binderfs" [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5095] getdents64(3, [pid 5094] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... openat resumed>) = 4 [pid 5091] umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] fstat(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] unlink("./60/binderfs") = 0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5091] <... openat resumed>) = 3 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] fstat(3, [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] close(4 [pid 5091] getdents64(3, [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./59/file1" [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] lstat("./59/binderfs", [pid 5092] close(3) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] rmdir("./59" [pid 5091] unlink("./59/binderfs" [pid 5092] <... rmdir resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5092] mkdir("./60", 0777 [pid 5091] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5837 attached , child_tidptr=0x555556fb25d0) = 5837 [pid 5837] chdir("./60") = 0 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5837] setpgid(0, 0) = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5837] write(3, "1000", 4) = 4 [pid 5837] close(3) = 0 [pid 5837] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5837] memfd_create("syzkaller", 0) = 3 [pid 5837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./60/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./60/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./60/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./60") = 0 [pid 5093] mkdir("./61", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5838 ./strace-static-x86_64: Process 5838 attached [pid 5838] chdir("./61") = 0 [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5838] setpgid(0, 0) = 0 [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5838] write(3, "1000", 4) = 4 [pid 5838] close(3) = 0 [pid 5838] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5838] memfd_create("syzkaller", 0) = 3 [pid 5837] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] lstat("./59/file1", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./62/file1", [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./62/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] openat(AT_FDCWD, "./59/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5095] <... umount2 resumed>) = 0 [pid 5094] getdents64(4, [pid 5090] fstat(4, [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./60/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./60/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] getdents64(4, [pid 5094] close(4) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] rmdir("./62/file1" [pid 5090] getdents64(4, [pid 5094] <... rmdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] getdents64(3, [pid 5090] close(4 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3 [pid 5090] <... close resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5090] rmdir("./59/file1" [pid 5094] rmdir("./62" [pid 5090] <... rmdir resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, [pid 5094] mkdir("./63", 0777 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] getdents64(4, [pid 5094] <... mkdir resumed>) = 0 [pid 5090] close(3 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5095] getdents64(4, [pid 5094] <... openat resumed>) = 3 [pid 5090] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5090] rmdir("./59" [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] close(4 [pid 5090] <... rmdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] close(3 [pid 5095] rmdir("./60/file1" [pid 5094] <... close resumed>) = 0 [pid 5090] mkdir("./60", 0777 [pid 5095] <... rmdir resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] getdents64(3, [pid 5090] <... mkdir resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] close(3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5839 ./strace-static-x86_64: Process 5839 attached [pid 5095] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5095] rmdir("./60" [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5839] chdir("./63" [pid 5838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... rmdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5839] <... chdir resumed>) = 0 [pid 5095] mkdir("./61", 0777 [pid 5090] close(3 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... mkdir resumed>) = 0 [pid 5839] <... prctl resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... close resumed>) = 0 [pid 5839] setpgid(0, 0 [pid 5095] <... openat resumed>) = 3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] <... setpgid resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] close(3 [pid 5091] lstat("./59/file1", [pid 5839] <... openat resumed>) = 3 [pid 5095] <... close resumed>) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5840 [pid 5839] write(3, "1000", 4 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5839] <... write resumed>) = 4 [pid 5091] umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5840 attached [pid 5839] close(3 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5841 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5840] chdir("./60" [pid 5839] <... close resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./59/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5840] <... chdir resumed>) = 0 [pid 5839] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5841 attached [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5839] <... symlink resumed>) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5841] chdir("./61" [pid 5840] <... prctl resumed>) = 0 [pid 5839] memfd_create("syzkaller", 0 [pid 5091] fstat(4, [pid 5841] <... chdir resumed>) = 0 [pid 5840] setpgid(0, 0 [pid 5839] <... memfd_create resumed>) = 3 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5840] <... setpgid resumed>) = 0 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] getdents64(4, [pid 5841] <... prctl resumed>) = 0 [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5839] <... mmap resumed>) = 0x7f12a0a40000 [pid 5841] setpgid(0, 0 [pid 5840] <... openat resumed>) = 3 [pid 5837] <... write resumed>) = 4194304 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5841] <... setpgid resumed>) = 0 [pid 5840] write(3, "1000", 4 [pid 5091] getdents64(4, [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5840] <... write resumed>) = 4 [pid 5837] munmap(0x7f12a0a40000, 4194304 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5841] <... openat resumed>) = 3 [pid 5840] close(3 [pid 5091] close(4 [pid 5841] write(3, "1000", 4 [pid 5840] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5841] <... write resumed>) = 4 [pid 5840] symlink("/dev/binderfs", "./binderfs" [pid 5091] rmdir("./59/file1" [pid 5841] close(3 [pid 5840] <... symlink resumed>) = 0 [pid 5837] <... munmap resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5840] memfd_create("syzkaller", 0 [pid 5837] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] <... rmdir resumed>) = 0 [pid 5841] symlink("/dev/binderfs", "./binderfs" [pid 5840] <... memfd_create resumed>) = 3 [pid 5837] <... openat resumed>) = 4 [pid 5091] getdents64(3, [pid 5841] <... symlink resumed>) = 0 [pid 5840] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5837] ioctl(4, LOOP_SET_FD, 3 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5841] memfd_create("syzkaller", 0 [pid 5840] <... mmap resumed>) = 0x7f12a0a40000 [pid 5841] <... memfd_create resumed>) = 3 [pid 5837] <... ioctl resumed>) = 0 [pid 5091] close(3 [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5837] close(3 [pid 5091] <... close resumed>) = 0 [pid 5841] <... mmap resumed>) = 0x7f12a0a40000 [pid 5837] <... close resumed>) = 0 [pid 5091] rmdir("./59" [pid 5839] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5837] mkdir("./file1", 0777 [pid 5091] <... rmdir resumed>) = 0 [pid 5837] <... mkdir resumed>) = 0 [pid 5091] mkdir("./60", 0777 [pid 5837] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5091] <... mkdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 174.449401][ T5837] loop2: detected capacity change from 0 to 8192 [pid 5091] close(3 [pid 5838] <... write resumed>) = 4194304 [pid 5091] <... close resumed>) = 0 [pid 5838] munmap(0x7f12a0a40000, 4194304 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5838] <... munmap resumed>) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5843 [pid 5838] <... openat resumed>) = 4 [pid 5838] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5843 attached [pid 5843] chdir("./60") = 0 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5843] setpgid(0, 0) = 0 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5840] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5843] <... openat resumed>) = 3 [pid 5841] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5843] write(3, "1000", 4 [pid 5838] <... ioctl resumed>) = 0 [ 174.521976][ T5837] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 174.540289][ T5838] loop3: detected capacity change from 0 to 8192 [pid 5838] close(3 [pid 5843] <... write resumed>) = 4 [pid 5838] <... close resumed>) = 0 [pid 5843] close(3 [pid 5839] <... write resumed>) = 4194304 [pid 5838] mkdir("./file1", 0777) = 0 [pid 5838] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5843] <... close resumed>) = 0 [ 174.562813][ T5837] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 174.572914][ T5837] REISERFS (device loop2): using ordered data mode [ 174.580181][ T5837] reiserfs: using flush barriers [ 174.591558][ T5837] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5839] munmap(0x7f12a0a40000, 4194304 [pid 5843] symlink("/dev/binderfs", "./binderfs" [pid 5841] <... write resumed>) = 4194304 [pid 5839] <... munmap resumed>) = 0 [pid 5843] <... symlink resumed>) = 0 [pid 5841] munmap(0x7f12a0a40000, 4194304 [pid 5839] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5843] memfd_create("syzkaller", 0 [pid 5841] <... munmap resumed>) = 0 [pid 5839] <... openat resumed>) = 4 [pid 5843] <... memfd_create resumed>) = 3 [pid 5841] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5839] ioctl(4, LOOP_SET_FD, 3 [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5841] <... openat resumed>) = 4 [pid 5843] <... mmap resumed>) = 0x7f12a0a40000 [ 174.608795][ T5838] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 174.630559][ T5837] REISERFS (device loop2): checking transaction log (loop2) [ 174.641898][ T5839] loop4: detected capacity change from 0 to 8192 [ 174.652176][ T5841] loop5: detected capacity change from 0 to 8192 [pid 5841] ioctl(4, LOOP_SET_FD, 3 [pid 5839] <... ioctl resumed>) = 0 [pid 5841] <... ioctl resumed>) = 0 [pid 5839] close(3) = 0 [pid 5839] mkdir("./file1", 0777) = 0 [pid 5839] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5841] close(3) = 0 [pid 5841] mkdir("./file1", 0777 [pid 5840] <... write resumed>) = 4194304 [ 174.659109][ T5838] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5841] <... mkdir resumed>) = 0 [pid 5840] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5840] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5840] ioctl(4, LOOP_SET_FD, 3 [pid 5843] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 174.686764][ T5838] REISERFS (device loop3): using ordered data mode [ 174.693981][ T5838] reiserfs: using flush barriers [ 174.698067][ T5840] loop0: detected capacity change from 0 to 8192 [ 174.705630][ T5838] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 174.725905][ T5838] REISERFS (device loop3): checking transaction log (loop3) [pid 5841] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5840] <... ioctl resumed>) = 0 [pid 5840] close(3) = 0 [pid 5840] mkdir("./file1", 0777) = 0 [ 174.726731][ T5839] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 174.772573][ T5840] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 174.786214][ T5841] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 174.789795][ T5839] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 174.811987][ T5840] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 174.822200][ T5840] REISERFS (device loop0): using ordered data mode [ 174.829579][ T5840] reiserfs: using flush barriers [pid 5840] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5843] <... write resumed>) = 4194304 [pid 5843] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5843] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 174.831354][ T5841] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 174.836444][ T5840] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 174.863854][ T5840] REISERFS (device loop0): checking transaction log (loop0) [ 174.921789][ T5839] REISERFS (device loop4): using ordered data mode [ 174.925962][ T5843] loop1: detected capacity change from 0 to 8192 [ 174.928566][ T5839] reiserfs: using flush barriers [ 174.939928][ T5840] REISERFS (device loop0): Using r5 hash to sort names [ 174.940724][ T5841] REISERFS (device loop5): using ordered data mode [ 174.948269][ T5840] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 174.962560][ T5837] REISERFS (device loop2): Using r5 hash to sort names [pid 5843] ioctl(4, LOOP_SET_FD, 3 [pid 5840] <... mount resumed>) = 0 [pid 5840] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5840] chdir("./file1") = 0 [pid 5840] ioctl(4, LOOP_CLR_FD) = 0 [pid 5840] close(4) = 0 [pid 5840] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5840] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5840] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5840] exit_group(0) = ? [pid 5840] +++ exited with 0 +++ [pid 5843] <... ioctl resumed>) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5843] close(3) = 0 [pid 5843] mkdir("./file1", 0777) = 0 [pid 5090] umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5843] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] <... openat resumed>) = 3 [ 174.962871][ T5837] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 174.969533][ T5839] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./60/binderfs") = 0 [pid 5090] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5837] <... mount resumed>) = 0 [pid 5837] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5837] chdir("./file1") = 0 [pid 5837] ioctl(4, LOOP_CLR_FD) = 0 [pid 5837] close(4) = 0 [ 175.036766][ T5839] REISERFS (device loop4): checking transaction log (loop4) [ 175.038210][ T5843] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 175.049557][ T5841] reiserfs: using flush barriers [ 175.065373][ T5841] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5837] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5837] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 175.112979][ T5838] REISERFS (device loop3): Using r5 hash to sort names [ 175.130177][ T5843] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 175.140052][ T5843] REISERFS (device loop1): using ordered data mode [ 175.146722][ T5843] reiserfs: using flush barriers [ 175.153507][ T5841] REISERFS (device loop5): checking transaction log (loop5) [pid 5837] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5837] exit_group(0) = ? [pid 5837] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5837, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5092] umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5838] <... mount resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [ 175.160905][ T5843] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 175.191662][ T5838] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5838] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5838] chdir("./file1" [pid 5092] lstat("./60/binderfs", [pid 5838] <... chdir resumed>) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5838] ioctl(4, LOOP_CLR_FD [pid 5092] unlink("./60/binderfs" [pid 5838] <... ioctl resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5838] close(4 [pid 5092] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] <... close resumed>) = 0 [pid 5838] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5838] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5838] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5838] exit_group(0) = ? [pid 5838] +++ exited with 0 +++ [ 175.211497][ T5843] REISERFS (device loop1): checking transaction log (loop1) [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=16 /* 0.16 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./61/binderfs") = 0 [ 175.357192][ T5839] REISERFS (device loop4): Using r5 hash to sort names [ 175.371549][ T5841] REISERFS (device loop5): Using r5 hash to sort names [ 175.396154][ T5841] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5841] <... mount resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5841] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] lstat("./60/file1", [pid 5841] <... openat resumed>) = 3 [pid 5841] chdir("./file1" [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5841] <... chdir resumed>) = 0 [pid 5090] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5841] ioctl(4, LOOP_CLR_FD [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5841] <... ioctl resumed>) = 0 [ 175.397257][ T5839] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5090] openat(AT_FDCWD, "./60/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5841] close(4) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5841] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] fstat(4, [pid 5841] <... openat resumed>) = 4 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5841] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] getdents64(4, [pid 5841] <... mmap resumed>) = 0x20000000 [pid 5841] ioctl(4, FS_IOC_GETVERSION [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5841] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5841] exit_group(0 [pid 5090] getdents64(4, [pid 5841] <... exit_group resumed>) = ? [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5841] +++ exited with 0 +++ [pid 5090] close(4 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5841, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5090] <... close resumed>) = 0 [pid 5095] <... restart_syscall resumed>) = 0 [pid 5095] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] rmdir("./60/file1" [pid 5095] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5839] <... mount resumed>) = 0 [pid 5095] unlink("./61/binderfs" [pid 5090] <... rmdir resumed>) = 0 [pid 5839] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... unlink resumed>) = 0 [pid 5839] <... openat resumed>) = 3 [pid 5095] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5839] chdir("./file1" [pid 5090] getdents64(3, [pid 5839] <... chdir resumed>) = 0 [pid 5839] ioctl(4, LOOP_CLR_FD) = 0 [pid 5839] close(4) = 0 [pid 5839] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5839] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5839] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5839] exit_group(0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5839] <... exit_group resumed>) = ? [pid 5839] +++ exited with 0 +++ [pid 5090] close(3 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5839, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=24 /* 0.24 s */} --- [pid 5090] <... close resumed>) = 0 [pid 5090] rmdir("./60") = 0 [pid 5094] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] mkdir("./61", 0777 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] <... mkdir resumed>) = 0 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5094] getdents64(3, [pid 5843] <... mount resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] <... openat resumed>) = 3 [pid 5843] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5843] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5843] chdir("./file1" [pid 5094] lstat("./63/binderfs", [pid 5843] <... chdir resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5843] ioctl(4, LOOP_CLR_FD [pid 5094] unlink("./63/binderfs" [pid 5090] close(3 [pid 5843] <... ioctl resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [ 175.493464][ T5843] REISERFS (device loop1): Using r5 hash to sort names [ 175.518905][ T5843] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5094] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5843] close(4 [pid 5090] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5843] <... close resumed>) = 0 [pid 5843] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5849 [pid 5843] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5843] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5843] exit_group(0) = ? [pid 5843] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5843, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} --- [pid 5091] umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./60/binderfs") = 0 [pid 5091] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5849 attached [pid 5093] <... umount2 resumed>) = 0 [pid 5092] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./60/file1", [pid 5849] chdir("./61" [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5849] <... chdir resumed>) = 0 [pid 5092] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5849] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5849] <... prctl resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./60/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5849] setpgid(0, 0 [pid 5093] lstat("./61/file1", [pid 5849] <... setpgid resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] fstat(4, [pid 5849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5849] <... openat resumed>) = 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] getdents64(4, [pid 5849] write(3, "1000", 4 [pid 5093] openat(AT_FDCWD, "./61/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5849] <... write resumed>) = 4 [pid 5093] <... openat resumed>) = 4 [pid 5092] getdents64(4, [pid 5849] close(3 [pid 5093] fstat(4, [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5849] <... close resumed>) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] close(4 [pid 5849] symlink("/dev/binderfs", "./binderfs" [pid 5093] getdents64(4, [pid 5092] <... close resumed>) = 0 [pid 5849] <... symlink resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] rmdir("./60/file1") = 0 [pid 5092] getdents64(3, [pid 5849] memfd_create("syzkaller", 0 [pid 5093] getdents64(4, [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./60" [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5849] <... memfd_create resumed>) = 3 [pid 5092] <... rmdir resumed>) = 0 [pid 5093] close(4 [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] mkdir("./61", 0777 [pid 5849] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] <... close resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5850 ./strace-static-x86_64: Process 5850 attached [pid 5850] chdir("./61") = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5093] rmdir("./61/file1" [pid 5850] setpgid(0, 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./61" [pid 5850] <... setpgid resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] mkdir("./62", 0777 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5850] <... openat resumed>) = 3 [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5850] write(3, "1000", 4 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5850] <... write resumed>) = 4 [pid 5093] <... close resumed>) = 0 [pid 5850] close(3 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5850] <... close resumed>) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5850] memfd_create("syzkaller", 0 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5851 [pid 5850] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 5851 attached [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5851] chdir("./62") = 0 [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5851] setpgid(0, 0) = 0 [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5095] <... umount2 resumed>) = 0 [pid 5851] write(3, "1000", 4) = 4 [pid 5851] close(3) = 0 [pid 5851] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5851] memfd_create("syzkaller", 0) = 3 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./61/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./61/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5849] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./61/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./61") = 0 [pid 5095] mkdir("./62", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5852 ./strace-static-x86_64: Process 5852 attached [pid 5852] chdir("./62") = 0 [pid 5852] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5852] setpgid(0, 0) = 0 [pid 5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5850] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = 0 [pid 5852] write(3, "1000", 4 [pid 5091] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5852] <... write resumed>) = 4 [pid 5851] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5852] close(3) = 0 [pid 5091] lstat("./60/file1", [pid 5852] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5852] memfd_create("syzkaller", 0 [pid 5091] umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5852] <... memfd_create resumed>) = 3 [pid 5852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./60/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] <... umount2 resumed>) = 0 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, [pid 5094] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./60/file1") = 0 [pid 5091] getdents64(3, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] lstat("./63/file1", [pid 5091] close(3 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... close resumed>) = 0 [pid 5094] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] rmdir("./60" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./63/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... rmdir resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5091] mkdir("./61", 0777 [pid 5094] fstat(4, [pid 5849] <... write resumed>) = 4194304 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5849] munmap(0x7f12a0a40000, 4194304 [pid 5094] getdents64(4, [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5849] <... munmap resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5851] <... write resumed>) = 4194304 [pid 5849] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5094] getdents64(4, [pid 5091] <... openat resumed>) = 3 [pid 5851] munmap(0x7f12a0a40000, 4194304 [pid 5849] <... openat resumed>) = 4 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5851] <... munmap resumed>) = 0 [pid 5849] ioctl(4, LOOP_SET_FD, 3 [pid 5094] close(4 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5851] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./63/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3 [pid 5851] <... openat resumed>) = 4 [pid 5094] <... close resumed>) = 0 [pid 5091] close(3 [pid 5851] ioctl(4, LOOP_SET_FD, 3 [pid 5094] rmdir("./63") = 0 [pid 5091] <... close resumed>) = 0 [pid 5094] mkdir("./64", 0777 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... mkdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5853 [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5849] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5853 attached [pid 5849] close(3 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5854 [pid 5853] chdir("./61") = 0 [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5854 attached ) = 0 [pid 5854] chdir("./64" [pid 5853] setpgid(0, 0 [pid 5854] <... chdir resumed>) = 0 [pid 5853] <... setpgid resumed>) = 0 [pid 5849] <... close resumed>) = 0 [pid 5854] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5851] <... ioctl resumed>) = 0 [pid 5849] mkdir("./file1", 0777 [pid 5854] <... prctl resumed>) = 0 [pid 5853] <... openat resumed>) = 3 [pid 5852] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5851] close(3 [pid 5849] <... mkdir resumed>) = 0 [pid 5854] setpgid(0, 0 [pid 5853] write(3, "1000", 4 [pid 5851] <... close resumed>) = 0 [pid 5849] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5854] <... setpgid resumed>) = 0 [pid 5853] <... write resumed>) = 4 [pid 5851] mkdir("./file1", 0777 [pid 5854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5853] close(3 [pid 5854] <... openat resumed>) = 3 [pid 5853] <... close resumed>) = 0 [pid 5851] <... mkdir resumed>) = 0 [ 175.956563][ T5849] loop0: detected capacity change from 0 to 8192 [ 175.967708][ T5851] loop3: detected capacity change from 0 to 8192 [pid 5854] write(3, "1000", 4 [pid 5853] symlink("/dev/binderfs", "./binderfs" [pid 5851] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5854] <... write resumed>) = 4 [pid 5853] <... symlink resumed>) = 0 [pid 5854] close(3 [pid 5853] memfd_create("syzkaller", 0 [pid 5854] <... close resumed>) = 0 [pid 5853] <... memfd_create resumed>) = 3 [pid 5854] symlink("/dev/binderfs", "./binderfs" [pid 5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5850] <... write resumed>) = 4194304 [pid 5854] <... symlink resumed>) = 0 [pid 5853] <... mmap resumed>) = 0x7f12a0a40000 [pid 5850] munmap(0x7f12a0a40000, 4194304 [pid 5854] memfd_create("syzkaller", 0 [pid 5852] <... write resumed>) = 4194304 [pid 5850] <... munmap resumed>) = 0 [pid 5854] <... memfd_create resumed>) = 3 [ 176.023331][ T5851] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 176.036582][ T5849] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 176.059260][ T5851] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5852] munmap(0x7f12a0a40000, 4194304 [pid 5850] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5852] <... munmap resumed>) = 0 [pid 5850] <... openat resumed>) = 4 [pid 5852] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5850] ioctl(4, LOOP_SET_FD, 3 [pid 5852] <... openat resumed>) = 4 [pid 5852] ioctl(4, LOOP_SET_FD, 3 [pid 5850] <... ioctl resumed>) = 0 [ 176.069965][ T5851] REISERFS (device loop3): using ordered data mode [ 176.076901][ T5851] reiserfs: using flush barriers [ 176.084566][ T5849] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 176.084967][ T5851] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 176.093880][ T5849] REISERFS (device loop0): using ordered data mode [ 176.117170][ T5850] loop2: detected capacity change from 0 to 8192 [pid 5850] close(3 [pid 5852] <... ioctl resumed>) = 0 [pid 5850] <... close resumed>) = 0 [pid 5852] close(3 [pid 5850] mkdir("./file1", 0777 [pid 5852] <... close resumed>) = 0 [pid 5852] mkdir("./file1", 0777 [pid 5850] <... mkdir resumed>) = 0 [pid 5852] <... mkdir resumed>) = 0 [pid 5850] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 176.123963][ T5849] reiserfs: using flush barriers [ 176.129224][ T5852] loop5: detected capacity change from 0 to 8192 [ 176.137302][ T5849] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 176.137543][ T5851] REISERFS (device loop3): checking transaction log (loop3) [pid 5852] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5854] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 176.175879][ T5849] REISERFS (device loop0): checking transaction log (loop0) [ 176.183850][ T5850] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5853] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5854] <... write resumed>) = 4194304 [ 176.223063][ T5852] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 176.234152][ T5850] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 176.272156][ T5852] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 176.311695][ T5850] REISERFS (device loop2): using ordered data mode [pid 5854] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5854] ioctl(4, LOOP_SET_FD, 3 [pid 5849] <... mount resumed>) = 0 [pid 5849] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5854] <... ioctl resumed>) = 0 [pid 5849] <... openat resumed>) = 3 [pid 5854] close(3 [pid 5849] chdir("./file1" [pid 5854] <... close resumed>) = 0 [pid 5849] <... chdir resumed>) = 0 [pid 5854] mkdir("./file1", 0777 [pid 5849] ioctl(4, LOOP_CLR_FD [pid 5854] <... mkdir resumed>) = 0 [pid 5849] <... ioctl resumed>) = 0 [pid 5854] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5849] close(4) = 0 [ 176.318282][ T5850] reiserfs: using flush barriers [ 176.334000][ T5852] REISERFS (device loop5): using ordered data mode [ 176.340597][ T5852] reiserfs: using flush barriers [ 176.342544][ T5849] REISERFS (device loop0): Using r5 hash to sort names [ 176.348065][ T5854] loop4: detected capacity change from 0 to 8192 [ 176.352917][ T5849] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5849] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5849] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5849] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5849] exit_group(0) = ? [pid 5849] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5849, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [ 176.398870][ T5850] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 176.426143][ T5852] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 176.439153][ T5851] REISERFS (device loop3): Using r5 hash to sort names [pid 5853] <... write resumed>) = 4194304 [pid 5853] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5853] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5853] ioctl(4, LOOP_SET_FD, 3 [pid 5851] <... mount resumed>) = 0 [pid 5090] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5851] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5090] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5851] chdir("./file1") = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5851] ioctl(4, LOOP_CLR_FD [pid 5090] lstat("./61/binderfs", [pid 5851] <... ioctl resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5851] close(4 [pid 5090] unlink("./61/binderfs" [pid 5851] <... close resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5090] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 176.450295][ T5854] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 176.464586][ T5851] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 176.466599][ T5853] loop1: detected capacity change from 0 to 8192 [ 176.475006][ T5850] REISERFS (device loop2): checking transaction log (loop2) [pid 5851] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5851] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5853] <... ioctl resumed>) = 0 [ 176.512387][ T5852] REISERFS (device loop5): checking transaction log (loop5) [pid 5853] close(3) = 0 [pid 5853] mkdir("./file1", 0777) = 0 [ 176.553263][ T5851] [ 176.555664][ T5851] ====================================================== [ 176.562706][ T5851] WARNING: possible circular locking dependency detected [ 176.566764][ T5853] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 176.569728][ T5851] 6.2.0-rc6-next-20230203-syzkaller #0 Not tainted [ 176.569743][ T5851] ------------------------------------------------------ [ 176.569750][ T5851] syz-executor107/5851 is trying to acquire lock: [ 176.583538][ T5854] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 176.589158][ T5851] ffff88814a13d090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x79/0x100 [ 176.620820][ T5851] [ 176.620820][ T5851] but task is already holding lock: [ 176.628209][ T5851] ffff88801f989398 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x159/0x280 [ 176.637236][ T5851] [ 176.637236][ T5851] which lock already depends on the new lock. [ 176.637236][ T5851] [ 176.642710][ T5854] REISERFS (device loop4): using ordered data mode [ 176.647640][ T5851] [ 176.647640][ T5851] the existing dependency chain (in reverse order) is: [ 176.647649][ T5851] [ 176.647649][ T5851] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 176.647686][ T5851] __might_fault+0x10c/0x180 [ 176.675851][ T5851] reiserfs_ioctl+0x1d2/0x330 [ 176.681076][ T5851] __x64_sys_ioctl+0x197/0x210 [ 176.686390][ T5851] do_syscall_64+0x39/0xb0 [ 176.691351][ T5851] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 176.697793][ T5851] [ 176.697793][ T5851] -> #0 (&sbi->lock){+.+.}-{3:3}: [ 176.705037][ T5851] __lock_acquire+0x2f21/0x5df0 [ 176.710432][ T5851] lock_acquire.part.0+0x11c/0x370 [ 176.716082][ T5851] __mutex_lock+0x12f/0x1350 [ 176.721227][ T5851] reiserfs_write_lock+0x79/0x100 [ 176.726912][ T5851] reiserfs_dirty_inode+0xd2/0x260 [ 176.732572][ T5851] __mark_inode_dirty+0x247/0x1250 [ 176.738227][ T5851] touch_atime+0x687/0x740 [ 176.743205][ T5851] generic_file_mmap+0x119/0x150 [ 176.748692][ T5851] mmap_region+0x696/0x2690 [ 176.753794][ T5851] do_mmap+0x831/0xf60 [ 176.758408][ T5851] vm_mmap_pgoff+0x1af/0x280 [ 176.763538][ T5851] ksys_mmap_pgoff+0x41f/0x5a0 [ 176.768856][ T5851] do_syscall_64+0x39/0xb0 [ 176.773815][ T5851] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 176.780250][ T5851] [ 176.780250][ T5851] other info that might help us debug this: [ 176.780250][ T5851] [ 176.790485][ T5851] Possible unsafe locking scenario: [ 176.790485][ T5851] [ 176.797945][ T5851] CPU0 CPU1 [ 176.803318][ T5851] ---- ---- [ 176.808691][ T5851] lock(&mm->mmap_lock); [ 176.813035][ T5851] lock(&sbi->lock); [ 176.819557][ T5851] lock(&mm->mmap_lock); [ 176.827288][ T5851] lock(&sbi->lock); [ 176.831280][ T5851] [ 176.831280][ T5851] *** DEADLOCK *** [ 176.831280][ T5851] [ 176.839427][ T5851] 2 locks held by syz-executor107/5851: [ 176.844977][ T5851] #0: ffff88801f989398 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x159/0x280 [ 176.854442][ T5851] #1: ffff888076c00460 (sb_writers#9){.+.+}-{0:0}, at: generic_file_mmap+0x119/0x150 [ 176.864064][ T5851] [ 176.864064][ T5851] stack backtrace: [ 176.869957][ T5851] CPU: 1 PID: 5851 Comm: syz-executor107 Not tainted 6.2.0-rc6-next-20230203-syzkaller #0 [ 176.879868][ T5851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 176.889942][ T5851] Call Trace: [ 176.893227][ T5851] [ 176.896169][ T5851] dump_stack_lvl+0xd9/0x150 [ 176.900779][ T5851] check_noncircular+0x25f/0x2e0 [ 176.905791][ T5851] ? print_circular_bug+0x730/0x730 [ 176.911033][ T5851] ? save_trace+0x3f/0xb20 [ 176.915470][ T5851] ? _find_first_zero_bit+0x94/0xb0 [ 176.920716][ T5851] __lock_acquire+0x2f21/0x5df0 [ 176.925664][ T5851] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 176.931687][ T5851] ? print_circular_bug+0x730/0x730 [ 176.936913][ T5851] lock_acquire.part.0+0x11c/0x370 [ 176.942050][ T5851] ? reiserfs_write_lock+0x79/0x100 [ 176.947261][ T5851] ? lock_sync+0x190/0x190 [ 176.951698][ T5851] ? reiserfs_write_lock+0x79/0x100 [ 176.956939][ T5851] ? rcu_read_lock_sched_held+0x3e/0x70 [ 176.962519][ T5851] ? trace_lock_acquire+0x1f1/0x2b0 [ 176.967734][ T5851] ? reiserfs_write_lock+0x79/0x100 [ 176.972969][ T5851] ? lock_acquire+0x32/0xc0 [ 176.977521][ T5851] ? reiserfs_write_lock+0x79/0x100 [ 176.982758][ T5851] __mutex_lock+0x12f/0x1350 [ 176.987372][ T5851] ? reiserfs_write_lock+0x79/0x100 [ 176.992591][ T5851] ? print_usage_bug.part.0+0x660/0x660 [ 176.998179][ T5851] ? reiserfs_write_lock+0x79/0x100 [ 177.003421][ T5851] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 177.008996][ T5851] ? find_held_lock+0x2d/0x110 [ 177.013796][ T5851] ? current_time+0x79/0x2c0 [ 177.018455][ T5851] reiserfs_write_lock+0x79/0x100 [ 177.023512][ T5851] reiserfs_dirty_inode+0xd2/0x260 [ 177.028658][ T5851] ? reiserfs_unfreeze+0xa0/0xa0 [ 177.033636][ T5851] ? ktime_get_coarse_real_ts64+0x1bb/0x200 [ 177.039564][ T5851] ? ktime_get_coarse_real_ts64+0x15e/0x200 [ 177.045476][ T5851] ? lock_downgrade+0x690/0x690 [ 177.050376][ T5851] ? reiserfs_unfreeze+0xa0/0xa0 [ 177.055370][ T5851] __mark_inode_dirty+0x247/0x1250 [ 177.060524][ T5851] touch_atime+0x687/0x740 [ 177.064975][ T5851] ? atime_needs_update+0x720/0x720 [ 177.070229][ T5851] ? rcu_read_lock_sched_held+0x3e/0x70 [ 177.075828][ T5851] ? trace_kmem_cache_alloc+0xb1/0x110 [ 177.081336][ T5851] ? kmem_cache_alloc+0x1c5/0x320 [ 177.086393][ T5851] generic_file_mmap+0x119/0x150 [ 177.091371][ T5851] mmap_region+0x696/0x2690 [ 177.095929][ T5851] ? do_munmap+0xf0/0xf0 [ 177.100211][ T5851] ? security_mmap_addr+0x77/0xa0 [ 177.105268][ T5851] ? get_unmapped_area+0x1e8/0x3c0 [ 177.110432][ T5851] do_mmap+0x831/0xf60 [ 177.114542][ T5851] vm_mmap_pgoff+0x1af/0x280 [ 177.119146][ T5851] ? randomize_page+0xb0/0xb0 [ 177.123838][ T5851] ksys_mmap_pgoff+0x41f/0x5a0 [ 177.128653][ T5851] do_syscall_64+0x39/0xb0 [ 177.133112][ T5851] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 177.139046][ T5851] RIP: 0033:0x7f12a8e8da59 [ 177.143481][ T5851] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 177.163112][ T5851] RSP: 002b:00007ffd9f261818 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 177.171561][ T5851] RAX: ffffffffffffffda RBX: 000000000002a0bd RCX: 00007f12a8e8da59 [ 177.179549][ T5851] RDX: 0000000000800001 RSI: 0000000000b36000 RDI: 0000000020000000 [ 177.187536][ T5851] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000000 [ 177.195523][ T5851] R10: 0000000000028011 R11: 0000000000000246 R12: 00007ffd9f26184c [pid 5853] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5851] <... mmap resumed>) = 0x20000000 [pid 5851] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5851] exit_group(0) = ? [pid 5851] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5851, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./62/binderfs") = 0 [ 177.203516][ T5851] R13: 00007ffd9f261880 R14: 00007ffd9f261860 R15: 000000000000003e [ 177.211519][ T5851] [ 177.227624][ T5853] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 177.250517][ T5853] REISERFS (device loop1): using ordered data mode [ 177.268528][ T5854] reiserfs: using flush barriers [ 177.276779][ T5850] REISERFS (device loop2): Using r5 hash to sort names [ 177.285804][ T5852] REISERFS (device loop5): Using r5 hash to sort names [pid 5093] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./61/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5852] <... mount resumed>) = 0 [pid 5850] <... mount resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./61/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [ 177.293633][ T5854] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 177.310526][ T5853] reiserfs: using flush barriers [ 177.316072][ T5850] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 177.326585][ T5852] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 177.336019][ T5853] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5852] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5850] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] rmdir("./61/file1" [pid 5852] <... openat resumed>) = 3 [pid 5852] chdir("./file1" [pid 5090] <... rmdir resumed>) = 0 [pid 5852] <... chdir resumed>) = 0 [pid 5852] ioctl(4, LOOP_CLR_FD [pid 5090] getdents64(3, [pid 5852] <... ioctl resumed>) = 0 [pid 5850] <... openat resumed>) = 3 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5852] close(4 [pid 5850] chdir("./file1" [pid 5090] close(3 [pid 5852] <... close resumed>) = 0 [pid 5850] <... chdir resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5852] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5850] ioctl(4, LOOP_CLR_FD [pid 5090] rmdir("./61" [pid 5852] <... openat resumed>) = 4 [pid 5850] <... ioctl resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5852] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5850] close(4 [pid 5090] mkdir("./62", 0777 [pid 5852] <... mmap resumed>) = 0x20000000 [pid 5850] <... close resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5852] ioctl(4, FS_IOC_GETVERSION [pid 5850] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5852] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5850] <... openat resumed>) = 4 [pid 5090] <... openat resumed>) = 3 [pid 5852] exit_group(0 [pid 5850] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5852] <... exit_group resumed>) = ? [pid 5850] <... mmap resumed>) = 0x20000000 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] close(3 [pid 5852] +++ exited with 0 +++ [pid 5850] ioctl(4, FS_IOC_GETVERSION [pid 5090] <... close resumed>) = 0 [pid 5850] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5852, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5850] exit_group(0) = ? [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5861 [pid 5850] +++ exited with 0 +++ [pid 5095] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- ./strace-static-x86_64: Process 5861 attached [pid 5095] <... openat resumed>) = 3 [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5095] fstat(3, [pid 5092] <... restart_syscall resumed>) = 0 [pid 5861] chdir("./62" [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 177.353017][ T5854] REISERFS (device loop4): checking transaction log (loop4) [ 177.370398][ T5853] REISERFS (device loop1): checking transaction log (loop1) [pid 5861] <... chdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5861] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5861] setpgid(0, 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... umount2 resumed>) = 0 [pid 5092] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5861] <... setpgid resumed>) = 0 [pid 5861] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5095] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5861] write(3, "1000", 4 [pid 5093] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5861] <... write resumed>) = 4 [pid 5861] close(3) = 0 [pid 5861] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5861] memfd_create("syzkaller", 0) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5861] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] lstat("./62/binderfs", [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... openat resumed>) = 3 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./62/binderfs" [pid 5093] lstat("./62/file1", [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5093] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... unlink resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./62/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... openat resumed>) = 4 [pid 5092] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] fstat(4, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] lstat("./61/binderfs", [pid 5093] getdents64(4, [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] unlink("./61/binderfs" [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5093] close(4 [pid 5092] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... close resumed>) = 0 [pid 5093] rmdir("./62/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./62") = 0 [pid 5093] mkdir("./63", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5862 [pid 5861] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304./strace-static-x86_64: Process 5862 attached [pid 5862] chdir("./63") = 0 [pid 5862] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5862] setpgid(0, 0) = 0 [pid 5862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5862] write(3, "1000", 4) = 4 [pid 5862] close(3) = 0 [pid 5862] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5862] memfd_create("syzkaller", 0) = 3 [pid 5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 177.496905][ T5854] REISERFS (device loop4): Using r5 hash to sort names [ 177.530720][ T5854] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5861] <... write resumed>) = 4194304 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./62/file1", [pid 5861] munmap(0x7f12a0a40000, 4194304 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./62/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./62/file1" [pid 5092] <... umount2 resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./62" [pid 5092] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./61/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./61/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5861] <... munmap resumed>) = 0 [pid 5854] <... mount resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./61/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./61") = 0 [pid 5092] mkdir("./62", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3 [pid 5862] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5861] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5854] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5853] <... mount resumed>) = 0 [pid 5095] mkdir("./63", 0777 [pid 5092] <... close resumed>) = 0 [pid 5861] <... openat resumed>) = 4 [pid 5854] <... openat resumed>) = 3 [pid 5853] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... mkdir resumed>) = 0 [pid 5861] ioctl(4, LOOP_SET_FD, 3 [pid 5854] chdir("./file1" [pid 5853] <... openat resumed>) = 3 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5854] <... chdir resumed>) = 0 [pid 5853] chdir("./file1" [pid 5095] <... openat resumed>) = 3 [pid 5854] ioctl(4, LOOP_CLR_FD [pid 5853] <... chdir resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5854] <... ioctl resumed>) = 0 [pid 5853] ioctl(4, LOOP_CLR_FD [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5854] close(4 [pid 5853] <... ioctl resumed>) = 0 [pid 5095] close(3 [pid 5854] <... close resumed>) = 0 [pid 5853] close(4 [pid 5095] <... close resumed>) = 0 [pid 5861] <... ioctl resumed>) = 0 [pid 5854] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5853] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5861] close(3 [pid 5854] <... openat resumed>) = 4 [pid 5861] <... close resumed>) = 0 [pid 5861] mkdir("./file1", 0777 [pid 5853] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5861] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5863 attached [pid 5863] chdir("./62") = 0 [pid 5853] <... openat resumed>) = 4 [pid 5861] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5854] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5864 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5863 [pid 5853] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5854] <... mmap resumed>) = 0x20000000 [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5863] setpgid(0, 0) = 0 [pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5853] <... mmap resumed>) = 0x20000000 [pid 5853] ioctl(4, FS_IOC_GETVERSION [pid 5854] ioctl(4, FS_IOC_GETVERSION./strace-static-x86_64: Process 5864 attached [pid 5853] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5854] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5863] <... openat resumed>) = 3 [pid 5863] write(3, "1000", 4 [pid 5854] exit_group(0 [pid 5853] exit_group(0 [pid 5863] <... write resumed>) = 4 [pid 5863] close(3 [pid 5864] chdir("./63" [pid 5863] <... close resumed>) = 0 [ 177.575074][ T5853] REISERFS (device loop1): Using r5 hash to sort names [ 177.594732][ T5853] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 177.614789][ T5861] loop0: detected capacity change from 0 to 8192 [pid 5863] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... chdir resumed>) = 0 [pid 5862] <... write resumed>) = 4194304 [pid 5854] <... exit_group resumed>) = ? [pid 5853] <... exit_group resumed>) = ? [pid 5864] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5863] <... symlink resumed>) = 0 [pid 5862] munmap(0x7f12a0a40000, 4194304 [pid 5854] +++ exited with 0 +++ [pid 5853] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5853, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5854, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5094] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] getdents64(3, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [pid 5864] <... prctl resumed>) = 0 [pid 5863] memfd_create("syzkaller", 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] fstat(3, [pid 5863] <... memfd_create resumed>) = 3 [pid 5862] <... munmap resumed>) = 0 [pid 5863] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5862] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5863] <... mmap resumed>) = 0x7f12a0a40000 [pid 5862] <... openat resumed>) = 4 [pid 5094] lstat("./64/binderfs", [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5864] setpgid(0, 0 [ 177.657486][ T5861] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 177.671231][ T5861] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 177.682980][ T5861] REISERFS (device loop0): using ordered data mode [ 177.689848][ T5861] reiserfs: using flush barriers [ 177.691799][ T5862] loop3: detected capacity change from 0 to 8192 [pid 5862] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... setpgid resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] getdents64(3, [pid 5862] <... ioctl resumed>) = 0 [pid 5862] close(3) = 0 [pid 5862] mkdir("./file1", 0777) = 0 [pid 5862] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5863] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] unlink("./64/binderfs" [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... unlink resumed>) = 0 [pid 5091] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5864] <... openat resumed>) = 3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./61/binderfs", [pid 5864] write(3, "1000", 4 [pid 5094] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5864] <... write resumed>) = 4 [pid 5864] close(3) = 0 [pid 5864] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5091] unlink("./61/binderfs") = 0 [pid 5091] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5864] memfd_create("syzkaller", 0 [pid 5863] <... write resumed>) = 4194304 [pid 5863] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5863] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5863] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... memfd_create resumed>) = 3 [pid 5863] <... ioctl resumed>) = 0 [pid 5863] close(3) = 0 [pid 5863] mkdir("./file1", 0777) = 0 [pid 5864] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5863] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5864] <... mmap resumed>) = 0x7f12a0a40000 [ 177.697162][ T5861] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 177.721783][ T5862] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 177.739432][ T5863] loop2: detected capacity change from 0 to 8192 [ 177.748317][ T5861] REISERFS (device loop0): checking transaction log (loop0) [ 177.756416][ T5863] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 177.772771][ T5862] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 177.782201][ T5862] REISERFS (device loop3): using ordered data mode [ 177.788970][ T5862] reiserfs: using flush barriers [pid 5864] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5864] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5864] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5864] close(3) = 0 [pid 5864] mkdir("./file1", 0777) = 0 [ 177.796000][ T5862] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 177.827834][ T5864] loop5: detected capacity change from 0 to 8192 [ 177.836348][ T5863] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 177.846168][ T5863] REISERFS (device loop2): using ordered data mode [pid 5864] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5091] <... umount2 resumed>) = 0 [ 177.852799][ T5864] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 177.866230][ T5863] reiserfs: using flush barriers [ 177.872161][ T5863] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 177.874705][ T5864] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 177.888810][ T5862] REISERFS (device loop3): checking transaction log (loop3) [pid 5091] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./61/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 177.921379][ T5863] REISERFS (device loop2): checking transaction log (loop2) [ 177.947753][ T5864] REISERFS (device loop5): using ordered data mode [ 177.962300][ T5861] REISERFS (device loop0): Using r5 hash to sort names [pid 5091] openat(AT_FDCWD, "./61/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... umount2 resumed>) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5094] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] fstat(4, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] lstat("./64/file1", [pid 5091] getdents64(4, [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(4, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./61/file1") = 0 [pid 5094] openat(AT_FDCWD, "./64/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] getdents64(3, [pid 5861] <... mount resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5861] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] fstat(4, [pid 5861] <... openat resumed>) = 3 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5861] chdir("./file1" [pid 5094] getdents64(4, [pid 5861] <... chdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5861] ioctl(4, LOOP_CLR_FD [pid 5094] getdents64(4, [pid 5861] <... ioctl resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5861] close(4 [pid 5094] close(4 [pid 5861] <... close resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5861] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] rmdir("./64/file1" [pid 5861] <... openat resumed>) = 4 [pid 5094] <... rmdir resumed>) = 0 [pid 5861] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] getdents64(3, [pid 5861] <... mmap resumed>) = 0x20000000 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5861] ioctl(4, FS_IOC_GETVERSION [pid 5094] close(3 [pid 5861] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... close resumed>) = 0 [pid 5861] exit_group(0 [pid 5094] rmdir("./64" [pid 5861] <... exit_group resumed>) = ? [pid 5094] <... rmdir resumed>) = 0 [pid 5861] +++ exited with 0 +++ [pid 5094] mkdir("./65", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5869 [ 177.970860][ T5861] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 177.991144][ T5864] reiserfs: using flush barriers [ 177.997395][ T5864] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5861, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5091] <... close resumed>) = 0 [pid 5091] rmdir("./61" [pid 5090] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5869 attached [pid 5091] mkdir("./62", 0777 [pid 5090] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5862] <... mount resumed>) = 0 [pid 5862] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5862] chdir("./file1") = 0 [pid 5862] ioctl(4, LOOP_CLR_FD) = 0 [pid 5862] close(4) = 0 [pid 5862] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5862] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5862] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5862] exit_group(0) = ? [pid 5862] +++ exited with 0 +++ [pid 5869] chdir("./65" [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5862, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5091] <... mkdir resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5090] fstat(3, [pid 5869] <... chdir resumed>) = 0 [pid 5869] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5869] <... prctl resumed>) = 0 [pid 5093] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] getdents64(3, [pid 5869] setpgid(0, 0) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5869] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] fstat(3, [pid 5090] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5869] <... openat resumed>) = 3 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] close(3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5869] write(3, "1000", 4) = 4 [pid 5093] getdents64(3, [pid 5091] <... close resumed>) = 0 [pid 5090] lstat("./62/binderfs", [pid 5869] close(3) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5869] symlink("/dev/binderfs", "./binderfs" [pid 5093] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] unlink("./62/binderfs" [pid 5869] <... symlink resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5870 [pid 5869] memfd_create("syzkaller", 0 [ 178.014370][ T5862] REISERFS (device loop3): Using r5 hash to sort names [ 178.031907][ T5862] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 178.043307][ T5864] REISERFS (device loop5): checking transaction log (loop5) [ 178.049972][ T5863] REISERFS (device loop2): Using r5 hash to sort names [pid 5093] lstat("./63/binderfs", [pid 5090] <... unlink resumed>) = 0 [pid 5869] <... memfd_create resumed>) = 3 [pid 5869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5869] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] unlink("./63/binderfs"./strace-static-x86_64: Process 5870 attached ) = 0 [pid 5870] chdir("./62" [pid 5093] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5870] <... chdir resumed>) = 0 [pid 5870] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5870] setpgid(0, 0) = 0 [pid 5870] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5870] write(3, "1000", 4) = 4 [pid 5870] close(3) = 0 [pid 5870] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5870] memfd_create("syzkaller", 0) = 3 [pid 5870] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5863] <... mount resumed>) = 0 [pid 5863] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5863] chdir("./file1") = 0 [pid 5863] ioctl(4, LOOP_CLR_FD) = 0 [pid 5863] close(4) = 0 [pid 5863] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5863] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 178.078709][ T5863] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5863] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5863] exit_group(0) = ? [pid 5863] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5863, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5092] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./62/binderfs") = 0 [pid 5092] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5869] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./62/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./62/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, [pid 5870] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./62/file1") = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./62") = 0 [pid 5092] mkdir("./63", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./62/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./62/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./62/file1") = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./62") = 0 [pid 5090] mkdir("./63", 0777 [pid 5093] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] <... mkdir resumed>) = 0 [pid 5093] lstat("./63/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5871 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5871 attached [pid 5093] openat(AT_FDCWD, "./63/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5871] chdir("./63") = 0 [pid 5871] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5871] setpgid(0, 0) = 0 [pid 5871] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5871] write(3, "1000", 4) = 4 [pid 5093] <... openat resumed>) = 4 [pid 5871] close(3) = 0 [pid 5871] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5093] fstat(4, [pid 5871] memfd_create("syzkaller", 0) = 3 [pid 5869] <... write resumed>) = 4194304 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] getdents64(4, [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5872 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] close(4 [pid 5871] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] <... close resumed>) = 0 [pid 5093] rmdir("./63/file1"./strace-static-x86_64: Process 5872 attached [pid 5872] chdir("./63") = 0 [pid 5872] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5872] setpgid(0, 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5872] <... setpgid resumed>) = 0 [pid 5872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5872] <... openat resumed>) = 3 [pid 5093] <... close resumed>) = 0 [pid 5869] munmap(0x7f12a0a40000, 4194304 [pid 5872] write(3, "1000", 4) = 4 [pid 5872] close(3) = 0 [pid 5872] symlink("/dev/binderfs", "./binderfs" [pid 5093] rmdir("./63" [pid 5872] <... symlink resumed>) = 0 [pid 5872] memfd_create("syzkaller", 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] mkdir("./64", 0777) = 0 [pid 5872] <... memfd_create resumed>) = 3 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5872] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... openat resumed>) = 3 [pid 5872] <... mmap resumed>) = 0x7f12a0a40000 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5869] <... munmap resumed>) = 0 [pid 5093] close(3 [pid 5869] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5873 [pid 5869] <... openat resumed>) = 4 [ 178.272352][ T5864] REISERFS (device loop5): Using r5 hash to sort names [pid 5869] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5873 attached [pid 5870] <... write resumed>) = 4194304 [pid 5869] <... ioctl resumed>) = 0 [pid 5873] chdir("./64" [pid 5869] close(3 [pid 5873] <... chdir resumed>) = 0 [pid 5869] <... close resumed>) = 0 [pid 5873] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5869] mkdir("./file1", 0777 [pid 5873] <... prctl resumed>) = 0 [pid 5869] <... mkdir resumed>) = 0 [pid 5873] setpgid(0, 0 [pid 5870] munmap(0x7f12a0a40000, 4194304 [pid 5869] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5873] <... setpgid resumed>) = 0 [pid 5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5873] write(3, "1000", 4) = 4 [pid 5873] close(3) = 0 [pid 5873] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5873] memfd_create("syzkaller", 0) = 3 [pid 5873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 178.316990][ T5869] loop4: detected capacity change from 0 to 8192 [ 178.317136][ T5864] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 178.351980][ T5869] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5870] <... munmap resumed>) = 0 [pid 5872] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5871] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5864] <... mount resumed>) = 0 [pid 5870] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5864] chdir("./file1") = 0 [pid 5864] ioctl(4, LOOP_CLR_FD) = 0 [pid 5864] close(4) = 0 [pid 5864] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5870] <... openat resumed>) = 4 [pid 5864] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5870] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... mmap resumed>) = 0x20000000 [pid 5864] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5864] exit_group(0) = ? [pid 5864] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5864, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5095] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./63/binderfs") = 0 [pid 5095] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5870] <... ioctl resumed>) = 0 [ 178.373821][ T5869] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 178.405340][ T5870] loop1: detected capacity change from 0 to 8192 [ 178.406441][ T5869] REISERFS (device loop4): using ordered data mode [pid 5870] close(3) = 0 [pid 5870] mkdir("./file1", 0777) = 0 [pid 5870] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./63/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 178.431787][ T5869] reiserfs: using flush barriers [pid 5095] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5872] <... write resumed>) = 4194304 [pid 5872] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5872] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5872] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5872] <... ioctl resumed>) = 0 [pid 5872] close(3) = 0 [pid 5872] mkdir("./file1", 0777) = 0 [pid 5095] openat(AT_FDCWD, "./63/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5873] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5872] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5871] <... write resumed>) = 4194304 [pid 5871] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5871] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 178.452588][ T5870] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 178.458152][ T5872] loop2: detected capacity change from 0 to 8192 [ 178.481376][ T5869] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5871] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... openat resumed>) = 4 [pid 5095] fstat(4, [pid 5873] <... write resumed>) = 4194304 [pid 5871] <... ioctl resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, [pid 5873] munmap(0x7f12a0a40000, 4194304 [pid 5871] close(3) = 0 [pid 5873] <... munmap resumed>) = 0 [pid 5871] mkdir("./file1", 0777 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5871] <... mkdir resumed>) = 0 [ 178.493630][ T5871] loop0: detected capacity change from 0 to 8192 [ 178.499841][ T5869] REISERFS (device loop4): checking transaction log (loop4) [ 178.511047][ T5870] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 178.521590][ T5872] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 178.541115][ T5870] REISERFS (device loop1): using ordered data mode [ 178.547668][ T5870] reiserfs: using flush barriers [pid 5095] getdents64(4, [pid 5873] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5871] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5873] <... openat resumed>) = 4 [pid 5095] close(4 [pid 5873] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./63/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./63") = 0 [pid 5095] mkdir("./64", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [ 178.556917][ T5872] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 178.564992][ T5873] loop3: detected capacity change from 0 to 8192 [ 178.571500][ T5872] REISERFS (device loop2): using ordered data mode [ 178.579816][ T5871] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 178.587636][ T5872] reiserfs: using flush barriers [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5873] <... ioctl resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5878 [ 178.599080][ T5872] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 178.615825][ T5872] REISERFS (device loop2): checking transaction log (loop2) [ 178.616898][ T5870] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 178.628579][ T5871] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5873] close(3) = 0 [pid 5873] mkdir("./file1", 0777) = 0 [pid 5873] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5878 attached [ 178.656112][ T5873] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 178.656229][ T5870] REISERFS (device loop1): checking transaction log (loop1) [ 178.687206][ T5871] REISERFS (device loop0): using ordered data mode [ 178.693834][ T5871] reiserfs: using flush barriers [pid 5878] chdir("./64") = 0 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 178.699758][ T5873] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 178.700091][ T5871] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 178.709125][ T5873] REISERFS (device loop3): using ordered data mode [ 178.731688][ T5873] reiserfs: using flush barriers [ 178.737753][ T5871] REISERFS (device loop0): checking transaction log (loop0) [pid 5878] setpgid(0, 0) = 0 [pid 5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "1000", 4) = 4 [pid 5878] close(3) = 0 [pid 5878] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5878] memfd_create("syzkaller", 0) = 3 [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5878] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5878] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5878] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 178.737851][ T5873] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 178.772116][ T5869] REISERFS (device loop4): Using r5 hash to sort names [pid 5878] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5878] close(3) = 0 [pid 5878] mkdir("./file1", 0777) = 0 [pid 5878] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5869] <... mount resumed>) = 0 [pid 5869] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5869] chdir("./file1") = 0 [pid 5869] ioctl(4, LOOP_CLR_FD) = 0 [pid 5869] close(4) = 0 [pid 5869] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5869] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5869] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5869] exit_group(0) = ? [pid 5869] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5869, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [ 178.814559][ T5878] loop5: detected capacity change from 0 to 8192 [ 178.819939][ T5869] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 178.823933][ T5873] REISERFS (device loop3): checking transaction log (loop3) [ 178.831860][ T5872] REISERFS (device loop2): Using r5 hash to sort names [pid 5872] <... mount resumed>) = 0 [pid 5870] <... mount resumed>) = 0 [pid 5094] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5872] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5870] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 178.858456][ T5878] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 178.860222][ T5870] REISERFS (device loop1): Using r5 hash to sort names [ 178.878842][ T5870] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 178.888531][ T5872] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 178.898045][ T5878] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 178.907408][ T5878] REISERFS (device loop5): using ordered data mode [pid 5872] <... openat resumed>) = 3 [pid 5870] <... openat resumed>) = 3 [pid 5094] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5872] chdir("./file1" [pid 5870] chdir("./file1" [pid 5094] <... openat resumed>) = 3 [pid 5872] <... chdir resumed>) = 0 [pid 5870] <... chdir resumed>) = 0 [pid 5094] fstat(3, [pid 5872] ioctl(4, LOOP_CLR_FD [pid 5870] ioctl(4, LOOP_CLR_FD [pid 5872] <... ioctl resumed>) = 0 [pid 5870] <... ioctl resumed>) = 0 [pid 5872] close(4 [pid 5870] close(4 [pid 5872] <... close resumed>) = 0 [pid 5870] <... close resumed>) = 0 [pid 5872] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5870] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5872] <... openat resumed>) = 4 [pid 5870] <... openat resumed>) = 4 [pid 5872] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [ 178.914273][ T5878] reiserfs: using flush barriers [ 178.921774][ T5878] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 178.942423][ T5878] REISERFS (device loop5): checking transaction log (loop5) [ 178.944161][ T5873] REISERFS (device loop3): Using r5 hash to sort names [pid 5870] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5872] <... mmap resumed>) = 0x20000000 [pid 5870] <... mmap resumed>) = 0x20000000 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5873] <... mount resumed>) = 0 [pid 5872] ioctl(4, FS_IOC_GETVERSION [pid 5870] ioctl(4, FS_IOC_GETVERSION [pid 5094] getdents64(3, [pid 5873] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5872] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5870] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5873] <... openat resumed>) = 3 [pid 5872] exit_group(0 [pid 5870] exit_group(0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5873] chdir("./file1" [pid 5872] <... exit_group resumed>) = ? [pid 5870] <... exit_group resumed>) = ? [pid 5094] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5873] <... chdir resumed>) = 0 [pid 5872] +++ exited with 0 +++ [pid 5870] +++ exited with 0 +++ [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./65/binderfs", [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5872, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5870, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./65/binderfs" [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5873] ioctl(4, LOOP_CLR_FD) = 0 [pid 5092] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5873] close(4) = 0 [pid 5873] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... unlink resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... restart_syscall resumed>) = 0 [pid 5094] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5873] <... openat resumed>) = 4 [pid 5873] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5092] <... openat resumed>) = 3 [pid 5092] fstat(3, [pid 5091] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] getdents64(3, [pid 5091] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5873] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5873] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [pid 5873] exit_group(0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] fstat(3, [pid 5092] lstat("./63/binderfs", [pid 5873] <... exit_group resumed>) = ? [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5873] +++ exited with 0 +++ [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] getdents64(3, [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5873, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5092] unlink("./63/binderfs" [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... unlink resumed>) = 0 [pid 5093] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... openat resumed>) = 3 [pid 5091] lstat("./62/binderfs", [pid 5093] fstat(3, [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] unlink("./62/binderfs" [pid 5093] getdents64(3, [pid 5091] <... unlink resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./64/binderfs") = 0 [ 178.961309][ T5873] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5093] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./64/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./64/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./63/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./63/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... close resumed>) = 0 [pid 5093] rmdir("./64/file1" [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./63/file1" [pid 5093] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3 [pid 5092] <... rmdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./63") = 0 [pid 5092] mkdir("./64", 0777 [pid 5093] rmdir("./64" [pid 5091] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] mkdir("./65", 0777 [pid 5091] lstat("./62/file1", [pid 5093] <... mkdir resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... openat resumed>) = 3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] openat(AT_FDCWD, "./62/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... ioctl resumed>) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5092] close(3 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./62/file1") = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./62") = 0 [pid 5091] mkdir("./63", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] <... openat resumed>) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5881 [ 179.050001][ T5871] REISERFS (device loop0): Using r5 hash to sort names [ 179.078128][ T5871] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. ./strace-static-x86_64: Process 5881 attached [pid 5881] chdir("./65") = 0 [pid 5881] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5871] <... mount resumed>) = 0 [pid 5881] setpgid(0, 0 [pid 5871] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5881] <... setpgid resumed>) = 0 [pid 5871] <... openat resumed>) = 3 [pid 5881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5871] chdir("./file1" [pid 5881] <... openat resumed>) = 3 [pid 5871] <... chdir resumed>) = 0 [pid 5881] write(3, "1000", 4 [pid 5871] ioctl(4, LOOP_CLR_FD [pid 5881] <... write resumed>) = 4 [pid 5871] <... ioctl resumed>) = 0 [pid 5881] close(3 [pid 5871] close(4 [pid 5881] <... close resumed>) = 0 [pid 5871] <... close resumed>) = 0 [pid 5881] symlink("/dev/binderfs", "./binderfs" [pid 5871] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5881] <... symlink resumed>) = 0 [pid 5871] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] <... openat resumed>) = 3 [pid 5881] memfd_create("syzkaller", 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5881] <... memfd_create resumed>) = 3 [pid 5871] <... mmap resumed>) = 0x20000000 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5871] ioctl(4, FS_IOC_GETVERSION [pid 5091] close(3 [pid 5881] <... mmap resumed>) = 0x7f12a0a40000 [pid 5871] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] <... close resumed>) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5871] exit_group(0 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5882 [pid 5871] <... exit_group resumed>) = ? [pid 5871] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5871, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=13 /* 0.13 s */} --- [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./63/binderfs", [pid 5094] <... umount2 resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./63/binderfs"./strace-static-x86_64: Process 5882 attached ) = 0 [pid 5882] chdir("./63" [pid 5094] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5882] <... chdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5882] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] lstat("./65/file1", [pid 5882] <... prctl resumed>) = 0 [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5882] setpgid(0, 0 [pid 5094] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5882] <... setpgid resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] openat(AT_FDCWD, "./65/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5882] <... openat resumed>) = 3 [pid 5882] write(3, "1000", 4 [pid 5094] <... openat resumed>) = 4 [pid 5092] <... close resumed>) = 0 [pid 5882] <... write resumed>) = 4 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5882] close(3) = 0 [pid 5094] fstat(4, [pid 5882] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5883 [pid 5882] <... symlink resumed>) = 0 [pid 5882] memfd_create("syzkaller", 0 [pid 5094] getdents64(4, [pid 5882] <... memfd_create resumed>) = 3 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5882] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 ./strace-static-x86_64: Process 5883 attached [pid 5094] rmdir("./65/file1" [pid 5883] chdir("./64") = 0 [pid 5883] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... rmdir resumed>) = 0 [pid 5094] getdents64(3, [pid 5883] <... prctl resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5883] setpgid(0, 0) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./65" [pid 5883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] <... rmdir resumed>) = 0 [pid 5883] write(3, "1000", 4) = 4 [pid 5883] close(3) = 0 [pid 5883] symlink("/dev/binderfs", "./binderfs" [pid 5094] mkdir("./66", 0777) = 0 [pid 5883] <... symlink resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5883] memfd_create("syzkaller", 0 [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5883] <... memfd_create resumed>) = 3 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5884 [ 179.185040][ T5878] REISERFS (device loop5): Using r5 hash to sort names ./strace-static-x86_64: Process 5884 attached [pid 5884] chdir("./66") = 0 [pid 5884] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5884] setpgid(0, 0) = 0 [pid 5884] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5884] write(3, "1000", 4) = 4 [pid 5884] close(3) = 0 [pid 5884] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5884] memfd_create("syzkaller", 0) = 3 [pid 5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5878] <... mount resumed>) = 0 [pid 5881] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 179.233027][ T5878] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5878] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5878] chdir("./file1") = 0 [pid 5878] ioctl(4, LOOP_CLR_FD) = 0 [pid 5878] close(4) = 0 [pid 5878] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5878] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5878] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5878] exit_group(0) = ? [pid 5878] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5878, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5095] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5882] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./64/binderfs") = 0 [pid 5095] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5095] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./64/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./64/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5884] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5883] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] close(4) = 0 [pid 5095] rmdir("./64/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./64") = 0 [pid 5095] mkdir("./65", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./63/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./63/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, [pid 5882] <... write resumed>) = 4194304 [pid 5881] <... write resumed>) = 4194304 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./63/file1" [pid 5881] munmap(0x7f12a0a40000, 4194304 [pid 5882] munmap(0x7f12a0a40000, 4194304 [pid 5090] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./63") = 0 [pid 5090] mkdir("./64", 0777 [pid 5881] <... munmap resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5882] <... munmap resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5881] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3 [pid 5884] <... write resumed>) = 4194304 [pid 5883] <... write resumed>) = 4194304 [pid 5882] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5881] <... openat resumed>) = 4 [pid 5095] <... openat resumed>) = 3 [pid 5090] <... close resumed>) = 0 [pid 5884] munmap(0x7f12a0a40000, 4194304 [pid 5883] munmap(0x7f12a0a40000, 4194304 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5882] <... openat resumed>) = 4 [pid 5881] ioctl(4, LOOP_SET_FD, 3 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5883] <... munmap resumed>) = 0 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5885 ./strace-static-x86_64: Process 5885 attached [pid 5885] chdir("./64") = 0 [pid 5885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5885] setpgid(0, 0) = 0 [pid 5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5885] write(3, "1000", 4) = 4 [pid 5885] close(3) = 0 [pid 5885] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5885] memfd_create("syzkaller", 0) = 3 [pid 5885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] close(3 [pid 5884] <... munmap resumed>) = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5883] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5882] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5883] <... openat resumed>) = 4 [pid 5884] <... openat resumed>) = 4 [pid 5883] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5886 [pid 5884] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5886 attached [pid 5886] chdir("./65") = 0 [pid 5886] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5886] setpgid(0, 0) = 0 [pid 5886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5886] write(3, "1000", 4) = 4 [pid 5886] close(3) = 0 [pid 5886] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5886] memfd_create("syzkaller", 0) = 3 [pid 5886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5881] <... ioctl resumed>) = 0 [pid 5881] close(3) = 0 [pid 5881] mkdir("./file1", 0777 [pid 5884] <... ioctl resumed>) = 0 [pid 5883] <... ioctl resumed>) = 0 [pid 5884] close(3 [pid 5883] close(3 [pid 5884] <... close resumed>) = 0 [pid 5883] <... close resumed>) = 0 [pid 5884] mkdir("./file1", 0777 [pid 5883] mkdir("./file1", 0777 [pid 5881] <... mkdir resumed>) = 0 [pid 5883] <... mkdir resumed>) = 0 [pid 5882] <... ioctl resumed>) = 0 [pid 5882] close(3) = 0 [pid 5882] mkdir("./file1", 0777 [pid 5881] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5884] <... mkdir resumed>) = 0 [pid 5882] <... mkdir resumed>) = 0 [pid 5883] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5884] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 179.434820][ T5881] loop3: detected capacity change from 0 to 8192 [ 179.449879][ T5882] loop1: detected capacity change from 0 to 8192 [ 179.458486][ T5883] loop2: detected capacity change from 0 to 8192 [ 179.465212][ T5884] loop4: detected capacity change from 0 to 8192 [ 179.483735][ T5884] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 179.488317][ T5881] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 179.496868][ T5883] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 179.523453][ T5884] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5882] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 179.524008][ T5882] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 179.532750][ T5884] REISERFS (device loop4): using ordered data mode [ 179.552414][ T5884] reiserfs: using flush barriers [ 179.558389][ T5884] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 179.574868][ T5884] REISERFS (device loop4): checking transaction log (loop4) [ 179.613029][ T5881] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 179.622502][ T5881] REISERFS (device loop3): using ordered data mode [ 179.626958][ T5883] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 179.629064][ T5884] REISERFS (device loop4): Using r5 hash to sort names [ 179.645153][ T5881] reiserfs: using flush barriers [ 179.651246][ T5884] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5885] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5886] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5884] <... mount resumed>) = 0 [pid 5884] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5884] chdir("./file1") = 0 [pid 5884] ioctl(4, LOOP_CLR_FD [pid 5885] <... write resumed>) = 4194304 [pid 5884] <... ioctl resumed>) = 0 [pid 5885] munmap(0x7f12a0a40000, 4194304 [ 179.660377][ T5881] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 179.660883][ T5882] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 179.677481][ T5881] REISERFS (device loop3): checking transaction log (loop3) [ 179.693666][ T5883] REISERFS (device loop2): using ordered data mode [ 179.701860][ T5883] reiserfs: using flush barriers [pid 5884] close(4) = 0 [pid 5885] <... munmap resumed>) = 0 [pid 5884] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5885] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5884] <... openat resumed>) = 4 [pid 5885] ioctl(4, LOOP_SET_FD, 3 [pid 5884] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5884] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5884] exit_group(0) = ? [pid 5884] +++ exited with 0 +++ [pid 5885] <... ioctl resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5884, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5885] close(3 [pid 5094] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5885] <... close resumed>) = 0 [pid 5885] mkdir("./file1", 0777 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, [pid 5885] <... mkdir resumed>) = 0 [pid 5885] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./66/binderfs") = 0 [pid 5094] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5886] <... write resumed>) = 4194304 [pid 5886] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5886] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 179.711208][ T5883] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 179.728376][ T5885] loop0: detected capacity change from 0 to 8192 [pid 5886] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5886] close(3) = 0 [pid 5886] mkdir("./file1", 0777) = 0 [pid 5886] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./66/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./66/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 179.762542][ T5886] loop5: detected capacity change from 0 to 8192 [ 179.769845][ T5882] REISERFS (device loop1): using ordered data mode [ 179.777290][ T5885] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 179.781537][ T5883] REISERFS (device loop2): checking transaction log (loop2) [ 179.792878][ T5882] reiserfs: using flush barriers [ 179.803595][ T5885] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./66/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./66") = 0 [pid 5094] mkdir("./67", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [ 179.822776][ T5882] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 179.834635][ T5885] REISERFS (device loop0): using ordered data mode [ 179.846520][ T5886] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5893 ./strace-static-x86_64: Process 5893 attached [ 179.872932][ T5885] reiserfs: using flush barriers [ 179.880783][ T5886] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 179.882329][ T5881] REISERFS (device loop3): Using r5 hash to sort names [ 179.891424][ T5886] REISERFS (device loop5): using ordered data mode [ 179.904977][ T5886] reiserfs: using flush barriers [pid 5893] chdir("./67") = 0 [pid 5893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5893] setpgid(0, 0) = 0 [pid 5893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5893] write(3, "1000", 4) = 4 [pid 5893] close(3) = 0 [pid 5893] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5893] memfd_create("syzkaller", 0) = 3 [pid 5893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 179.907127][ T5885] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 179.911775][ T5882] REISERFS (device loop1): checking transaction log (loop1) [ 179.933831][ T5886] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 179.956931][ T5886] REISERFS (device loop5): checking transaction log (loop5) [pid 5881] <... mount resumed>) = 0 [pid 5881] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5881] chdir("./file1") = 0 [pid 5881] ioctl(4, LOOP_CLR_FD) = 0 [pid 5881] close(4 [pid 5893] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5881] <... close resumed>) = 0 [pid 5881] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5881] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5881] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 179.998522][ T5881] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5881] exit_group(0) = ? [pid 5881] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5881, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5093] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5882] <... mount resumed>) = 0 [pid 5882] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5882] chdir("./file1") = 0 [pid 5882] ioctl(4, LOOP_CLR_FD) = 0 [pid 5882] close(4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5882] <... close resumed>) = 0 [pid 5882] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5093] lstat("./65/binderfs", [pid 5882] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./65/binderfs") = 0 [ 180.057708][ T5882] REISERFS (device loop1): Using r5 hash to sort names [ 180.065042][ T5885] REISERFS (device loop0): checking transaction log (loop0) [ 180.070118][ T5882] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 180.079210][ T5883] REISERFS (device loop2): Using r5 hash to sort names [ 180.098230][ T5886] REISERFS (device loop5): Using r5 hash to sort names [pid 5882] ioctl(4, FS_IOC_GETVERSION [pid 5093] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5882] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5882] exit_group(0) = ? [pid 5882] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5882, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5886] <... mount resumed>) = 0 [pid 5886] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5886] <... openat resumed>) = 3 [pid 5883] <... mount resumed>) = 0 [pid 5886] chdir("./file1") = 0 [pid 5886] ioctl(4, LOOP_CLR_FD) = 0 [pid 5883] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5886] close(4 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5886] <... close resumed>) = 0 [pid 5883] chdir("./file1" [pid 5886] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5883] <... chdir resumed>) = 0 [pid 5886] <... openat resumed>) = 4 [pid 5883] ioctl(4, LOOP_CLR_FD) = 0 [pid 5883] close(4) = 0 [pid 5883] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5091] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, [pid 5886] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5883] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./63/binderfs") = 0 [pid 5091] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5886] <... mmap resumed>) = 0x20000000 [pid 5883] <... mmap resumed>) = 0x20000000 [pid 5886] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5883] ioctl(4, FS_IOC_GETVERSION [pid 5886] exit_group(0 [pid 5883] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5886] <... exit_group resumed>) = ? [pid 5883] exit_group(0) = ? [pid 5883] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5883, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5886] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5886, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [ 180.115684][ T5883] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 180.128302][ T5886] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5893] <... write resumed>) = 4194304 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... restart_syscall resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] fstat(3, [pid 5092] lstat("./64/binderfs", [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] getdents64(3, [pid 5092] unlink("./64/binderfs" [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... unlink resumed>) = 0 [pid 5095] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./65/binderfs") = 0 [pid 5095] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5893] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5893] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5893] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./65/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./65/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./65/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./65") = 0 [pid 5095] mkdir("./66", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = 0 [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5894 [pid 5893] <... ioctl resumed>) = 0 [pid 5893] close(3) = 0 [pid 5893] mkdir("./file1", 0777./strace-static-x86_64: Process 5894 attached ) = 0 [pid 5893] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5894] chdir("./66") = 0 [ 180.218175][ T5893] loop4: detected capacity change from 0 to 8192 [pid 5894] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5894] setpgid(0, 0) = 0 [pid 5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5894] write(3, "1000", 4) = 4 [pid 5894] close(3) = 0 [pid 5894] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5894] memfd_create("syzkaller", 0) = 3 [pid 5894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5894] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./65/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 180.261508][ T5893] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] openat(AT_FDCWD, "./65/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] <... umount2 resumed>) = 0 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./65/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./65") = 0 [pid 5093] mkdir("./66", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [ 180.321119][ T5893] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 180.331421][ T5893] REISERFS (device loop4): using ordered data mode [ 180.331974][ T5885] REISERFS (device loop0): Using r5 hash to sort names [ 180.338058][ T5893] reiserfs: using flush barriers [ 180.351836][ T5893] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5894] <... write resumed>) = 4194304 [pid 5091] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5896 [pid 5894] munmap(0x7f12a0a40000, 4194304 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5896 attached [pid 5896] chdir("./66") = 0 [pid 5896] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5894] <... munmap resumed>) = 0 [pid 5091] lstat("./63/file1", [pid 5896] <... prctl resumed>) = 0 [pid 5896] setpgid(0, 0) = 0 [pid 5896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5894] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5896] write(3, "1000", 4) = 4 [pid 5896] close(3) = 0 [pid 5896] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5894] <... openat resumed>) = 4 [pid 5091] umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5894] ioctl(4, LOOP_SET_FD, 3 [pid 5091] openat(AT_FDCWD, "./63/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5896] memfd_create("syzkaller", 0) = 3 [pid 5896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./63/file1" [pid 5885] <... mount resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5885] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5894] <... ioctl resumed>) = 0 [pid 5091] close(3 [pid 5885] <... openat resumed>) = 3 [pid 5894] close(3 [pid 5091] <... close resumed>) = 0 [pid 5894] <... close resumed>) = 0 [pid 5885] chdir("./file1" [pid 5091] rmdir("./63" [pid 5894] mkdir("./file1", 0777 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./64/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./64/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5894] <... mkdir resumed>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5091] <... rmdir resumed>) = 0 [pid 5885] <... chdir resumed>) = 0 [pid 5885] ioctl(4, LOOP_CLR_FD [pid 5091] mkdir("./64", 0777 [pid 5894] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5885] <... ioctl resumed>) = 0 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... mkdir resumed>) = 0 [pid 5885] close(4 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./64/file1" [pid 5885] <... close resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5885] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] <... openat resumed>) = 3 [pid 5092] <... rmdir resumed>) = 0 [pid 5885] <... openat resumed>) = 4 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5885] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5091] close(3 [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./64" [pid 5885] <... mmap resumed>) = 0x20000000 [pid 5091] <... close resumed>) = 0 [pid 5885] ioctl(4, FS_IOC_GETVERSION [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... rmdir resumed>) = 0 [pid 5885] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5898 [ 180.388874][ T5885] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 180.403649][ T5894] loop5: detected capacity change from 0 to 8192 [ 180.416286][ T5893] REISERFS (device loop4): checking transaction log (loop4) [pid 5092] mkdir("./65", 0777) = 0 [pid 5885] exit_group(0) = ? [pid 5885] +++ exited with 0 +++ [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5899 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5885, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./64/binderfs") = 0 [pid 5090] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5899 attached ./strace-static-x86_64: Process 5898 attached [pid 5896] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5899] chdir("./65" [pid 5898] chdir("./64" [pid 5090] <... umount2 resumed>) = 0 [pid 5899] <... chdir resumed>) = 0 [pid 5898] <... chdir resumed>) = 0 [pid 5090] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5899] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5898] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5899] <... prctl resumed>) = 0 [pid 5898] <... prctl resumed>) = 0 [pid 5090] lstat("./64/file1", [pid 5899] setpgid(0, 0 [pid 5898] setpgid(0, 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5899] <... setpgid resumed>) = 0 [pid 5898] <... setpgid resumed>) = 0 [ 180.455086][ T5894] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5090] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5898] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./64/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5899] <... openat resumed>) = 3 [pid 5898] <... openat resumed>) = 3 [pid 5090] <... openat resumed>) = 4 [pid 5090] fstat(4, [pid 5898] write(3, "1000", 4 [pid 5899] write(3, "1000", 4 [pid 5898] <... write resumed>) = 4 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5898] close(3 [pid 5090] getdents64(4, [pid 5898] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5898] symlink("/dev/binderfs", "./binderfs" [pid 5899] <... write resumed>) = 4 [pid 5090] getdents64(4, [pid 5898] <... symlink resumed>) = 0 [pid 5899] close(3 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4 [pid 5899] <... close resumed>) = 0 [pid 5898] memfd_create("syzkaller", 0 [pid 5090] <... close resumed>) = 0 [pid 5899] symlink("/dev/binderfs", "./binderfs" [pid 5898] <... memfd_create resumed>) = 3 [pid 5090] rmdir("./64/file1" [pid 5899] <... symlink resumed>) = 0 [pid 5898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5899] memfd_create("syzkaller", 0 [pid 5898] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] getdents64(3, [pid 5899] <... memfd_create resumed>) = 3 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] close(3 [pid 5899] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] <... close resumed>) = 0 [pid 5090] rmdir("./64") = 0 [pid 5090] mkdir("./65", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 180.507818][ T5894] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 180.518474][ T5894] REISERFS (device loop5): using ordered data mode [ 180.526173][ T5894] reiserfs: using flush barriers [ 180.534145][ T5894] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5900 ./strace-static-x86_64: Process 5900 attached [pid 5900] chdir("./65") = 0 [pid 5900] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5898] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5900] <... prctl resumed>) = 0 [pid 5900] setpgid(0, 0) = 0 [pid 5900] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5900] write(3, "1000", 4) = 4 [pid 5900] close(3) = 0 [pid 5900] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5900] memfd_create("syzkaller", 0) = 3 [ 180.583174][ T5894] REISERFS (device loop5): checking transaction log (loop5) [pid 5900] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5899] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5896] <... write resumed>) = 4194304 [pid 5896] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5896] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 180.634141][ T5893] REISERFS (device loop4): Using r5 hash to sort names [ 180.663757][ T5893] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5896] ioctl(4, LOOP_SET_FD, 3 [pid 5898] <... write resumed>) = 4194304 [pid 5896] <... ioctl resumed>) = 0 [pid 5896] close(3) = 0 [pid 5896] mkdir("./file1", 0777) = 0 [pid 5896] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5893] <... mount resumed>) = 0 [pid 5893] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5893] chdir("./file1") = 0 [pid 5893] ioctl(4, LOOP_CLR_FD) = 0 [pid 5893] close(4 [pid 5899] <... write resumed>) = 4194304 [pid 5898] munmap(0x7f12a0a40000, 4194304 [pid 5899] munmap(0x7f12a0a40000, 4194304 [pid 5894] <... mount resumed>) = 0 [pid 5898] <... munmap resumed>) = 0 [pid 5898] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5894] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5899] <... munmap resumed>) = 0 [pid 5898] <... openat resumed>) = 4 [pid 5894] <... openat resumed>) = 3 [pid 5899] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5898] ioctl(4, LOOP_SET_FD, 3 [ 180.684782][ T5896] loop3: detected capacity change from 0 to 8192 [ 180.702898][ T5894] REISERFS (device loop5): Using r5 hash to sort names [ 180.710135][ T5894] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5894] chdir("./file1" [pid 5900] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5899] <... openat resumed>) = 4 [pid 5898] <... ioctl resumed>) = 0 [pid 5894] <... chdir resumed>) = 0 [pid 5893] <... close resumed>) = 0 [pid 5899] ioctl(4, LOOP_SET_FD, 3 [pid 5894] ioctl(4, LOOP_CLR_FD) = 0 [pid 5894] close(4) = 0 [pid 5894] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5894] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5894] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5894] exit_group(0) = ? [pid 5894] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5894, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5898] close(3 [pid 5893] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5898] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5898] mkdir("./file1", 0777 [pid 5095] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5898] <... mkdir resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5898] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5893] <... openat resumed>) = 4 [pid 5095] fstat(3, [pid 5893] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5893] <... mmap resumed>) = 0x20000000 [pid 5095] lstat("./66/binderfs", [pid 5893] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5893] exit_group(0 [pid 5095] unlink("./66/binderfs" [pid 5893] <... exit_group resumed>) = ? [pid 5095] <... unlink resumed>) = 0 [ 180.732535][ T5898] loop1: detected capacity change from 0 to 8192 [ 180.733717][ T5896] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 180.741422][ T5899] loop2: detected capacity change from 0 to 8192 [pid 5095] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5893] +++ exited with 0 +++ [pid 5899] <... ioctl resumed>) = 0 [pid 5899] close(3) = 0 [pid 5899] mkdir("./file1", 0777) = 0 [pid 5899] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5893, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./67/binderfs") = 0 [ 180.777042][ T5896] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 180.787626][ T5899] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 180.789857][ T5896] REISERFS (device loop3): using ordered data mode [ 180.807840][ T5896] reiserfs: using flush barriers [pid 5094] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5900] <... write resumed>) = 4194304 [pid 5900] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5900] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5900] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5900] close(3) = 0 [pid 5900] mkdir("./file1", 0777) = 0 [ 180.814209][ T5896] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 180.830311][ T5900] loop0: detected capacity change from 0 to 8192 [ 180.831997][ T5899] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 180.837846][ T5898] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 180.846157][ T5899] REISERFS (device loop2): using ordered data mode [ 180.866210][ T5899] reiserfs: using flush barriers [pid 5900] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 180.866376][ T5900] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 180.872157][ T5896] REISERFS (device loop3): checking transaction log (loop3) [ 180.891656][ T5899] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 180.894978][ T5898] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 180.917455][ T5898] REISERFS (device loop1): using ordered data mode [pid 5095] lstat("./66/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./66/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./66/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./66") = 0 [pid 5095] mkdir("./67", 0777) = 0 [ 180.924176][ T5898] reiserfs: using flush barriers [ 180.930516][ T5900] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 180.940112][ T5898] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 180.974788][ T5899] REISERFS (device loop2): checking transaction log (loop2) [ 180.976953][ T5900] REISERFS (device loop0): using ordered data mode [ 180.994284][ T5898] REISERFS (device loop1): checking transaction log (loop1) [ 180.996922][ T5900] reiserfs: using flush barriers [ 181.013221][ T5896] REISERFS (device loop3): Using r5 hash to sort names [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5896] <... mount resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = 0 [pid 5896] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5896] <... openat resumed>) = 3 [pid 5896] chdir("./file1" [pid 5095] close(3 [pid 5094] lstat("./67/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5896] <... chdir resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5896] ioctl(4, LOOP_CLR_FD [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5896] <... ioctl resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5896] close(4 [pid 5094] <... openat resumed>) = 4 [pid 5896] <... close resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5905 [pid 5896] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] fstat(4, [pid 5896] <... openat resumed>) = 4 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, [pid 5896] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5896] <... mmap resumed>) = 0x20000000 [pid 5094] getdents64(4, [pid 5896] ioctl(4, FS_IOC_GETVERSION [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4 [pid 5896] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... close resumed>) = 0 [pid 5896] exit_group(0 [pid 5094] rmdir("./67/file1" [pid 5896] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 5905 attached [pid 5094] <... rmdir resumed>) = 0 [pid 5896] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5896, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5094] close(3 [pid 5093] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... close resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, [pid 5905] chdir("./67" [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5905] <... chdir resumed>) = 0 [ 181.020396][ T5896] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 181.022747][ T5900] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5093] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5905] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] rmdir("./67" [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5905] <... prctl resumed>) = 0 [pid 5093] lstat("./66/binderfs", [pid 5905] setpgid(0, 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5905] <... setpgid resumed>) = 0 [pid 5094] mkdir("./68", 0777 [pid 5093] unlink("./66/binderfs" [pid 5905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] <... mkdir resumed>) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5905] <... openat resumed>) = 3 [pid 5093] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5905] write(3, "1000", 4 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5905] <... write resumed>) = 4 [pid 5094] <... openat resumed>) = 3 [pid 5905] close(3) = 0 [pid 5905] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5905] memfd_create("syzkaller", 0) = 3 [pid 5905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5906 ./strace-static-x86_64: Process 5906 attached [pid 5906] chdir("./68") = 0 [pid 5906] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5906] setpgid(0, 0) = 0 [pid 5906] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5906] write(3, "1000", 4) = 4 [pid 5906] close(3) = 0 [pid 5906] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5906] memfd_create("syzkaller", 0) = 3 [pid 5906] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5898] <... mount resumed>) = 0 [pid 5898] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5898] chdir("./file1") = 0 [pid 5898] ioctl(4, LOOP_CLR_FD) = 0 [ 181.135058][ T5898] REISERFS (device loop1): Using r5 hash to sort names [ 181.146830][ T5898] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 181.171423][ T5900] REISERFS (device loop0): checking transaction log (loop0) [pid 5898] close(4 [pid 5906] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5898] <... close resumed>) = 0 [pid 5898] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5898] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5898] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5898] exit_group(0) = ? [pid 5898] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5898, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./64/binderfs") = 0 [pid 5091] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5091] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./64/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./64/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5905] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... openat resumed>) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./64/file1" [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... rmdir resumed>) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./66/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./66/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] getdents64(3, [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./66/file1") = 0 [pid 5091] rmdir("./64" [pid 5093] getdents64(3, [pid 5091] <... rmdir resumed>) = 0 [pid 5091] mkdir("./65", 0777 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5093] close(3 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] <... close resumed>) = 0 [pid 5093] rmdir("./66") = 0 [pid 5093] mkdir("./67", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5907 ./strace-static-x86_64: Process 5907 attached [pid 5907] chdir("./67") = 0 [pid 5907] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5907] setpgid(0, 0) = 0 [pid 5907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5907] write(3, "1000", 4) = 4 [pid 5907] close(3) = 0 [pid 5907] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5907] memfd_create("syzkaller", 0) = 3 [pid 5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5899] <... mount resumed>) = 0 [pid 5899] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5899] chdir("./file1") = 0 [pid 5899] ioctl(4, LOOP_CLR_FD) = 0 [ 181.251556][ T5899] REISERFS (device loop2): Using r5 hash to sort names [ 181.279273][ T5899] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5899] close(4 [pid 5906] <... write resumed>) = 4194304 [pid 5091] <... openat resumed>) = 3 [pid 5899] <... close resumed>) = 0 [pid 5899] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5899] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5899] ioctl(4, FS_IOC_GETVERSION [pid 5905] <... write resumed>) = 4194304 [pid 5091] close(3 [pid 5899] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5905] munmap(0x7f12a0a40000, 4194304 [pid 5899] exit_group(0 [pid 5905] <... munmap resumed>) = 0 [pid 5899] <... exit_group resumed>) = ? [pid 5091] <... close resumed>) = 0 [pid 5906] munmap(0x7f12a0a40000, 4194304 [pid 5899] +++ exited with 0 +++ [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5905] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5899, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5905] <... openat resumed>) = 4 [pid 5905] ioctl(4, LOOP_SET_FD, 3 [pid 5906] <... munmap resumed>) = 0 [pid 5092] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./65/binderfs") = 0 [pid 5092] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5908 [pid 5906] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5906] ioctl(4, LOOP_SET_FD, 3 [pid 5905] <... ioctl resumed>) = 0 [pid 5905] close(3) = 0 [pid 5905] mkdir("./file1", 0777) = 0 [pid 5905] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5908 attached [pid 5908] chdir("./65") = 0 [pid 5908] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5908] setpgid(0, 0) = 0 [pid 5908] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5908] write(3, "1000", 4) = 4 [pid 5908] close(3) = 0 [pid 5908] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5908] memfd_create("syzkaller", 0) = 3 [pid 5908] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5906] <... ioctl resumed>) = 0 [pid 5906] close(3) = 0 [pid 5906] mkdir("./file1", 0777) = 0 [ 181.363473][ T5905] loop5: detected capacity change from 0 to 8192 [ 181.375108][ T5906] loop4: detected capacity change from 0 to 8192 [ 181.392705][ T5905] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 181.393734][ T5900] REISERFS (device loop0): Using r5 hash to sort names [pid 5906] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5900] <... mount resumed>) = 0 [pid 5907] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5900] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5900] chdir("./file1") = 0 [pid 5900] ioctl(4, LOOP_CLR_FD) = 0 [ 181.421939][ T5900] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 181.432680][ T5905] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 181.442315][ T5905] REISERFS (device loop5): using ordered data mode [ 181.449290][ T5905] reiserfs: using flush barriers [ 181.455211][ T5905] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5900] close(4) = 0 [pid 5900] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5900] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5900] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5900] exit_group(0) = ? [pid 5900] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5900, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5090] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5908] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5090] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 181.455352][ T5906] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 181.471757][ T5905] REISERFS (device loop5): checking transaction log (loop5) [pid 5090] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./65/binderfs") = 0 [pid 5090] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5905] <... mount resumed>) = 0 [pid 5905] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5905] chdir("./file1") = 0 [pid 5905] ioctl(4, LOOP_CLR_FD) = 0 [pid 5905] close(4) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5905] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5905] <... openat resumed>) = 4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5905] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] lstat("./65/file1", [pid 5905] <... mmap resumed>) = 0x20000000 [ 181.548007][ T5906] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 181.561120][ T5905] REISERFS (device loop5): Using r5 hash to sort names [ 181.574158][ T5905] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 181.584170][ T5906] REISERFS (device loop4): using ordered data mode [ 181.592656][ T5906] reiserfs: using flush barriers [pid 5908] <... write resumed>) = 4194304 [pid 5905] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5905] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5908] munmap(0x7f12a0a40000, 4194304 [pid 5905] exit_group(0 [pid 5092] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5905] <... exit_group resumed>) = ? [pid 5908] <... munmap resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5905] +++ exited with 0 +++ [pid 5092] openat(AT_FDCWD, "./65/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5905, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5908] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... restart_syscall resumed>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5908] <... openat resumed>) = 4 [pid 5092] fstat(4, [pid 5908] ioctl(4, LOOP_SET_FD, 3 [pid 5907] <... write resumed>) = 4194304 [pid 5095] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5095] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./67/binderfs") = 0 [pid 5095] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5908] <... ioctl resumed>) = 0 [pid 5907] munmap(0x7f12a0a40000, 4194304 [pid 5092] getdents64(4, [pid 5908] close(3 [pid 5907] <... munmap resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5908] <... close resumed>) = 0 [pid 5907] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5092] getdents64(4, [pid 5907] <... openat resumed>) = 4 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5908] mkdir("./file1", 0777 [pid 5907] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... umount2 resumed>) = 0 [ 181.612193][ T5906] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 181.638405][ T5906] REISERFS (device loop4): checking transaction log (loop4) [ 181.648338][ T5908] loop1: detected capacity change from 0 to 8192 [pid 5092] close(4) = 0 [pid 5095] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./67/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./67/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./67") = 0 [pid 5092] rmdir("./65/file1" [pid 5095] mkdir("./68", 0777 [pid 5908] <... mkdir resumed>) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5908] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5092] <... rmdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5907] <... ioctl resumed>) = 0 [pid 5092] rmdir("./65" [pid 5907] close(3 [pid 5092] <... rmdir resumed>) = 0 [pid 5907] <... close resumed>) = 0 [pid 5092] mkdir("./66", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5907] mkdir("./file1", 0777 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5912 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5913 [pid 5907] <... mkdir resumed>) = 0 [pid 5907] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5913 attached [pid 5913] chdir("./66") = 0 [pid 5913] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 181.668976][ T5907] loop3: detected capacity change from 0 to 8192 [ 181.684445][ T5908] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5913] setpgid(0, 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5913] <... setpgid resumed>) = 0 [pid 5913] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5912 attached ) = 3 [pid 5913] write(3, "1000", 4 [pid 5912] chdir("./68" [pid 5090] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5913] <... write resumed>) = 4 [pid 5912] <... chdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 181.721796][ T5908] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 181.732763][ T5908] REISERFS (device loop1): using ordered data mode [ 181.740113][ T5907] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 181.740312][ T5908] reiserfs: using flush barriers [pid 5913] close(3 [pid 5912] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] lstat("./65/file1", [pid 5913] <... close resumed>) = 0 [pid 5912] <... prctl resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5913] symlink("/dev/binderfs", "./binderfs" [pid 5912] setpgid(0, 0 [pid 5090] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5913] <... symlink resumed>) = 0 [pid 5912] <... setpgid resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5913] memfd_create("syzkaller", 0 [pid 5090] openat(AT_FDCWD, "./65/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... openat resumed>) = 4 [pid 5912] <... openat resumed>) = 3 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5913] <... memfd_create resumed>) = 3 [pid 5912] write(3, "1000", 4 [pid 5913] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] getdents64(4, [pid 5912] <... write resumed>) = 4 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5913] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] getdents64(4, [pid 5912] close(3 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4 [pid 5912] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5912] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5090] rmdir("./65/file1" [pid 5912] memfd_create("syzkaller", 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5912] <... memfd_create resumed>) = 3 [pid 5912] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] getdents64(3, [pid 5912] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./65") = 0 [pid 5090] mkdir("./66", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5915 [ 181.759825][ T5908] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 181.766927][ T5907] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 181.794275][ T5906] REISERFS (device loop4): Using r5 hash to sort names [ 181.802330][ T5906] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 181.814182][ T5908] REISERFS (device loop1): checking transaction log (loop1) [pid 5912] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5906] <... mount resumed>) = 0 [pid 5906] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 5915 attached [pid 5906] chdir("./file1") = 0 [pid 5915] chdir("./66" [pid 5906] ioctl(4, LOOP_CLR_FD) = 0 [pid 5906] close(4) = 0 [pid 5906] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5915] <... chdir resumed>) = 0 [pid 5915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5915] setpgid(0, 0) = 0 [pid 5906] <... openat resumed>) = 4 [pid 5906] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5906] <... mmap resumed>) = 0x20000000 [pid 5915] write(3, "1000", 4 [pid 5906] ioctl(4, FS_IOC_GETVERSION [pid 5915] <... write resumed>) = 4 [pid 5906] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5915] close(3) = 0 [pid 5906] exit_group(0 [pid 5915] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5906] <... exit_group resumed>) = ? [pid 5913] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5906] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5906, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [pid 5912] <... write resumed>) = 4194304 [pid 5094] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5915] memfd_create("syzkaller", 0 [pid 5912] munmap(0x7f12a0a40000, 4194304 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5915] <... memfd_create resumed>) = 3 [pid 5912] <... munmap resumed>) = 0 [pid 5915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5912] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... openat resumed>) = 3 [pid 5915] <... mmap resumed>) = 0x7f12a0a40000 [pid 5912] <... openat resumed>) = 4 [pid 5094] fstat(3, [pid 5912] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./68/binderfs" [pid 5912] <... ioctl resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5912] close(3 [pid 5094] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5912] <... close resumed>) = 0 [pid 5913] <... write resumed>) = 4194304 [pid 5912] mkdir("./file1", 0777) = 0 [pid 5913] munmap(0x7f12a0a40000, 4194304 [pid 5912] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5913] <... munmap resumed>) = 0 [pid 5913] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 181.879355][ T5907] REISERFS (device loop3): using ordered data mode [ 181.906703][ T5912] loop5: detected capacity change from 0 to 8192 [ 181.916072][ T5907] reiserfs: using flush barriers [pid 5913] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5913] close(3) = 0 [pid 5913] mkdir("./file1", 0777) = 0 [ 181.931121][ T5913] loop2: detected capacity change from 0 to 8192 [ 181.955579][ T5912] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5913] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [ 181.958733][ T5907] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 181.969590][ T5912] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 181.985216][ T5913] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 181.994703][ T5912] REISERFS (device loop5): using ordered data mode [ 182.014198][ T5912] reiserfs: using flush barriers [pid 5915] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./68/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [ 182.019939][ T5912] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 182.051418][ T5912] REISERFS (device loop5): checking transaction log (loop5) [pid 5094] close(4) = 0 [pid 5915] <... write resumed>) = 4194304 [pid 5915] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5915] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5915] ioctl(4, LOOP_SET_FD, 3 [pid 5094] rmdir("./68/file1") = 0 [ 182.093345][ T5913] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 182.102850][ T5912] REISERFS (device loop5): Using r5 hash to sort names [ 182.109969][ T5912] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 182.119176][ T5913] REISERFS (device loop2): using ordered data mode [ 182.119849][ T5915] loop0: detected capacity change from 0 to 8192 [ 182.125989][ T5907] REISERFS (device loop3): checking transaction log (loop3) [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5912] <... mount resumed>) = 0 [pid 5094] close(3 [pid 5912] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... close resumed>) = 0 [pid 5915] <... ioctl resumed>) = 0 [pid 5915] close(3) = 0 [pid 5915] mkdir("./file1", 0777) = 0 [pid 5915] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5912] <... openat resumed>) = 3 [pid 5094] rmdir("./68" [pid 5912] chdir("./file1") = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5912] ioctl(4, LOOP_CLR_FD [pid 5094] mkdir("./69", 0777 [pid 5912] <... ioctl resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5912] close(4 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5912] <... close resumed>) = 0 [pid 5908] <... mount resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [ 182.139944][ T5913] reiserfs: using flush barriers [ 182.150062][ T5913] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 182.166742][ T5913] REISERFS (device loop2): checking transaction log (loop2) [ 182.166958][ T5908] REISERFS (device loop1): Using r5 hash to sort names [ 182.181278][ T5908] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5908] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5912] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5908] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5912] <... openat resumed>) = 4 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5912] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] close(3 [pid 5912] <... mmap resumed>) = 0x20000000 [pid 5094] <... close resumed>) = 0 [pid 5912] ioctl(4, FS_IOC_GETVERSION [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5912] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5912] exit_group(0 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5919 [pid 5912] <... exit_group resumed>) = ? [pid 5908] chdir("./file1") = 0 [pid 5908] ioctl(4, LOOP_CLR_FD) = 0 [pid 5908] close(4 [pid 5912] +++ exited with 0 +++ [pid 5908] <... close resumed>) = 0 [pid 5908] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5912, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5908] <... openat resumed>) = 4 [pid 5908] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5908] <... mmap resumed>) = 0x20000000 [pid 5095] getdents64(3, [pid 5908] ioctl(4, FS_IOC_GETVERSION [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5908] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5908] exit_group(0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5908] <... exit_group resumed>) = ? [pid 5095] lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] unlink("./68/binderfs" [pid 5908] +++ exited with 0 +++ [pid 5095] <... unlink resumed>) = 0 [pid 5095] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5908, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [ 182.195688][ T5915] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5091] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5919 attached ) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./65/binderfs") = 0 [pid 5091] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5919] chdir("./69") = 0 [pid 5919] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5919] setpgid(0, 0) = 0 [pid 5919] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5919] write(3, "1000", 4) = 4 [pid 5919] close(3) = 0 [pid 5919] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5919] memfd_create("syzkaller", 0) = 3 [pid 5919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 182.256047][ T5915] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 182.276289][ T5915] REISERFS (device loop0): using ordered data mode [ 182.285206][ T5915] reiserfs: using flush barriers [ 182.292538][ T5915] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 182.314768][ T5915] REISERFS (device loop0): checking transaction log (loop0) [ 182.331990][ T5913] REISERFS (device loop2): Using r5 hash to sort names [ 182.339108][ T5913] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 182.348277][ T5907] REISERFS (device loop3): Using r5 hash to sort names [pid 5919] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5907] <... mount resumed>) = 0 [pid 5907] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5907] chdir("./file1") = 0 [pid 5907] ioctl(4, LOOP_CLR_FD) = 0 [pid 5907] close(4) = 0 [pid 5907] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5913] <... mount resumed>) = 0 [pid 5907] <... openat resumed>) = 4 [pid 5913] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5907] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5913] <... openat resumed>) = 3 [pid 5913] chdir("./file1" [pid 5907] <... mmap resumed>) = 0x20000000 [pid 5913] <... chdir resumed>) = 0 [pid 5907] ioctl(4, FS_IOC_GETVERSION [pid 5913] ioctl(4, LOOP_CLR_FD [pid 5907] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5913] <... ioctl resumed>) = 0 [pid 5907] exit_group(0 [pid 5913] close(4 [pid 5907] <... exit_group resumed>) = ? [pid 5913] <... close resumed>) = 0 [pid 5907] +++ exited with 0 +++ [pid 5913] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5907, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...> [pid 5913] <... openat resumed>) = 4 [pid 5093] <... restart_syscall resumed>) = 0 [pid 5913] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5913] <... mmap resumed>) = 0x20000000 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5913] ioctl(4, FS_IOC_GETVERSION [pid 5093] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5913] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... openat resumed>) = 3 [pid 5913] exit_group(0 [pid 5093] fstat(3, [pid 5913] <... exit_group resumed>) = ? [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5913] +++ exited with 0 +++ [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5913, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [ 182.371795][ T5907] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5093] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./67/binderfs") = 0 [pid 5093] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./66/binderfs") = 0 [pid 5092] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5091] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./65/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./65/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] close(4) = 0 [pid 5919] <... write resumed>) = 4194304 [pid 5919] munmap(0x7f12a0a40000, 4194304 [pid 5095] lstat("./68/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] rmdir("./65/file1" [pid 5095] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] <... rmdir resumed>) = 0 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] close(3 [pid 5095] close(4 [pid 5091] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./68/file1") = 0 [pid 5091] rmdir("./65") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] mkdir("./66", 0777 [pid 5095] close(3) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5095] rmdir("./68") = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] mkdir("./69", 0777 [pid 5091] <... openat resumed>) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] <... mkdir resumed>) = 0 [pid 5091] close(3 [pid 5919] <... munmap resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] <... close resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5920 [pid 5095] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5921 ./strace-static-x86_64: Process 5921 attached [pid 5921] chdir("./69") = 0 [pid 5921] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5921] setpgid(0, 0 [pid 5919] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5921] <... setpgid resumed>) = 0 [pid 5921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5919] <... openat resumed>) = 4 [pid 5919] ioctl(4, LOOP_SET_FD, 3 [pid 5921] <... openat resumed>) = 3 [ 182.468533][ T5915] REISERFS (device loop0): Using r5 hash to sort names [ 182.481099][ T5915] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5921] write(3, "1000", 4) = 4 [pid 5921] close(3) = 0 [pid 5921] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5921] memfd_create("syzkaller", 0) = 3 [pid 5921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5919] <... ioctl resumed>) = 0 [pid 5919] close(3./strace-static-x86_64: Process 5920 attached ) = 0 [pid 5919] mkdir("./file1", 0777 [pid 5920] chdir("./66" [pid 5919] <... mkdir resumed>) = 0 [pid 5920] <... chdir resumed>) = 0 [pid 5920] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5919] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5915] <... mount resumed>) = 0 [pid 5920] <... prctl resumed>) = 0 [pid 5920] setpgid(0, 0 [pid 5915] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5920] <... setpgid resumed>) = 0 [pid 5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5915] <... openat resumed>) = 3 [pid 5920] <... openat resumed>) = 3 [pid 5915] chdir("./file1" [pid 5920] write(3, "1000", 4 [pid 5915] <... chdir resumed>) = 0 [pid 5920] <... write resumed>) = 4 [pid 5920] close(3) = 0 [pid 5920] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5920] memfd_create("syzkaller", 0) = 3 [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5915] ioctl(4, LOOP_CLR_FD [pid 5920] <... mmap resumed>) = 0x7f12a0a40000 [pid 5915] <... ioctl resumed>) = 0 [ 182.514143][ T5919] loop4: detected capacity change from 0 to 8192 [pid 5915] close(4) = 0 [pid 5915] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5915] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5093] <... umount2 resumed>) = 0 [pid 5920] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] <... umount2 resumed>) = 0 [pid 5915] ioctl(4, FS_IOC_GETVERSION [pid 5921] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5915] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5915] exit_group(0) = ? [pid 5915] +++ exited with 0 +++ [pid 5093] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./67/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5915, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./67/file1" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./66/file1", [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] openat(AT_FDCWD, "./66/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 4 [pid 5092] fstat(4, [pid 5090] fstat(3, [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(3, [pid 5092] getdents64(4, [pid 5090] getdents64(3, [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] close(4 [pid 5090] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... close resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] rmdir("./66/file1" [pid 5090] lstat("./66/binderfs", [pid 5093] close(3 [pid 5092] <... rmdir resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] getdents64(3, [pid 5090] unlink("./66/binderfs" [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] rmdir("./67" [pid 5092] close(3 [pid 5090] <... unlink resumed>) = 0 [pid 5093] <... rmdir resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5090] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] rmdir("./66" [pid 5093] mkdir("./68", 0777 [pid 5092] <... rmdir resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5092] mkdir("./67", 0777 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5092] <... mkdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5092] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] close(3 [pid 5092] close(3 [pid 5093] <... close resumed>) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5923 [ 182.562023][ T5919] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 182.599658][ T5919] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5092] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5924 ./strace-static-x86_64: Process 5923 attached [pid 5920] <... write resumed>) = 4194304 [pid 5920] munmap(0x7f12a0a40000, 4194304 [pid 5923] chdir("./68"./strace-static-x86_64: Process 5924 attached [pid 5920] <... munmap resumed>) = 0 [pid 5924] chdir("./67" [pid 5920] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5924] <... chdir resumed>) = 0 [pid 5920] ioctl(4, LOOP_SET_FD, 3 [pid 5924] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5923] <... chdir resumed>) = 0 [pid 5920] <... ioctl resumed>) = 0 [pid 5924] <... prctl resumed>) = 0 [pid 5923] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5920] close(3 [pid 5924] setpgid(0, 0 [pid 5923] <... prctl resumed>) = 0 [pid 5920] <... close resumed>) = 0 [pid 5924] <... setpgid resumed>) = 0 [pid 5923] setpgid(0, 0 [pid 5920] mkdir("./file1", 0777 [pid 5924] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5923] <... setpgid resumed>) = 0 [pid 5924] <... openat resumed>) = 3 [pid 5920] <... mkdir resumed>) = 0 [pid 5924] write(3, "1000", 4 [pid 5923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5924] <... write resumed>) = 4 [pid 5923] <... openat resumed>) = 3 [pid 5920] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5090] <... umount2 resumed>) = 0 [ 182.629184][ T5919] REISERFS (device loop4): using ordered data mode [ 182.644626][ T5919] reiserfs: using flush barriers [ 182.655133][ T5920] loop1: detected capacity change from 0 to 8192 [ 182.656014][ T5919] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5924] close(3) = 0 [pid 5924] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5924] memfd_create("syzkaller", 0) = 3 [pid 5924] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5923] write(3, "1000", 4 [pid 5090] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5923] <... write resumed>) = 4 [pid 5923] close(3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5923] <... close resumed>) = 0 [pid 5090] lstat("./66/file1", [pid 5923] symlink("/dev/binderfs", "./binderfs" [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5923] <... symlink resumed>) = 0 [pid 5090] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5923] memfd_create("syzkaller", 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5923] <... memfd_create resumed>) = 3 [pid 5090] openat(AT_FDCWD, "./66/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] <... openat resumed>) = 4 [pid 5923] <... mmap resumed>) = 0x7f12a0a40000 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./66/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./66") = 0 [pid 5090] mkdir("./67", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5926 ./strace-static-x86_64: Process 5926 attached [pid 5926] chdir("./67") = 0 [pid 5926] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5926] setpgid(0, 0) = 0 [pid 5926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5926] write(3, "1000", 4) = 4 [pid 5926] close(3) = 0 [pid 5926] symlink("/dev/binderfs", "./binderfs") = 0 [ 182.704846][ T5919] REISERFS (device loop4): checking transaction log (loop4) [ 182.733361][ T5920] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5926] memfd_create("syzkaller", 0 [pid 5921] <... write resumed>) = 4194304 [pid 5921] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5926] <... memfd_create resumed>) = 3 [pid 5926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5921] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5921] ioctl(4, LOOP_SET_FD, 3 [pid 5924] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5921] <... ioctl resumed>) = 0 [ 182.775299][ T5920] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 182.795700][ T5921] loop5: detected capacity change from 0 to 8192 [ 182.811179][ T5920] REISERFS (device loop1): using ordered data mode [ 182.817898][ T5920] reiserfs: using flush barriers [pid 5921] close(3) = 0 [pid 5921] mkdir("./file1", 0777 [pid 5923] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5921] <... mkdir resumed>) = 0 [ 182.823924][ T5920] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 182.840737][ T5920] REISERFS (device loop1): checking transaction log (loop1) [ 182.851619][ T5921] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5921] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5926] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5924] <... write resumed>) = 4194304 [pid 5924] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5924] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 182.872961][ T5921] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 182.888459][ T5921] REISERFS (device loop5): using ordered data mode [ 182.906066][ T5921] reiserfs: using flush barriers [ 182.915896][ T5924] loop2: detected capacity change from 0 to 8192 [pid 5924] ioctl(4, LOOP_SET_FD, 3 [pid 5926] <... write resumed>) = 4194304 [pid 5924] <... ioctl resumed>) = 0 [pid 5926] munmap(0x7f12a0a40000, 4194304 [pid 5924] close(3 [pid 5926] <... munmap resumed>) = 0 [pid 5924] <... close resumed>) = 0 [pid 5926] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5924] mkdir("./file1", 0777 [pid 5926] <... openat resumed>) = 4 [pid 5926] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5924] <... mkdir resumed>) = 0 [pid 5923] <... write resumed>) = 4194304 [pid 5926] close(3 [pid 5924] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5926] <... close resumed>) = 0 [pid 5923] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5926] mkdir("./file1", 0777) = 0 [pid 5926] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5923] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 182.923508][ T5921] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 182.948544][ T5926] loop0: detected capacity change from 0 to 8192 [ 182.949810][ T5919] REISERFS (device loop4): Using r5 hash to sort names [ 182.959960][ T5921] REISERFS (device loop5): checking transaction log (loop5) [pid 5923] ioctl(4, LOOP_SET_FD, 3 [pid 5919] <... mount resumed>) = 0 [pid 5919] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5919] chdir("./file1") = 0 [pid 5919] ioctl(4, LOOP_CLR_FD) = 0 [pid 5919] close(4) = 0 [pid 5919] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5923] <... ioctl resumed>) = 0 [pid 5919] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5919] ioctl(4, FS_IOC_GETVERSION [pid 5923] close(3) = 0 [pid 5923] mkdir("./file1", 0777) = 0 [ 182.974906][ T5923] loop3: detected capacity change from 0 to 8192 [ 182.981649][ T5926] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 182.994635][ T5919] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 183.009107][ T5924] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5919] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5919] exit_group(0) = ? [pid 5919] +++ exited with 0 +++ [pid 5923] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5919, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [ 183.022220][ T5926] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 183.031965][ T5926] REISERFS (device loop0): using ordered data mode [ 183.038608][ T5926] reiserfs: using flush barriers [ 183.045456][ T5924] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 183.045508][ T5926] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5094] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 183.053906][ T5923] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 183.071415][ T5926] REISERFS (device loop0): checking transaction log (loop0) [ 183.084144][ T5924] REISERFS (device loop2): using ordered data mode [ 183.098847][ T5924] reiserfs: using flush barriers [ 183.102959][ T5920] REISERFS (device loop1): Using r5 hash to sort names [ 183.104734][ T5923] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5094] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./69/binderfs") = 0 [ 183.119949][ T5924] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 183.120441][ T5923] REISERFS (device loop3): using ordered data mode [ 183.138193][ T5920] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 183.142643][ T5923] reiserfs: using flush barriers [ 183.146554][ T5924] REISERFS (device loop2): checking transaction log (loop2) [pid 5094] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5920] <... mount resumed>) = 0 [pid 5920] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5920] chdir("./file1") = 0 [pid 5920] ioctl(4, LOOP_CLR_FD) = 0 [pid 5920] close(4) = 0 [pid 5920] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5920] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5920] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5920] exit_group(0) = ? [pid 5920] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5920, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5091] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./66/binderfs") = 0 [ 183.164472][ T5923] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 183.180956][ T5923] REISERFS (device loop3): checking transaction log (loop3) [pid 5091] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = 0 [pid 5094] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] lstat("./69/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5094] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./69/file1") = 0 [pid 5094] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./69") = 0 [pid 5094] mkdir("./70", 0777) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5931 [pid 5921] <... mount resumed>) = 0 [pid 5921] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5923] <... mount resumed>) = 0 [ 183.286727][ T5923] REISERFS (device loop3): Using r5 hash to sort names [ 183.293794][ T5921] REISERFS (device loop5): Using r5 hash to sort names [ 183.304709][ T5921] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 183.314828][ T5923] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. ./strace-static-x86_64: Process 5931 attached [pid 5923] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5921] chdir("./file1") = 0 [pid 5931] chdir("./70" [pid 5921] ioctl(4, LOOP_CLR_FD) = 0 [pid 5921] close(4 [pid 5923] <... openat resumed>) = 3 [pid 5921] <... close resumed>) = 0 [pid 5921] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5931] <... chdir resumed>) = 0 [pid 5923] chdir("./file1" [pid 5931] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5923] <... chdir resumed>) = 0 [pid 5931] <... prctl resumed>) = 0 [pid 5931] setpgid(0, 0 [pid 5923] ioctl(4, LOOP_CLR_FD) = 0 [pid 5931] <... setpgid resumed>) = 0 [pid 5931] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5923] close(4) = 0 [pid 5923] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5931] <... openat resumed>) = 3 [pid 5921] <... openat resumed>) = 4 [pid 5923] <... openat resumed>) = 4 [pid 5931] write(3, "1000", 4 [pid 5921] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5931] <... write resumed>) = 4 [pid 5923] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5921] <... mmap resumed>) = 0x20000000 [pid 5931] close(3) = 0 [pid 5923] <... mmap resumed>) = 0x20000000 [pid 5921] ioctl(4, FS_IOC_GETVERSION [pid 5931] symlink("/dev/binderfs", "./binderfs" [pid 5923] ioctl(4, FS_IOC_GETVERSION [pid 5921] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5931] <... symlink resumed>) = 0 [pid 5923] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5921] exit_group(0 [pid 5931] memfd_create("syzkaller", 0 [pid 5923] exit_group(0 [pid 5921] <... exit_group resumed>) = ? [pid 5931] <... memfd_create resumed>) = 3 [pid 5923] <... exit_group resumed>) = ? [pid 5931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5923] +++ exited with 0 +++ [pid 5921] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5921, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5923, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5095] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5924] <... mount resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5095] fstat(3, [pid 5924] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5926] <... mount resumed>) = 0 [pid 5924] <... openat resumed>) = 3 [pid 5095] getdents64(3, [pid 5093] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5926] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5924] chdir("./file1" [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5926] <... openat resumed>) = 3 [pid 5924] <... chdir resumed>) = 0 [pid 5095] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... openat resumed>) = 3 [pid 5926] chdir("./file1" [pid 5924] ioctl(4, LOOP_CLR_FD [pid 5095] lstat("./69/binderfs", [pid 5093] fstat(3, [pid 5926] <... chdir resumed>) = 0 [pid 5924] <... ioctl resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5926] ioctl(4, LOOP_CLR_FD [pid 5924] close(4 [pid 5095] unlink("./69/binderfs" [pid 5093] getdents64(3, [pid 5926] <... ioctl resumed>) = 0 [pid 5924] <... close resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... umount2 resumed>) = 0 [pid 5926] close(4 [pid 5924] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 183.359714][ T5926] REISERFS (device loop0): Using r5 hash to sort names [ 183.373477][ T5924] REISERFS (device loop2): Using r5 hash to sort names [ 183.381414][ T5924] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 183.390766][ T5926] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5931] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5926] <... close resumed>) = 0 [pid 5924] <... openat resumed>) = 4 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5926] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5924] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5093] lstat("./68/binderfs", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5926] <... openat resumed>) = 4 [pid 5924] <... mmap resumed>) = 0x20000000 [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] lstat("./66/file1", [pid 5926] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5924] ioctl(4, FS_IOC_GETVERSION [pid 5093] unlink("./68/binderfs" [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5926] <... mmap resumed>) = 0x20000000 [pid 5924] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5093] <... unlink resumed>) = 0 [pid 5091] umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5926] ioctl(4, FS_IOC_GETVERSION [pid 5924] exit_group(0 [pid 5093] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5926] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5924] <... exit_group resumed>) = ? [pid 5091] openat(AT_FDCWD, "./66/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5926] exit_group(0 [pid 5924] +++ exited with 0 +++ [pid 5091] <... openat resumed>) = 4 [pid 5926] <... exit_group resumed>) = ? [pid 5091] fstat(4, [pid 5926] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5924, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=16 /* 0.16 s */} --- [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5091] getdents64(4, [pid 5092] <... restart_syscall resumed>) = 0 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5926, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] close(4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] rmdir("./66/file1" [pid 5090] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... openat resumed>) = 3 [pid 5091] <... rmdir resumed>) = 0 [pid 5092] fstat(3, [pid 5091] getdents64(3, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] getdents64(3, [pid 5091] close(3 [pid 5090] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... close resumed>) = 0 [pid 5092] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] rmdir("./66" [pid 5090] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... rmdir resumed>) = 0 [pid 5092] lstat("./67/binderfs", [pid 5091] mkdir("./67", 0777 [pid 5090] fstat(3, [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5092] unlink("./67/binderfs" [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5092] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] getdents64(3, [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] close(3 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... close resumed>) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5932 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./67/binderfs"./strace-static-x86_64: Process 5932 attached ) = 0 [pid 5090] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5932] chdir("./67") = 0 [pid 5932] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5932] setpgid(0, 0) = 0 [pid 5932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5932] write(3, "1000", 4) = 4 [pid 5932] close(3) = 0 [pid 5932] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5932] memfd_create("syzkaller", 0) = 3 [pid 5932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./67/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./67/file1" [pid 5931] <... write resumed>) = 4194304 [pid 5090] <... rmdir resumed>) = 0 [pid 5931] munmap(0x7f12a0a40000, 4194304 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./67" [pid 5931] <... munmap resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5090] mkdir("./68", 0777) = 0 [pid 5931] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5931] <... openat resumed>) = 4 [pid 5090] <... ioctl resumed>) = 0 [pid 5090] close(3) = 0 [pid 5931] ioctl(4, LOOP_SET_FD, 3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5933 attached [pid 5933] chdir("./68") = 0 [pid 5933] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5933] setpgid(0, 0) = 0 [pid 5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5933 [pid 5933] <... openat resumed>) = 3 [pid 5933] write(3, "1000", 4) = 4 [pid 5933] close(3) = 0 [pid 5933] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5933] memfd_create("syzkaller", 0) = 3 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5931] <... ioctl resumed>) = 0 [pid 5931] close(3) = 0 [pid 5932] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5931] mkdir("./file1", 0777) = 0 [ 183.563842][ T5931] loop4: detected capacity change from 0 to 8192 [pid 5931] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./69/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, [pid 5093] <... umount2 resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4 [pid 5093] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./69/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] close(3 [pid 5093] lstat("./68/file1", [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./69") = 0 [pid 5095] mkdir("./70", 0777 [pid 5093] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5093] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5935 [pid 5093] <... openat resumed>) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./68/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./68") = 0 [pid 5093] mkdir("./69", 0777 [pid 5092] <... umount2 resumed>) = 0 [ 183.626121][ T5931] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5936 [pid 5092] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./67/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 ./strace-static-x86_64: Process 5935 attached [pid 5092] rmdir("./67/file1"./strace-static-x86_64: Process 5936 attached [pid 5935] chdir("./70" [pid 5933] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5932] <... write resumed>) = 4194304 [pid 5092] <... rmdir resumed>) = 0 [pid 5935] <... chdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5935] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5935] <... prctl resumed>) = 0 [pid 5092] close(3 [pid 5935] setpgid(0, 0 [pid 5092] <... close resumed>) = 0 [pid 5935] <... setpgid resumed>) = 0 [pid 5092] rmdir("./67" [pid 5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... rmdir resumed>) = 0 [pid 5936] chdir("./69" [pid 5935] <... openat resumed>) = 3 [pid 5092] mkdir("./68", 0777 [pid 5935] write(3, "1000", 4 [pid 5092] <... mkdir resumed>) = 0 [pid 5935] <... write resumed>) = 4 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5935] close(3 [pid 5092] <... openat resumed>) = 3 [pid 5935] <... close resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5935] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5935] <... symlink resumed>) = 0 [pid 5092] close(3 [pid 5935] memfd_create("syzkaller", 0 [pid 5936] <... chdir resumed>) = 0 [pid 5935] <... memfd_create resumed>) = 3 [pid 5932] munmap(0x7f12a0a40000, 4194304 [pid 5092] <... close resumed>) = 0 [pid 5935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5936] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5935] <... mmap resumed>) = 0x7f12a0a40000 [ 183.681276][ T5931] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 183.691289][ T5931] REISERFS (device loop4): using ordered data mode [ 183.698403][ T5931] reiserfs: using flush barriers [ 183.705557][ T5931] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 ./strace-static-x86_64: Process 5937 attached [pid 5936] <... prctl resumed>) = 0 [pid 5933] <... write resumed>) = 4194304 [pid 5932] <... munmap resumed>) = 0 [pid 5937] chdir("./68" [pid 5936] setpgid(0, 0 [pid 5933] munmap(0x7f12a0a40000, 4194304 [pid 5932] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5937] <... chdir resumed>) = 0 [pid 5936] <... setpgid resumed>) = 0 [pid 5933] <... munmap resumed>) = 0 [pid 5932] <... openat resumed>) = 4 [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5937 [pid 5937] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5936] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5933] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5932] ioctl(4, LOOP_SET_FD, 3 [pid 5937] <... prctl resumed>) = 0 [pid 5936] <... openat resumed>) = 3 [pid 5933] <... openat resumed>) = 4 [pid 5937] setpgid(0, 0 [pid 5936] write(3, "1000", 4 [pid 5933] ioctl(4, LOOP_SET_FD, 3 [pid 5937] <... setpgid resumed>) = 0 [pid 5936] <... write resumed>) = 4 [pid 5932] <... ioctl resumed>) = 0 [pid 5937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5936] close(3 [pid 5932] close(3 [pid 5937] <... openat resumed>) = 3 [pid 5936] <... close resumed>) = 0 [pid 5933] <... ioctl resumed>) = 0 [pid 5937] write(3, "1000", 4 [pid 5936] symlink("/dev/binderfs", "./binderfs" [pid 5933] close(3 [pid 5932] <... close resumed>) = 0 [pid 5937] <... write resumed>) = 4 [pid 5937] close(3 [pid 5936] <... symlink resumed>) = 0 [pid 5932] mkdir("./file1", 0777 [pid 5937] <... close resumed>) = 0 [pid 5936] memfd_create("syzkaller", 0 [pid 5933] <... close resumed>) = 0 [pid 5937] symlink("/dev/binderfs", "./binderfs" [pid 5936] <... memfd_create resumed>) = 3 [pid 5933] mkdir("./file1", 0777 [pid 5932] <... mkdir resumed>) = 0 [pid 5937] <... symlink resumed>) = 0 [pid 5936] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5937] memfd_create("syzkaller", 0 [pid 5933] <... mkdir resumed>) = 0 [pid 5932] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5936] <... mmap resumed>) = 0x7f12a0a40000 [pid 5937] <... memfd_create resumed>) = 3 [pid 5937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 183.749760][ T5931] REISERFS (device loop4): checking transaction log (loop4) [ 183.770533][ T5932] loop1: detected capacity change from 0 to 8192 [ 183.780494][ T5933] loop0: detected capacity change from 0 to 8192 [pid 5933] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5937] <... mmap resumed>) = 0x7f12a0a40000 [ 183.807971][ T5932] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 183.822808][ T5933] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 183.850731][ T5931] REISERFS (device loop4): Using r5 hash to sort names [pid 5935] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5935] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5935] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5936] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5937] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5935] <... openat resumed>) = 4 [ 183.859214][ T5932] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 183.869166][ T5933] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 183.886517][ T5931] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 183.898661][ T5935] loop5: detected capacity change from 0 to 8192 [pid 5935] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5931] <... mount resumed>) = 0 [pid 5935] close(3 [pid 5931] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5935] <... close resumed>) = 0 [pid 5931] <... openat resumed>) = 3 [pid 5935] mkdir("./file1", 0777 [pid 5931] chdir("./file1" [pid 5935] <... mkdir resumed>) = 0 [pid 5931] <... chdir resumed>) = 0 [pid 5931] ioctl(4, LOOP_CLR_FD [pid 5935] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5931] <... ioctl resumed>) = 0 [pid 5931] close(4) = 0 [pid 5931] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5931] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5931] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5931] exit_group(0) = ? [pid 5931] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5931, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 5094] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 183.904395][ T5932] REISERFS (device loop1): using ordered data mode [ 183.905649][ T5933] REISERFS (device loop0): using ordered data mode [ 183.918617][ T5933] reiserfs: using flush barriers [ 183.931548][ T5932] reiserfs: using flush barriers [ 183.938396][ T5935] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5094] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 183.954217][ T5932] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 183.956154][ T5935] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 183.981332][ T5933] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 183.981581][ T5935] REISERFS (device loop5): using ordered data mode [pid 5094] fstat(3, [pid 5937] <... write resumed>) = 4194304 [pid 5936] <... write resumed>) = 4194304 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5937] munmap(0x7f12a0a40000, 4194304 [pid 5936] munmap(0x7f12a0a40000, 4194304 [pid 5094] getdents64(3, [pid 5937] <... munmap resumed>) = 0 [pid 5936] <... munmap resumed>) = 0 [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5937] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5936] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5937] <... openat resumed>) = 4 [pid 5936] <... openat resumed>) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5937] ioctl(4, LOOP_SET_FD, 3 [pid 5936] ioctl(4, LOOP_SET_FD, 3 [pid 5094] lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./70/binderfs") = 0 [pid 5094] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5936] <... ioctl resumed>) = 0 [pid 5936] close(3) = 0 [pid 5936] mkdir("./file1", 0777) = 0 [ 184.000028][ T5933] REISERFS (device loop0): checking transaction log (loop0) [ 184.005294][ T5935] reiserfs: using flush barriers [ 184.012952][ T5932] REISERFS (device loop1): checking transaction log (loop1) [ 184.017813][ T5935] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 184.036337][ T5937] loop2: detected capacity change from 0 to 8192 [ 184.042482][ T5935] REISERFS (device loop5): checking transaction log (loop5) [ 184.046772][ T5936] loop3: detected capacity change from 0 to 8192 [pid 5936] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5937] <... ioctl resumed>) = 0 [pid 5937] close(3) = 0 [pid 5937] mkdir("./file1", 0777) = 0 [ 184.094526][ T5936] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 184.117239][ T5936] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 184.127353][ T5935] REISERFS (device loop5): Using r5 hash to sort names [ 184.134533][ T5935] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5937] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5935] <... mount resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5935] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5094] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5935] chdir("./file1" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5935] <... chdir resumed>) = 0 [pid 5094] lstat("./70/file1", [pid 5935] ioctl(4, LOOP_CLR_FD [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 184.144537][ T5937] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 184.178812][ T5936] REISERFS (device loop3): using ordered data mode [ 184.186197][ T5936] reiserfs: using flush barriers [pid 5935] <... ioctl resumed>) = 0 [pid 5094] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5935] close(4) = 0 [pid 5933] <... mount resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5935] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5933] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 184.191277][ T5933] REISERFS (device loop0): Using r5 hash to sort names [ 184.198364][ T5933] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 184.209380][ T5937] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 184.218632][ T5936] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 184.235205][ T5937] REISERFS (device loop2): using ordered data mode [pid 5094] openat(AT_FDCWD, "./70/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5935] <... openat resumed>) = 4 [pid 5933] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 4 [pid 5935] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5933] chdir("./file1" [pid 5094] fstat(4, [pid 5935] <... mmap resumed>) = 0x20000000 [pid 5933] <... chdir resumed>) = 0 [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5932] <... mount resumed>) = 0 [pid 5932] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5932] chdir("./file1") = 0 [pid 5932] ioctl(4, LOOP_CLR_FD) = 0 [pid 5932] close(4 [pid 5935] ioctl(4, FS_IOC_GETVERSION [pid 5933] ioctl(4, LOOP_CLR_FD [pid 5932] <... close resumed>) = 0 [pid 5094] getdents64(4, [pid 5935] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5933] <... ioctl resumed>) = 0 [pid 5932] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5933] close(4 [pid 5932] <... openat resumed>) = 4 [pid 5094] getdents64(4, [pid 5935] exit_group(0 [pid 5933] <... close resumed>) = 0 [pid 5932] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5935] <... exit_group resumed>) = ? [pid 5933] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] close(4 [pid 5932] <... mmap resumed>) = 0x20000000 [pid 5933] <... openat resumed>) = 4 [pid 5094] <... close resumed>) = 0 [pid 5935] +++ exited with 0 +++ [pid 5933] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5932] ioctl(4, FS_IOC_GETVERSION [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5935, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5094] rmdir("./70/file1") = 0 [pid 5095] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] getdents64(3, [pid 5933] <... mmap resumed>) = 0x20000000 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] close(3 [pid 5933] ioctl(4, FS_IOC_GETVERSION [pid 5932] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] <... openat resumed>) = 3 [pid 5094] <... close resumed>) = 0 [pid 5932] exit_group(0 [pid 5095] fstat(3, [pid 5094] rmdir("./70" [pid 5933] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5932] <... exit_group resumed>) = ? [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5933] exit_group(0 [pid 5095] getdents64(3, [pid 5094] <... rmdir resumed>) = 0 [pid 5932] +++ exited with 0 +++ [pid 5933] <... exit_group resumed>) = ? [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] mkdir("./71", 0777 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5932, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5933] +++ exited with 0 +++ [pid 5095] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] <... mkdir resumed>) = 0 [pid 5091] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5095] lstat("./70/binderfs", [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5091] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... restart_syscall resumed>) = 0 [pid 5095] unlink("./70/binderfs" [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5091] <... openat resumed>) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(3, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... unlink resumed>) = 0 [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] close(3 [pid 5091] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 3 [pid 5094] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] fstat(3, [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] lstat("./67/binderfs", [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] getdents64(3, [pid 5091] unlink("./67/binderfs" [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5943 [pid 5091] <... unlink resumed>) = 0 [pid 5090] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] unlink("./68/binderfs") = 0 [ 184.240886][ T5932] REISERFS (device loop1): Using r5 hash to sort names [ 184.242907][ T5937] reiserfs: using flush barriers [ 184.250968][ T5932] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 184.254930][ T5937] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 184.264790][ T5936] REISERFS (device loop3): checking transaction log (loop3) [ 184.280142][ T5937] REISERFS (device loop2): checking transaction log (loop2) [pid 5090] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5943 attached [pid 5943] chdir("./71") = 0 [pid 5943] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5943] setpgid(0, 0) = 0 [pid 5943] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5943] write(3, "1000", 4) = 4 [pid 5943] close(3) = 0 [pid 5943] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5943] memfd_create("syzkaller", 0) = 3 [pid 5943] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] lstat("./68/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./68/file1") = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./68") = 0 [pid 5090] mkdir("./69", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD) = 0 [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5944 ./strace-static-x86_64: Process 5944 attached [pid 5944] chdir("./69") = 0 [pid 5944] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5944] setpgid(0, 0) = 0 [pid 5944] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5944] write(3, "1000", 4) = 4 [pid 5944] close(3) = 0 [pid 5944] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5944] memfd_create("syzkaller", 0) = 3 [pid 5944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5943] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./67/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5944] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5937] <... mount resumed>) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5937] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5937] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... openat resumed>) = 4 [pid 5937] chdir("./file1" [pid 5095] lstat("./70/file1", [pid 5091] fstat(4, [pid 5937] <... chdir resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5937] ioctl(4, LOOP_CLR_FD [pid 5095] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(4, [pid 5937] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5937] close(4 [pid 5095] openat(AT_FDCWD, "./70/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] getdents64(4, [pid 5937] <... close resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5937] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] fstat(4, [pid 5091] close(4 [pid 5937] <... openat resumed>) = 4 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... close resumed>) = 0 [pid 5937] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [ 184.492191][ T5937] REISERFS (device loop2): Using r5 hash to sort names [ 184.505144][ T5937] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] getdents64(4, [pid 5091] rmdir("./67/file1" [pid 5937] <... mmap resumed>) = 0x20000000 [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] <... rmdir resumed>) = 0 [pid 5937] ioctl(4, FS_IOC_GETVERSION [pid 5095] getdents64(4, [pid 5091] getdents64(3, [pid 5937] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5937] exit_group(0 [pid 5095] close(4 [pid 5091] close(3 [pid 5937] <... exit_group resumed>) = ? [pid 5095] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5937] +++ exited with 0 +++ [pid 5095] rmdir("./70/file1" [pid 5091] rmdir("./67" [pid 5095] <... rmdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5095] getdents64(3, [pid 5091] mkdir("./68", 0777 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5095] close(3 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... close resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5095] rmdir("./70" [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5095] <... rmdir resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] mkdir("./71", 0777 [pid 5091] close(3 [pid 5095] <... mkdir resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... openat resumed>) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5945 [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5937, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5946 [pid 5092] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] unlink("./68/binderfs") = 0 ./strace-static-x86_64: Process 5945 attached [pid 5092] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5945] chdir("./68") = 0 [pid 5945] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5945] setpgid(0, 0) = 0 [pid 5945] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5943] <... write resumed>) = 4194304 [pid 5945] <... openat resumed>) = 3 [pid 5943] munmap(0x7f12a0a40000, 4194304 [pid 5945] write(3, "1000", 4) = 4 [pid 5945] close(3) = 0 [pid 5945] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5945] memfd_create("syzkaller", 0 [pid 5943] <... munmap resumed>) = 0 [pid 5945] <... memfd_create resumed>) = 3 [pid 5943] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5943] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5946 attached [pid 5945] <... mmap resumed>) = 0x7f12a0a40000 [pid 5943] ioctl(4, LOOP_SET_FD, 3 [pid 5946] chdir("./71") = 0 [pid 5946] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 184.556438][ T5936] REISERFS (device loop3): Using r5 hash to sort names [ 184.588818][ T5943] loop4: detected capacity change from 0 to 8192 [pid 5946] setpgid(0, 0) = 0 [pid 5936] <... mount resumed>) = 0 [pid 5946] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5936] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5946] <... openat resumed>) = 3 [pid 5946] write(3, "1000", 4 [pid 5936] <... openat resumed>) = 3 [pid 5946] <... write resumed>) = 4 [pid 5936] chdir("./file1" [pid 5946] close(3 [pid 5943] <... ioctl resumed>) = 0 [pid 5946] <... close resumed>) = 0 [pid 5936] <... chdir resumed>) = 0 [pid 5946] symlink("/dev/binderfs", "./binderfs" [pid 5943] close(3 [pid 5936] ioctl(4, LOOP_CLR_FD [pid 5946] <... symlink resumed>) = 0 [pid 5943] <... close resumed>) = 0 [pid 5936] <... ioctl resumed>) = 0 [pid 5946] memfd_create("syzkaller", 0 [pid 5943] mkdir("./file1", 0777 [pid 5936] close(4 [pid 5946] <... memfd_create resumed>) = 3 [pid 5936] <... close resumed>) = 0 [pid 5946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5943] <... mkdir resumed>) = 0 [pid 5936] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5946] <... mmap resumed>) = 0x7f12a0a40000 [pid 5943] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5936] <... openat resumed>) = 4 [pid 5936] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5944] <... write resumed>) = 4194304 [pid 5936] <... mmap resumed>) = 0x20000000 [ 184.611271][ T5936] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5936] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5944] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5944] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5944] ioctl(4, LOOP_SET_FD, 3 [pid 5936] exit_group(0 [pid 5092] <... umount2 resumed>) = 0 [pid 5936] <... exit_group resumed>) = ? [pid 5092] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5936] +++ exited with 0 +++ [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5936, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [pid 5092] lstat("./68/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5945] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5944] <... ioctl resumed>) = 0 [pid 5093] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW [ 184.652111][ T5943] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 184.664380][ T5944] loop0: detected capacity change from 0 to 8192 [ 184.691401][ T5943] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5092] getdents64(4, [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] getdents64(4, [pid 5093] <... openat resumed>) = 3 [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] fstat(3, [pid 5092] close(4 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] <... close resumed>) = 0 [pid 5093] getdents64(3, [pid 5092] rmdir("./68/file1" [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... rmdir resumed>) = 0 [pid 5093] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] getdents64(3, [pid 5093] unlink("./69/binderfs" [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5092] close(3 [pid 5093] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./68") = 0 [pid 5092] mkdir("./69", 0777 [pid 5946] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5944] close(3 [pid 5092] <... mkdir resumed>) = 0 [pid 5944] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5944] mkdir("./file1", 0777 [pid 5092] <... openat resumed>) = 3 [pid 5944] <... mkdir resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5948 [ 184.701500][ T5943] REISERFS (device loop4): using ordered data mode [ 184.708045][ T5943] reiserfs: using flush barriers [pid 5944] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, ""./strace-static-x86_64: Process 5948 attached [pid 5946] <... write resumed>) = 4194304 [pid 5948] chdir("./69" [pid 5946] munmap(0x7f12a0a40000, 4194304 [pid 5948] <... chdir resumed>) = 0 [pid 5946] <... munmap resumed>) = 0 [pid 5948] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5946] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5948] <... prctl resumed>) = 0 [pid 5946] <... openat resumed>) = 4 [pid 5948] setpgid(0, 0 [pid 5946] ioctl(4, LOOP_SET_FD, 3 [pid 5948] <... setpgid resumed>) = 0 [pid 5946] <... ioctl resumed>) = 0 [pid 5945] <... write resumed>) = 4194304 [ 184.745239][ T5943] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 184.750356][ T5946] loop5: detected capacity change from 0 to 8192 [ 184.763507][ T5944] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 184.777479][ T5943] REISERFS (device loop4): checking transaction log (loop4) [pid 5948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5946] close(3 [pid 5945] munmap(0x7f12a0a40000, 4194304 [pid 5948] <... openat resumed>) = 3 [pid 5946] <... close resumed>) = 0 [pid 5945] <... munmap resumed>) = 0 [pid 5948] write(3, "1000", 4 [pid 5946] mkdir("./file1", 0777 [pid 5948] <... write resumed>) = 4 [pid 5946] <... mkdir resumed>) = 0 [pid 5948] close(3 [pid 5946] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5945] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5948] <... close resumed>) = 0 [pid 5945] <... openat resumed>) = 4 [pid 5948] symlink("/dev/binderfs", "./binderfs" [pid 5945] ioctl(4, LOOP_SET_FD, 3 [pid 5948] <... symlink resumed>) = 0 [pid 5945] <... ioctl resumed>) = 0 [pid 5948] memfd_create("syzkaller", 0) = 3 [pid 5948] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5945] close(3) = 0 [ 184.787749][ T5944] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 184.800973][ T5945] loop1: detected capacity change from 0 to 8192 [ 184.815260][ T5946] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 184.831601][ T5944] REISERFS (device loop0): using ordered data mode [ 184.838645][ T5944] reiserfs: using flush barriers [pid 5945] mkdir("./file1", 0777) = 0 [pid 5093] <... umount2 resumed>) = 0 [pid 5945] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5948] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./69/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./69/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./69") = 0 [pid 5093] mkdir("./70", 0777) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 184.846674][ T5944] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 184.863617][ T5946] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 184.882055][ T5945] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5093] close(3 [pid 5948] <... write resumed>) = 4194304 [pid 5948] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5948] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5948] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5948] close(3) = 0 [pid 5948] mkdir("./file1", 0777) = 0 [pid 5948] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5093] <... close resumed>) = 0 [ 184.917137][ T5948] loop2: detected capacity change from 0 to 8192 [ 184.926263][ T5948] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 184.935499][ T5946] REISERFS (device loop5): using ordered data mode [ 184.940423][ T5948] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 184.947093][ T5945] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5953 ./strace-static-x86_64: Process 5953 attached [pid 5953] chdir("./70") = 0 [pid 5953] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5953] setpgid(0, 0) = 0 [pid 5953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5953] write(3, "1000", 4) = 4 [pid 5953] close(3) = 0 [pid 5953] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5953] memfd_create("syzkaller", 0) = 3 [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 184.955721][ T5948] REISERFS (device loop2): using ordered data mode [ 184.966042][ T5943] REISERFS (device loop4): Using r5 hash to sort names [ 184.970904][ T5948] reiserfs: using flush barriers [ 184.978367][ T5944] REISERFS (device loop0): checking transaction log (loop0) [ 184.991060][ T5946] reiserfs: using flush barriers [ 184.997272][ T5948] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 184.997535][ T5946] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 185.016761][ T5943] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 185.030169][ T5945] REISERFS (device loop1): using ordered data mode [ 185.046170][ T5945] reiserfs: using flush barriers [pid 5953] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5943] <... mount resumed>) = 0 [pid 5943] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5943] chdir("./file1") = 0 [ 185.052617][ T5945] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 185.062635][ T5946] REISERFS (device loop5): checking transaction log (loop5) [ 185.069516][ T5945] REISERFS (device loop1): checking transaction log (loop1) [pid 5943] ioctl(4, LOOP_CLR_FD) = 0 [pid 5943] close(4 [pid 5945] <... mount resumed>) = 0 [pid 5943] <... close resumed>) = 0 [pid 5945] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5943] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5945] <... openat resumed>) = 3 [pid 5943] <... openat resumed>) = 4 [pid 5945] chdir("./file1" [pid 5943] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5945] <... chdir resumed>) = 0 [pid 5943] <... mmap resumed>) = 0x20000000 [pid 5945] ioctl(4, LOOP_CLR_FD [pid 5943] ioctl(4, FS_IOC_GETVERSION [pid 5945] <... ioctl resumed>) = 0 [pid 5943] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5945] close(4 [pid 5943] exit_group(0 [pid 5945] <... close resumed>) = 0 [pid 5943] <... exit_group resumed>) = ? [pid 5945] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5943] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5943, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5945] <... openat resumed>) = 4 [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5945] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5094] <... restart_syscall resumed>) = 0 [pid 5945] <... mmap resumed>) = 0x20000000 [pid 5945] ioctl(4, FS_IOC_GETVERSION [pid 5094] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5945] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5945] exit_group(0 [ 185.117566][ T5945] REISERFS (device loop1): Using r5 hash to sort names [ 185.126091][ T5945] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 185.136476][ T5948] REISERFS (device loop2): checking transaction log (loop2) [pid 5094] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5945] <... exit_group resumed>) = ? [pid 5094] <... openat resumed>) = 3 [pid 5094] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5945] +++ exited with 0 +++ [pid 5094] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5945, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5094] lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5094] unlink("./71/binderfs" [pid 5091] <... restart_syscall resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5094] umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] unlink("./68/binderfs") = 0 [pid 5091] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5953] <... write resumed>) = 4194304 [pid 5953] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 185.218990][ T5948] REISERFS (device loop2): Using r5 hash to sort names [ 185.228194][ T5944] REISERFS (device loop0): Using r5 hash to sort names [ 185.234694][ T5948] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5953] ioctl(4, LOOP_SET_FD, 3 [pid 5948] <... mount resumed>) = 0 [pid 5948] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5948] chdir("./file1") = 0 [pid 5948] ioctl(4, LOOP_CLR_FD) = 0 [pid 5948] close(4 [pid 5953] <... ioctl resumed>) = 0 [pid 5953] close(3) = 0 [pid 5953] mkdir("./file1", 0777) = 0 [pid 5948] <... close resumed>) = 0 [pid 5948] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5953] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5948] <... openat resumed>) = 4 [pid 5948] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5948] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5948] exit_group(0) = ? [pid 5948] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5948, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=16 /* 0.16 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 185.259410][ T5953] loop3: detected capacity change from 0 to 8192 [ 185.279481][ T5944] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5092] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5944] <... mount resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5944] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5944] <... openat resumed>) = 3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5944] chdir("./file1" [pid 5091] lstat("./68/file1", [pid 5944] <... chdir resumed>) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5944] ioctl(4, LOOP_CLR_FD [pid 5091] umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5944] <... ioctl resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5944] close(4 [pid 5091] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5944] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... openat resumed>) = 4 [pid 5944] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5091] fstat(4, [pid 5944] <... openat resumed>) = 4 [pid 5094] umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5944] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5091] getdents64(4, [pid 5944] <... mmap resumed>) = 0x20000000 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... openat resumed>) = 3 [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5944] ioctl(4, FS_IOC_GETVERSION [pid 5091] getdents64(4, [pid 5944] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] lstat("./71/file1", [pid 5092] fstat(3, [pid 5091] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5944] exit_group(0 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] close(4 [pid 5944] <... exit_group resumed>) = ? [pid 5094] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5091] <... close resumed>) = 0 [pid 5944] +++ exited with 0 +++ [pid 5091] rmdir("./68/file1" [pid 5094] umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5944, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5092] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] getdents64(3, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5092] lstat("./69/binderfs", [pid 5091] close(3 [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] unlink("./69/binderfs" [pid 5091] rmdir("./68" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./71/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... unlink resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... openat resumed>) = 4 [pid 5092] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 3 [pid 5094] fstat(4, [pid 5090] fstat(3, [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5094] getdents64(4, [pid 5090] getdents64(3, [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] getdents64(4, [pid 5090] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [ 185.331309][ T5953] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 185.361312][ T5953] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 185.372764][ T5953] REISERFS (device loop3): using ordered data mode [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] close(4 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] lstat("./69/binderfs", [pid 5094] <... close resumed>) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] rmdir("./71/file1" [pid 5090] unlink("./69/binderfs" [pid 5094] <... rmdir resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5094] getdents64(3, [pid 5090] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] mkdir("./69", 0777 [pid 5094] close(3) = 0 [pid 5094] rmdir("./71" [pid 5090] <... umount2 resumed>) = 0 [pid 5946] <... mount resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5094] mkdir("./72", 0777 [pid 5090] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5946] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5094] <... mkdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5946] <... openat resumed>) = 3 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5946] chdir("./file1" [pid 5094] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5946] <... chdir resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5090] lstat("./69/file1", [pid 5946] ioctl(4, LOOP_CLR_FD [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 185.378915][ T5946] REISERFS (device loop5): Using r5 hash to sort names [ 185.379453][ T5953] reiserfs: using flush barriers [ 185.394258][ T5953] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 185.394310][ T5946] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5946] <... ioctl resumed>) = 0 [pid 5094] close(3 [pid 5090] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5946] close(4 [pid 5094] <... close resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5955 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5946] <... close resumed>) = 0 [pid 5092] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] close(3 [pid 5090] <... openat resumed>) = 4 [pid 5946] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5090] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5946] <... openat resumed>) = 4 [pid 5092] lstat("./69/file1", [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] getdents64(4, [pid 5946] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5092] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, [pid 5946] <... mmap resumed>) = 0x20000000 [pid 5092] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5956 [pid 5090] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5946] ioctl(4, FS_IOC_GETVERSION [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] close(4 [pid 5946] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... close resumed>) = 0 [pid 5946] exit_group(0 [pid 5090] rmdir("./69/file1"./strace-static-x86_64: Process 5955 attached [pid 5946] <... exit_group resumed>) = ? [pid 5092] <... openat resumed>) = 4 [pid 5090] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./69" [pid 5946] +++ exited with 0 +++ [pid 5092] fstat(4, [pid 5090] <... rmdir resumed>) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5946, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] mkdir("./70", 0777 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5092] getdents64(4, [pid 5090] <... mkdir resumed>) = 0 [pid 5095] <... restart_syscall resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5090] <... openat resumed>) = 3 [pid 5092] getdents64(4, [pid 5090] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5956 attached [pid 5955] chdir("./72" [pid 5095] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5956] chdir("./69" [pid 5955] <... chdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] close(4 [pid 5090] close(3 [pid 5956] <... chdir resumed>) = 0 [pid 5955] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5956] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5955] <... prctl resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5092] rmdir("./69/file1" [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5956] <... prctl resumed>) = 0 [pid 5955] setpgid(0, 0 [pid 5095] fstat(3, [pid 5092] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5957 attached [pid 5956] setpgid(0, 0 [pid 5955] <... setpgid resumed>) = 0 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] getdents64(3, [pid 5090] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5957 [pid 5957] chdir("./70" [pid 5956] <... setpgid resumed>) = 0 [ 185.445556][ T5953] REISERFS (device loop3): checking transaction log (loop3) [pid 5955] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] getdents64(3, [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5957] <... chdir resumed>) = 0 [pid 5956] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5955] <... openat resumed>) = 3 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5956] <... openat resumed>) = 3 [pid 5955] write(3, "1000", 4 [pid 5095] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5956] write(3, "1000", 4 [pid 5955] <... write resumed>) = 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5956] <... write resumed>) = 4 [pid 5955] close(3 [pid 5095] lstat("./71/binderfs", [pid 5956] close(3 [pid 5955] <... close resumed>) = 0 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5956] <... close resumed>) = 0 [pid 5955] symlink("/dev/binderfs", "./binderfs" [pid 5095] unlink("./71/binderfs" [pid 5956] symlink("/dev/binderfs", "./binderfs" [pid 5955] <... symlink resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5956] <... symlink resumed>) = 0 [pid 5955] memfd_create("syzkaller", 0 [pid 5095] umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5956] memfd_create("syzkaller", 0 [pid 5955] <... memfd_create resumed>) = 3 [pid 5956] <... memfd_create resumed>) = 3 [pid 5955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5956] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5955] <... mmap resumed>) = 0x7f12a0a40000 [ 185.492637][ T5953] REISERFS (device loop3): Using r5 hash to sort names [ 185.499760][ T5953] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5957] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5956] <... mmap resumed>) = 0x7f12a0a40000 [pid 5953] <... mount resumed>) = 0 [pid 5092] close(3 [pid 5957] <... prctl resumed>) = 0 [pid 5953] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5092] <... close resumed>) = 0 [pid 5957] setpgid(0, 0 [pid 5953] <... openat resumed>) = 3 [pid 5092] rmdir("./69" [pid 5957] <... setpgid resumed>) = 0 [pid 5953] chdir("./file1" [pid 5092] <... rmdir resumed>) = 0 [pid 5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5953] <... chdir resumed>) = 0 [pid 5092] mkdir("./70", 0777 [pid 5957] <... openat resumed>) = 3 [pid 5953] ioctl(4, LOOP_CLR_FD [pid 5092] <... mkdir resumed>) = 0 [pid 5957] write(3, "1000", 4 [pid 5953] <... ioctl resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5957] <... write resumed>) = 4 [pid 5953] close(4) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5957] close(3 [pid 5953] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5957] <... close resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5953] <... openat resumed>) = 4 [pid 5957] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5953] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5957] <... symlink resumed>) = 0 [pid 5953] <... mmap resumed>) = 0x20000000 [pid 5957] memfd_create("syzkaller", 0 [pid 5953] ioctl(4, FS_IOC_GETVERSION [pid 5092] close(3 [pid 5957] <... memfd_create resumed>) = 3 [pid 5953] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5092] <... close resumed>) = 0 [pid 5957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5953] exit_group(0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5957] <... mmap resumed>) = 0x7f12a0a40000 [pid 5953] <... exit_group resumed>) = ? [pid 5092] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5958 [pid 5953] +++ exited with 0 +++ [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5953, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5093] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5093] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5093] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] unlink("./70/binderfs") = 0 [pid 5093] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5958 attached [pid 5958] chdir("./70" [pid 5956] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5958] <... chdir resumed>) = 0 [pid 5958] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5958] setpgid(0, 0) = 0 [pid 5958] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5958] write(3, "1000", 4) = 4 [pid 5958] close(3) = 0 [pid 5958] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5958] memfd_create("syzkaller", 0) = 3 [pid 5958] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./71/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./71/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5955] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./71/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./71") = 0 [pid 5095] mkdir("./72", 0777 [pid 5957] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5095] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5959 ./strace-static-x86_64: Process 5959 attached [pid 5959] chdir("./72") = 0 [pid 5959] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5959] setpgid(0, 0) = 0 [pid 5959] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5959] write(3, "1000", 4) = 4 [pid 5959] close(3) = 0 [pid 5959] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5959] memfd_create("syzkaller", 0) = 3 [pid 5959] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5958] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5093] <... umount2 resumed>) = 0 [pid 5093] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./70/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./70/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5956] <... write resumed>) = 4194304 [pid 5093] <... openat resumed>) = 4 [pid 5093] fstat(4, [pid 5956] munmap(0x7f12a0a40000, 4194304 [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, [pid 5956] <... munmap resumed>) = 0 [pid 5093] <... getdents64 resumed>0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5956] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] rmdir("./70/file1" [pid 5956] <... openat resumed>) = 4 [pid 5956] ioctl(4, LOOP_SET_FD, 3 [pid 5093] <... rmdir resumed>) = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./70") = 0 [pid 5093] mkdir("./71", 0777 [pid 5955] <... write resumed>) = 4194304 [pid 5093] <... mkdir resumed>) = 0 [pid 5955] munmap(0x7f12a0a40000, 4194304 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5957] <... write resumed>) = 4194304 [pid 5955] <... munmap resumed>) = 0 [pid 5957] munmap(0x7f12a0a40000, 4194304 [pid 5955] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5956] <... ioctl resumed>) = 0 [pid 5957] <... munmap resumed>) = 0 [pid 5955] <... openat resumed>) = 4 [pid 5093] close(3 [pid 5957] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5955] ioctl(4, LOOP_SET_FD, 3 [pid 5959] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5958] <... write resumed>) = 4194304 [pid 5956] close(3 [pid 5093] <... close resumed>) = 0 [pid 5957] <... openat resumed>) = 4 [pid 5958] munmap(0x7f12a0a40000, 4194304 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5957] ioctl(4, LOOP_SET_FD, 3 [pid 5955] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5960 attached [pid 5960] chdir("./71" [pid 5957] <... ioctl resumed>) = 0 [pid 5955] close(3 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5960 [pid 5955] <... close resumed>) = 0 [pid 5955] mkdir("./file1", 0777) = 0 [pid 5958] <... munmap resumed>) = 0 [pid 5957] close(3 [pid 5956] <... close resumed>) = 0 [pid 5955] mount("/dev/loop4", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5958] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5956] mkdir("./file1", 0777 [pid 5958] ioctl(4, LOOP_SET_FD, 3 [pid 5957] <... close resumed>) = 0 [pid 5960] <... chdir resumed>) = 0 [pid 5960] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 185.749567][ T5956] loop1: detected capacity change from 0 to 8192 [ 185.783904][ T5955] loop4: detected capacity change from 0 to 8192 [ 185.791817][ T5957] loop0: detected capacity change from 0 to 8192 [pid 5960] setpgid(0, 0) = 0 [pid 5960] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5960] write(3, "1000", 4) = 4 [pid 5960] close(3) = 0 [pid 5960] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5957] mkdir("./file1", 0777 [pid 5956] <... mkdir resumed>) = 0 [pid 5956] mount("/dev/loop1", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5957] <... mkdir resumed>) = 0 [pid 5960] memfd_create("syzkaller", 0 [pid 5957] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5960] <... memfd_create resumed>) = 3 [pid 5960] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [ 185.802429][ T5958] loop2: detected capacity change from 0 to 8192 [ 185.814550][ T5955] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 185.829255][ T5956] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5960] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5958] <... ioctl resumed>) = 0 [pid 5958] close(3) = 0 [pid 5958] mkdir("./file1", 0777) = 0 [pid 5958] mount("/dev/loop2", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5960] <... write resumed>) = 4194304 [pid 5960] munmap(0x7f12a0a40000, 4194304) = 0 [pid 5960] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5960] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5960] close(3) = 0 [pid 5960] mkdir("./file1", 0777) = 0 [ 185.842829][ T5957] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 185.867390][ T5955] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 185.867824][ T5958] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 185.890174][ T5955] REISERFS (device loop4): using ordered data mode [ 185.896617][ T5960] loop3: detected capacity change from 0 to 8192 [pid 5960] mount("/dev/loop3", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "" [pid 5959] <... write resumed>) = 4194304 [pid 5959] munmap(0x7f12a0a40000, 4194304) = 0 [ 185.906680][ T5956] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 185.909410][ T5957] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 185.919059][ T5956] REISERFS (device loop1): using ordered data mode [ 185.925165][ T5958] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 185.933573][ T5960] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5959] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 185.941453][ T5958] REISERFS (device loop2): using ordered data mode [ 185.954104][ T5960] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 185.962045][ T5959] loop5: detected capacity change from 0 to 8192 [ 185.970105][ T5960] REISERFS (device loop3): using ordered data mode [ 185.976326][ T5955] reiserfs: using flush barriers [ 185.982396][ T5960] reiserfs: using flush barriers [ 185.983217][ T5957] REISERFS (device loop0): using ordered data mode [ 185.998979][ T5960] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 186.015141][ T5957] reiserfs: using flush barriers [ 186.017693][ T5958] reiserfs: using flush barriers [ 186.020980][ T5957] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 186.031053][ T5955] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5959] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5959] close(3) = 0 [ 186.041426][ T5960] REISERFS (device loop3): checking transaction log (loop3) [ 186.058593][ T5958] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 186.064839][ T5957] REISERFS (device loop0): checking transaction log (loop0) [ 186.081978][ T5958] REISERFS (device loop2): checking transaction log (loop2) [ 186.096580][ T5956] reiserfs: using flush barriers [pid 5959] mkdir("./file1", 0777) = 0 [ 186.097528][ T5955] REISERFS (device loop4): checking transaction log (loop4) [ 186.115427][ T5956] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 186.134474][ T5959] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 186.140887][ T5956] REISERFS (device loop1): checking transaction log (loop1) [ 186.162143][ T5959] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 186.175651][ T5959] REISERFS (device loop5): using ordered data mode [ 186.189402][ T5959] reiserfs: using flush barriers [ 186.195603][ T5959] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 186.215358][ T5959] REISERFS (device loop5): checking transaction log (loop5) [pid 5959] mount("/dev/loop5", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5959] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 186.277452][ T5959] REISERFS (device loop5): Using r5 hash to sort names [ 186.283731][ T5955] REISERFS (device loop4): Using r5 hash to sort names [ 186.288144][ T5959] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 186.293685][ T5955] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 186.317937][ T5960] REISERFS (device loop3): Using r5 hash to sort names [pid 5959] chdir("./file1") = 0 [pid 5959] ioctl(4, LOOP_CLR_FD) = 0 [pid 5959] close(4 [pid 5955] <... mount resumed>) = 0 [pid 5955] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5955] chdir("./file1") = 0 [pid 5955] ioctl(4, LOOP_CLR_FD) = 0 [ 186.318912][ T5958] REISERFS (device loop2): Using r5 hash to sort names [ 186.328534][ T5957] REISERFS (device loop0): Using r5 hash to sort names [ 186.337708][ T5956] REISERFS (device loop1): Using r5 hash to sort names [ 186.339931][ T5960] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 186.346076][ T5958] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 186.355688][ T5957] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5955] close(4 [pid 5959] <... close resumed>) = 0 [pid 5959] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5959] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5955] <... close resumed>) = 0 [pid 5959] <... mmap resumed>) = 0x20000000 [pid 5955] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5959] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5959] exit_group(0 [pid 5956] <... mount resumed>) = 0 [pid 5959] <... exit_group resumed>) = ? [pid 5956] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5959] +++ exited with 0 +++ [pid 5956] <... openat resumed>) = 3 [pid 5958] <... mount resumed>) = 0 [pid 5956] chdir("./file1" [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5959, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5958] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5956] <... chdir resumed>) = 0 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5960] <... mount resumed>) = 0 [pid 5958] <... openat resumed>) = 3 [pid 5957] <... mount resumed>) = 0 [pid 5956] ioctl(4, LOOP_CLR_FD [pid 5095] <... restart_syscall resumed>) = 0 [pid 5960] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5958] chdir("./file1" [pid 5957] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5955] <... openat resumed>) = 4 [pid 5956] <... ioctl resumed>) = 0 [pid 5960] <... openat resumed>) = 3 [pid 5958] <... chdir resumed>) = 0 [pid 5955] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5958] ioctl(4, LOOP_CLR_FD [pid 5957] <... openat resumed>) = 3 [pid 5095] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5960] chdir("./file1" [pid 5958] <... ioctl resumed>) = 0 [pid 5957] chdir("./file1" [pid 5956] close(4 [pid 5955] <... mmap resumed>) = 0x20000000 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5960] <... chdir resumed>) = 0 [pid 5958] close(4 [pid 5957] <... chdir resumed>) = 0 [pid 5956] <... close resumed>) = 0 [pid 5955] ioctl(4, FS_IOC_GETVERSION [pid 5095] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5960] ioctl(4, LOOP_CLR_FD [pid 5958] <... close resumed>) = 0 [pid 5957] ioctl(4, LOOP_CLR_FD [pid 5956] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5955] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5095] <... openat resumed>) = 3 [pid 5960] <... ioctl resumed>) = 0 [pid 5958] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] fstat(3, [pid 5956] <... openat resumed>) = 4 [pid 5095] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(3, [pid 5960] close(4 [pid 5958] <... openat resumed>) = 4 [pid 5957] <... ioctl resumed>) = 0 [pid 5095] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5960] <... close resumed>) = 0 [pid 5958] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5957] close(4 [pid 5956] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5095] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5955] exit_group(0 [pid 5960] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5957] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./72/binderfs", [pid 5958] <... mmap resumed>) = 0x20000000 [pid 5095] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5960] <... openat resumed>) = 4 [pid 5957] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5095] unlink("./72/binderfs" [pid 5957] <... openat resumed>) = 4 [pid 5095] <... unlink resumed>) = 0 [ 186.373210][ T5956] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5095] umount2("./72/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5960] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5958] ioctl(4, FS_IOC_GETVERSION [pid 5957] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5956] <... mmap resumed>) = 0x20000000 [pid 5955] <... exit_group resumed>) = ? [pid 5960] <... mmap resumed>) = 0x20000000 [pid 5958] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5960] ioctl(4, FS_IOC_GETVERSION [pid 5958] exit_group(0 [pid 5957] <... mmap resumed>) = 0x20000000 [pid 5956] ioctl(4, FS_IOC_GETVERSION [pid 5955] +++ exited with 0 +++ [pid 5960] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5958] <... exit_group resumed>) = ? [pid 5956] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5960] exit_group(0 [pid 5958] +++ exited with 0 +++ [pid 5957] ioctl(4, FS_IOC_GETVERSION [pid 5956] exit_group(0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5955, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5960] <... exit_group resumed>) = ? [pid 5957] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5956] <... exit_group resumed>) = ? [pid 5094] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5960] +++ exited with 0 +++ [pid 5957] exit_group(0 [pid 5956] +++ exited with 0 +++ [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5958, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5957] <... exit_group resumed>) = ? [pid 5094] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5960, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5956, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5957] +++ exited with 0 +++ [pid 5092] <... restart_syscall resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5957, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5094] fstat(3, [pid 5093] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5094] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] getdents64(3, [pid 5093] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5093] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5092] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... openat resumed>) = 3 [pid 5094] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] fstat(3, [pid 5092] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5092] fstat(3, [pid 5091] fstat(3, [pid 5090] fstat(3, [pid 5094] lstat("./72/binderfs", [pid 5093] getdents64(3, [pid 5090] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5092] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(3, [pid 5090] getdents64(3, [pid 5094] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5094] unlink("./72/binderfs" [pid 5093] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, [pid 5091] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5090] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] <... unlink resumed>) = 0 [pid 5092] <... getdents64 resumed>0x555556fb3620 /* 4 entries */, 32768) = 112 [pid 5094] umount2("./72/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] lstat("./71/binderfs", [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] lstat("./70/binderfs", [pid 5091] lstat("./69/binderfs", [pid 5090] lstat("./70/binderfs", [pid 5093] unlink("./71/binderfs" [pid 5092] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5091] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5090] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5093] <... unlink resumed>) = 0 [pid 5092] unlink("./70/binderfs" [pid 5091] unlink("./69/binderfs" [pid 5090] unlink("./70/binderfs" [pid 5093] umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5092] <... unlink resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5092] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./72/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] lstat("./72/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] umount2("./72/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./72/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./72/file1") = 0 [pid 5095] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./72" [pid 5093] <... umount2 resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5095] mkdir("./73", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fb25d0) = 5967 [pid 5091] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5967 attached [pid 5967] chdir("./73") = 0 [pid 5967] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5967] setpgid(0, 0) = 0 [pid 5967] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5091] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] lstat("./69/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5967] write(3, "1000", 4) = 4 [pid 5967] close(3 [pid 5091] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5967] <... close resumed>) = 0 [pid 5967] symlink("/dev/binderfs", "./binderfs" [pid 5093] umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5093] lstat("./71/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5091] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5091] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5967] <... symlink resumed>) = 0 [pid 5091] close(4) = 0 [pid 5093] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] openat(AT_FDCWD, "./71/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5093] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] getdents64(4, 0x555556fbb660 /* 2 entries */, 32768) = 48 [pid 5093] getdents64(4, 0x555556fbb660 /* 0 entries */, 32768) = 0 [pid 5093] close(4) = 0 [pid 5093] rmdir("./71/file1") = 0 [pid 5093] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5093] close(3) = 0 [pid 5093] rmdir("./71") = 0 [pid 5091] rmdir("./69/file1" [pid 5093] mkdir("./72", 0777 [pid 5091] <... rmdir resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5967] memfd_create("syzkaller", 0) = 3 [pid 5093] ioctl(3, LOOP_CLR_FD [pid 5967] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000 [pid 5093] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5093] close(3) = 0 [pid 5093] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] getdents64(3, 0x555556fb3620 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5093] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5968 [pid 5091] rmdir("./69") = 0 [pid 5091] mkdir("./70", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5968 attached [pid 5968] chdir("./72") = 0 [pid 5968] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5968] setpgid(0, 0 [pid 5091] <... clone resumed>, child_tidptr=0x555556fb25d0) = 5969 [pid 5968] <... setpgid resumed>) = 0 [pid 5968] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 5969 attached [pid 5969] chdir("./70") = 0 [pid 5968] write(3, "1000", 4) = 4 [pid 5969] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5969] setpgid(0, 0 [pid 5968] close(3) = 0 [pid 5968] symlink("/dev/binderfs", "./binderfs" [pid 5969] <... setpgid resumed>) = 0 [pid 5968] <... symlink resumed>) = 0 [pid 5968] memfd_create("syzkaller", 0 [pid 5969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5968] <... memfd_create resumed>) = 3 [pid 5968] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5969] <... openat resumed>) = 3 [pid 5968] <... mmap resumed>) = 0x7f12a0a40000 [pid 5969] write(3, "1000", 4) = 4 [pid 5969] close(3) = 0 [pid 5969] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5969] memfd_create("syzkaller", 0) = 3 [pid 5969] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0a40000