./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor752449629 <...> Warning: Permanently added '10.128.1.211' (ECDSA) to the list of known hosts. execve("./syz-executor752449629", ["./syz-executor752449629"], 0x7ffe19b4cae0 /* 10 vars */) = 0 brk(NULL) = 0x55555745f000 brk(0x55555745fc40) = 0x55555745fc40 arch_prctl(ARCH_SET_FS, 0x55555745f300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x55555745f5d0) = 5074 set_robust_list(0x55555745f5e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f9999ecd4e0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f9999ecdbb0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f9999ecd580, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f9999ecdbb0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor752449629", 4096) = 27 brk(0x555557480c40) = 0x555557480c40 brk(0x555557481000) = 0x555557481000 mprotect(0x7f9999f90000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 5074 mkdir("./syzkaller.F4DahT", 0700) = 0 chmod("./syzkaller.F4DahT", 0777) = 0 chdir("./syzkaller.F4DahT") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5075 ./strace-static-x86_64: Process 5075 attached [pid 5075] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5075] chdir("./0") = 0 [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5075] setpgid(0, 0) = 0 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5075] write(3, "1000", 4) = 4 [pid 5075] close(3) = 0 [pid 5075] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5075] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5075] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5075] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5077], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5077 [pid 5075] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5075] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5077 attached [pid 5077] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5077] memfd_create("syzkaller", 0) = 3 [pid 5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5077] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5077] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5077] close(3) = 0 [pid 5077] mkdir("./file0", 0777) = 0 syzkaller login: [ 44.733287][ T5077] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5077 'syz-executor752' [ 44.771502][ T5077] loop0: detected capacity change from 0 to 8192 [ 44.781610][ T5077] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 44.794692][ T5077] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 44.804000][ T5077] REISERFS (device loop0): using ordered data mode [ 44.810503][ T5077] reiserfs: using flush barriers [ 44.816395][ T5077] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5077] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5077] chdir("./file0") = 0 [pid 5077] ioctl(4, LOOP_CLR_FD) = 0 [pid 5077] close(4) = 0 [pid 5077] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5077] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5075] <... futex resumed>) = 0 [pid 5075] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5077] <... futex resumed>) = 0 [pid 5075] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5077] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5077] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = 0 [pid 5075] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5075] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5077] <... futex resumed>) = 1 [pid 5077] ftruncate(4, 3608577) = 0 [pid 5077] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = 0 [pid 5075] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 44.833120][ T5077] REISERFS (device loop0): checking transaction log (loop0) [ 44.867316][ T5077] REISERFS (device loop0): Using r5 hash to sort names [ 44.874944][ T5077] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5075] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5075] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5075] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5079], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5079 [pid 5075] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5075] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5077] <... futex resumed>) = 1 [pid 5077] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000) = 5 [pid 5077] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5079 attached [pid 5079] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5079] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5079] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = 0 [pid 5075] exit_group(0) = ? [pid 5077] <... futex resumed>) = ? [pid 5077] +++ exited with 0 +++ [pid 5079] <... futex resumed>) = ? [pid 5079] +++ exited with 0 +++ [pid 5075] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./0/binderfs") = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5080 ./strace-static-x86_64: Process 5080 attached [pid 5080] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5080] chdir("./1") = 0 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5080] setpgid(0, 0) = 0 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] write(3, "1000", 4) = 4 [pid 5080] close(3) = 0 [pid 5080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5080] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5080] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5081], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5081 [pid 5080] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5081 attached [pid 5081] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5081] memfd_create("syzkaller", 0) = 3 [pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5081] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5081] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5081] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5081] close(3) = 0 [pid 5081] mkdir("./file0", 0777) = 0 [ 44.989574][ T5081] loop0: detected capacity change from 0 to 8192 [ 44.999689][ T5081] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 45.012731][ T5081] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 45.021916][ T5081] REISERFS (device loop0): using ordered data mode [ 45.028489][ T5081] reiserfs: using flush barriers [ 45.034013][ T5081] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.050635][ T5081] REISERFS (device loop0): checking transaction log (loop0) [pid 5081] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5081] chdir("./file0") = 0 [pid 5081] ioctl(4, LOOP_CLR_FD) = 0 [pid 5081] close(4) = 0 [pid 5081] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = 0 [pid 5080] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5081] <... futex resumed>) = 1 [pid 5081] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5081] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = 0 [pid 5080] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5081] <... futex resumed>) = 1 [pid 5081] ftruncate(4, 3608577) = 0 [pid 5081] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = 0 [pid 5080] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5080] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5080] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5083], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5083 [pid 5080] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5081] <... futex resumed>) = 1 [pid 5081] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000) = 5 [pid 5081] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5081] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5083 attached [pid 5083] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5083] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5083] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5080] <... futex resumed>) = 0 [pid 5080] exit_group(0) = ? [pid 5081] <... futex resumed>) = ? [pid 5081] +++ exited with 0 +++ [pid 5083] +++ exited with 0 +++ [pid 5080] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1/binderfs") = 0 [ 45.086419][ T5081] REISERFS (device loop0): Using r5 hash to sort names [ 45.093740][ T5081] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5084 attached , child_tidptr=0x55555745f5d0) = 5084 [pid 5084] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5084] chdir("./2") = 0 [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5084] setpgid(0, 0) = 0 [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5084] write(3, "1000", 4) = 4 [pid 5084] close(3) = 0 [pid 5084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5084] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5084] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5084] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5085], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5085 [pid 5084] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5084] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5085 attached [pid 5085] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5085] memfd_create("syzkaller", 0) = 3 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5085] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5085] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5085] close(3) = 0 [pid 5085] mkdir("./file0", 0777) = 0 [ 45.204755][ T5085] loop0: detected capacity change from 0 to 8192 [ 45.214132][ T5085] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 45.227172][ T5085] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 45.236400][ T5085] REISERFS (device loop0): using ordered data mode [ 45.242915][ T5085] reiserfs: using flush barriers [ 45.248478][ T5085] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.264852][ T5085] REISERFS (device loop0): checking transaction log (loop0) [pid 5085] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5085] chdir("./file0") = 0 [pid 5085] ioctl(4, LOOP_CLR_FD) = 0 [pid 5085] close(4) = 0 [pid 5085] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5085] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5084] <... futex resumed>) = 0 [pid 5084] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... futex resumed>) = 0 [pid 5084] <... futex resumed>) = 1 [pid 5085] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5084] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5085] <... open resumed>) = 4 [pid 5085] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5084] <... futex resumed>) = 0 [pid 5085] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5084] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5084] <... futex resumed>) = 0 [pid 5085] ftruncate(4, 3608577 [pid 5084] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5085] <... ftruncate resumed>) = 0 [pid 5085] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5084] <... futex resumed>) = 0 [pid 5084] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5084] <... futex resumed>) = 0 [pid 5085] <... openat resumed>) = 5 [pid 5084] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5084] <... mmap resumed>) = 0x7f9991e7b000 [pid 5084] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE [pid 5085] <... futex resumed>) = 0 [pid 5084] <... mprotect resumed>) = 0 [pid 5085] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5084] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5087], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5087 [pid 5084] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5084] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5087 attached [pid 5087] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5087] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5087] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5084] <... futex resumed>) = 0 [pid 5084] exit_group(0 [pid 5085] <... futex resumed>) = ? [pid 5084] <... exit_group resumed>) = ? [pid 5085] +++ exited with 0 +++ [pid 5087] +++ exited with 0 +++ [pid 5084] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./2/binderfs") = 0 [ 45.298844][ T5085] REISERFS (device loop0): Using r5 hash to sort names [ 45.305831][ T5085] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./2/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./2") = 0 mkdir("./3", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5088 ./strace-static-x86_64: Process 5088 attached [pid 5088] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5088] chdir("./3") = 0 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] setpgid(0, 0) = 0 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] write(3, "1000", 4) = 4 [pid 5088] close(3) = 0 [pid 5088] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5088] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5088] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5088] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5088] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5089], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5089 [pid 5088] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5088] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5089 attached [pid 5089] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5089] memfd_create("syzkaller", 0) = 3 [pid 5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5089] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5089] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5089] close(3) = 0 [pid 5089] mkdir("./file0", 0777) = 0 [ 45.416006][ T5089] loop0: detected capacity change from 0 to 8192 [ 45.425063][ T5089] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 45.438090][ T5089] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 45.447321][ T5089] REISERFS (device loop0): using ordered data mode [ 45.453860][ T5089] reiserfs: using flush barriers [ 45.459380][ T5089] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.475711][ T5089] REISERFS (device loop0): checking transaction log (loop0) [pid 5089] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5089] chdir("./file0") = 0 [pid 5089] ioctl(4, LOOP_CLR_FD) = 0 [pid 5089] close(4) = 0 [pid 5089] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5088] <... futex resumed>) = 0 [pid 5089] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5088] <... futex resumed>) = 0 [pid 5089] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5088] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5089] <... open resumed>) = 4 [pid 5089] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... futex resumed>) = 0 [pid 5089] <... futex resumed>) = 1 [pid 5088] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] ftruncate(4, 3608577 [pid 5088] <... futex resumed>) = 0 [pid 5088] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5089] <... ftruncate resumed>) = 0 [pid 5089] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5088] <... futex resumed>) = 0 [pid 5089] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5088] <... futex resumed>) = 0 [pid 5088] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5088] <... futex resumed>) = 0 [pid 5088] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... openat resumed>) = 5 [pid 5088] <... mmap resumed>) = 0x7f9991e7b000 [pid 5089] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE [pid 5089] <... futex resumed>) = 0 [pid 5089] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] <... mprotect resumed>) = 0 [pid 5088] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5091 attached [pid 5091] set_robust_list(0x7f9991e9b9e0, 24 [pid 5088] <... clone resumed>, parent_tid=[5091], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5091 [pid 5091] <... set_robust_list resumed>) = 0 [pid 5088] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5091] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5088] <... futex resumed>) = 0 [pid 5091] <... mknod resumed>) = 0 [pid 5088] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5091] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5088] <... futex resumed>) = 0 [pid 5091] futex(0x7f9999f967b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] exit_group(0 [pid 5091] <... futex resumed>) = ? [pid 5089] <... futex resumed>) = ? [pid 5088] <... exit_group resumed>) = ? [pid 5089] +++ exited with 0 +++ [pid 5091] +++ exited with 0 +++ [pid 5088] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./3/binderfs") = 0 [ 45.509249][ T5089] REISERFS (device loop0): Using r5 hash to sort names [ 45.516670][ T5089] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./3/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./3") = 0 mkdir("./4", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5092 ./strace-static-x86_64: Process 5092 attached [pid 5092] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5092] chdir("./4") = 0 [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5092] setpgid(0, 0) = 0 [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5092] write(3, "1000", 4) = 4 [pid 5092] close(3) = 0 [pid 5092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5092] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5092] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5092] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5092] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5093], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5093 [pid 5092] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5092] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5093 attached [pid 5093] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5093] memfd_create("syzkaller", 0) = 3 [pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5093] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5093] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5093] close(3) = 0 [pid 5093] mkdir("./file0", 0777) = 0 [ 45.625036][ T5093] loop0: detected capacity change from 0 to 8192 [ 45.634752][ T5093] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 45.647928][ T5093] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 45.657135][ T5093] REISERFS (device loop0): using ordered data mode [ 45.663668][ T5093] reiserfs: using flush barriers [ 45.669255][ T5093] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.685602][ T5093] REISERFS (device loop0): checking transaction log (loop0) [pid 5093] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5093] chdir("./file0") = 0 [pid 5093] ioctl(4, LOOP_CLR_FD) = 0 [pid 5093] close(4) = 0 [pid 5093] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5092] <... futex resumed>) = 0 [pid 5093] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5092] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5093] <... open resumed>) = 4 [pid 5092] <... futex resumed>) = 0 [pid 5092] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5093] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5092] <... futex resumed>) = 0 [pid 5093] ftruncate(4, 3608577 [pid 5092] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5092] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5093] <... ftruncate resumed>) = 0 [pid 5093] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5092] <... futex resumed>) = 0 [pid 5093] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5092] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5093] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5092] <... futex resumed>) = 0 [pid 5093] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5092] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5093] <... openat resumed>) = 5 [pid 5092] <... futex resumed>) = 0 [pid 5092] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5093] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5093] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5092] <... mmap resumed>) = 0x7f9991e7b000 [pid 5092] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5092] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5095 attached , parent_tid=[5095], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5095 [pid 5095] set_robust_list(0x7f9991e9b9e0, 24 [pid 5092] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5095] <... set_robust_list resumed>) = 0 [pid 5092] <... futex resumed>) = 0 [pid 5095] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5092] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5095] <... mknod resumed>) = 0 [pid 5095] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5092] <... futex resumed>) = 0 [pid 5095] <... futex resumed>) = 1 [pid 5092] exit_group(0 [pid 5093] <... futex resumed>) = ? [pid 5092] <... exit_group resumed>) = ? [pid 5095] +++ exited with 0 +++ [pid 5093] +++ exited with 0 +++ [pid 5092] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./4/binderfs") = 0 [ 45.719474][ T5093] REISERFS (device loop0): Using r5 hash to sort names [ 45.726489][ T5093] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./4/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./4") = 0 mkdir("./5", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5096 ./strace-static-x86_64: Process 5096 attached [pid 5096] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5096] chdir("./5") = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5096] setpgid(0, 0) = 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5096] write(3, "1000", 4) = 4 [pid 5096] close(3) = 0 [pid 5096] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5096] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5096] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5096] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5096] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5097], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5097 [pid 5096] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5096] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5097 attached [pid 5097] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5097] memfd_create("syzkaller", 0) = 3 [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5097] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5097] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5097] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5097] close(3) = 0 [pid 5097] mkdir("./file0", 0777) = 0 [ 45.837802][ T5097] loop0: detected capacity change from 0 to 8192 [ 45.846549][ T5097] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 45.859567][ T5097] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 45.868765][ T5097] REISERFS (device loop0): using ordered data mode [ 45.875286][ T5097] reiserfs: using flush barriers [ 45.880928][ T5097] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.897221][ T5097] REISERFS (device loop0): checking transaction log (loop0) [pid 5097] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5097] chdir("./file0") = 0 [pid 5097] ioctl(4, LOOP_CLR_FD) = 0 [pid 5097] close(4) = 0 [pid 5097] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5096] <... futex resumed>) = 0 [pid 5096] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5096] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5097] <... futex resumed>) = 0 [pid 5097] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5097] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5096] <... futex resumed>) = 0 [pid 5096] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5096] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5097] <... futex resumed>) = 1 [pid 5097] ftruncate(4, 3608577) = 0 [pid 5097] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5096] <... futex resumed>) = 0 [pid 5096] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5096] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5096] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5096] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5096] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5097] <... futex resumed>) = 1 [pid 5096] <... clone resumed>, parent_tid=[5099], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5099 ./strace-static-x86_64: Process 5099 attached [pid 5097] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5096] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5096] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5099] set_robust_list(0x7f9991e9b9e0, 24 [pid 5097] <... openat resumed>) = 5 [pid 5097] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5099] <... set_robust_list resumed>) = 0 [pid 5099] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5099] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5099] futex(0x7f9999f967b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5096] <... futex resumed>) = 0 [pid 5096] exit_group(0 [pid 5097] <... futex resumed>) = ? [pid 5096] <... exit_group resumed>) = ? [pid 5097] +++ exited with 0 +++ [pid 5099] <... futex resumed>) = ? [pid 5099] +++ exited with 0 +++ [pid 5096] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./5/binderfs") = 0 [ 45.931113][ T5097] REISERFS (device loop0): Using r5 hash to sort names [ 45.938697][ T5097] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./5/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./5") = 0 mkdir("./6", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5100 ./strace-static-x86_64: Process 5100 attached [pid 5100] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5100] chdir("./6") = 0 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5100] setpgid(0, 0) = 0 [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5100] write(3, "1000", 4) = 4 [pid 5100] close(3) = 0 [pid 5100] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5100] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5100] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5100] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5100] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5101 attached , parent_tid=[5101], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5101 [pid 5101] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5101] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5100] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5101] <... futex resumed>) = 0 [pid 5100] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5101] memfd_create("syzkaller", 0) = 3 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5101] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5101] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5101] close(3) = 0 [pid 5101] mkdir("./file0", 0777) = 0 [ 46.064120][ T5101] loop0: detected capacity change from 0 to 8192 [ 46.073492][ T5101] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.086479][ T5101] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.095700][ T5101] REISERFS (device loop0): using ordered data mode [ 46.102196][ T5101] reiserfs: using flush barriers [ 46.107809][ T5101] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.124036][ T5101] REISERFS (device loop0): checking transaction log (loop0) [pid 5101] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5101] chdir("./file0") = 0 [pid 5101] ioctl(4, LOOP_CLR_FD) = 0 [pid 5101] close(4) = 0 [pid 5101] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5101] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5100] <... futex resumed>) = 0 [pid 5100] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] <... futex resumed>) = 0 [pid 5100] <... futex resumed>) = 1 [pid 5101] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5100] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5101] <... open resumed>) = 4 [pid 5101] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5100] <... futex resumed>) = 0 [pid 5101] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5100] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5100] <... futex resumed>) = 0 [pid 5101] ftruncate(4, 3608577 [pid 5100] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5101] <... ftruncate resumed>) = 0 [pid 5101] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5100] <... futex resumed>) = 0 [pid 5101] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5100] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5100] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] <... openat resumed>) = 5 [pid 5100] <... futex resumed>) = 0 [pid 5100] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5101] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5101] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5100] <... mmap resumed>) = 0x7f9991e7b000 [pid 5100] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5100] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5103], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5103 [pid 5100] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5100] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5103 attached [pid 5103] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5103] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5103] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] <... futex resumed>) = 0 [pid 5100] exit_group(0) = ? [pid 5103] <... futex resumed>) = ? [pid 5103] +++ exited with 0 +++ [pid 5101] <... futex resumed>) = ? [pid 5101] +++ exited with 0 +++ [pid 5100] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./6/binderfs") = 0 [ 46.156933][ T5101] REISERFS (device loop0): Using r5 hash to sort names [ 46.163968][ T5101] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./6/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./6") = 0 mkdir("./7", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5104 ./strace-static-x86_64: Process 5104 attached [pid 5104] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5104] chdir("./7") = 0 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5104] setpgid(0, 0) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5104] write(3, "1000", 4) = 4 [pid 5104] close(3) = 0 [pid 5104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5104] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5104] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5104] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5105], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5105 [pid 5104] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5104] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5105 attached [pid 5105] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5105] memfd_create("syzkaller", 0) = 3 [pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5105] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5105] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5105] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5105] close(3) = 0 [pid 5105] mkdir("./file0", 0777) = 0 [ 46.277361][ T5105] loop0: detected capacity change from 0 to 8192 [ 46.287064][ T5105] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.300113][ T5105] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.309298][ T5105] REISERFS (device loop0): using ordered data mode [ 46.315826][ T5105] reiserfs: using flush barriers [ 46.321384][ T5105] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.337708][ T5105] REISERFS (device loop0): checking transaction log (loop0) [pid 5105] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5105] chdir("./file0") = 0 [pid 5105] ioctl(4, LOOP_CLR_FD) = 0 [pid 5105] close(4) = 0 [pid 5105] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] <... futex resumed>) = 0 [pid 5104] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5104] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5105] <... futex resumed>) = 1 [pid 5105] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5105] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] <... futex resumed>) = 0 [pid 5104] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5105] <... futex resumed>) = 1 [pid 5104] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5105] ftruncate(4, 3608577) = 0 [pid 5105] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] <... futex resumed>) = 0 [pid 5105] <... futex resumed>) = 1 [pid 5104] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5105] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5104] <... futex resumed>) = 0 [pid 5105] <... openat resumed>) = 5 [pid 5104] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5105] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] <... futex resumed>) = 0 [pid 5105] <... futex resumed>) = 0 [pid 5104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5105] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5104] <... mmap resumed>) = 0x7f9991e7b000 [pid 5104] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5104] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5107], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5107 [pid 5104] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5104] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5107 attached [pid 5107] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5107] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5107] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] <... futex resumed>) = 0 [pid 5104] exit_group(0 [pid 5105] <... futex resumed>) = ? [pid 5104] <... exit_group resumed>) = ? [pid 5105] +++ exited with 0 +++ [pid 5107] <... futex resumed>) = ? [pid 5107] +++ exited with 0 +++ [pid 5104] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./7/binderfs") = 0 [ 46.371721][ T5105] REISERFS (device loop0): Using r5 hash to sort names [ 46.378885][ T5105] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./7/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./7") = 0 mkdir("./8", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5108 ./strace-static-x86_64: Process 5108 attached [pid 5108] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5108] chdir("./8") = 0 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5108] setpgid(0, 0) = 0 [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5108] write(3, "1000", 4) = 4 [pid 5108] close(3) = 0 [pid 5108] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5108] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5108] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5108] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5108] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5109], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5109 [pid 5108] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5108] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5109 attached [pid 5109] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5109] memfd_create("syzkaller", 0) = 3 [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5109] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5109] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5109] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5109] close(3) = 0 [pid 5109] mkdir("./file0", 0777) = 0 [ 46.483518][ T5109] loop0: detected capacity change from 0 to 8192 [ 46.493814][ T5109] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.506805][ T5109] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.515988][ T5109] REISERFS (device loop0): using ordered data mode [ 46.522494][ T5109] reiserfs: using flush barriers [ 46.528254][ T5109] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.544479][ T5109] REISERFS (device loop0): checking transaction log (loop0) [pid 5109] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5109] chdir("./file0") = 0 [pid 5109] ioctl(4, LOOP_CLR_FD) = 0 [pid 5109] close(4) = 0 [pid 5109] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5109] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5108] <... futex resumed>) = 0 [pid 5108] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5109] <... futex resumed>) = 0 [pid 5108] <... futex resumed>) = 1 [pid 5109] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5108] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5109] <... open resumed>) = 4 [pid 5109] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5108] <... futex resumed>) = 0 [pid 5109] ftruncate(4, 3608577 [pid 5108] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5108] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5109] <... ftruncate resumed>) = 0 [pid 5109] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5109] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5108] <... futex resumed>) = 0 [pid 5108] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5109] <... futex resumed>) = 0 [pid 5108] <... futex resumed>) = 1 [pid 5109] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5108] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] <... openat resumed>) = 5 [pid 5108] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5109] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5108] <... mmap resumed>) = 0x7f9991e7b000 [pid 5109] <... futex resumed>) = 0 [pid 5108] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE [pid 5109] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5108] <... mprotect resumed>) = 0 [pid 5108] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5111 attached , parent_tid=[5111], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5111 [pid 5108] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5108] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5111] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5111] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5111] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5108] <... futex resumed>) = 0 [pid 5111] futex(0x7f9999f967b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5108] exit_group(0 [pid 5111] <... futex resumed>) = ? [pid 5108] <... exit_group resumed>) = ? [pid 5111] +++ exited with 0 +++ [pid 5109] <... futex resumed>) = ? [pid 5109] +++ exited with 0 +++ [pid 5108] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./8/binderfs") = 0 [ 46.577919][ T5109] REISERFS (device loop0): Using r5 hash to sort names [ 46.584894][ T5109] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./8/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./8") = 0 mkdir("./9", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5112 ./strace-static-x86_64: Process 5112 attached [pid 5112] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5112] chdir("./9") = 0 [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5112] setpgid(0, 0) = 0 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5112] write(3, "1000", 4) = 4 [pid 5112] close(3) = 0 [pid 5112] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5112] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5112] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5112] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5112] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5113], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5113 [pid 5112] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5112] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5113 attached [pid 5113] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5113] memfd_create("syzkaller", 0) = 3 [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5113] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5113] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5113] close(3) = 0 [pid 5113] mkdir("./file0", 0777) = 0 [ 46.704311][ T5113] loop0: detected capacity change from 0 to 8192 [ 46.714080][ T5113] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.727057][ T5113] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.736275][ T5113] REISERFS (device loop0): using ordered data mode [ 46.742779][ T5113] reiserfs: using flush barriers [ 46.748598][ T5113] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.764901][ T5113] REISERFS (device loop0): checking transaction log (loop0) [pid 5113] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5113] chdir("./file0") = 0 [pid 5113] ioctl(4, LOOP_CLR_FD) = 0 [pid 5113] close(4) = 0 [pid 5113] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5112] <... futex resumed>) = 0 [pid 5113] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5112] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5113] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5112] <... futex resumed>) = 0 [pid 5113] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5112] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5113] <... open resumed>) = 4 [pid 5113] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5113] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5112] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5112] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5112] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5113] <... futex resumed>) = 0 [pid 5113] ftruncate(4, 3608577) = 0 [pid 5113] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5112] <... futex resumed>) = 0 [pid 5113] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5112] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5113] <... openat resumed>) = 5 [pid 5112] <... futex resumed>) = 0 [pid 5113] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5112] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5113] <... futex resumed>) = 0 [pid 5112] <... futex resumed>) = 0 [pid 5113] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5112] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5112] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5112] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5115], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5115 [pid 5112] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5112] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5115 attached [pid 5115] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5115] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5115] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5112] <... futex resumed>) = 0 [pid 5112] exit_group(0 [pid 5113] <... futex resumed>) = ? [pid 5112] <... exit_group resumed>) = ? [pid 5113] +++ exited with 0 +++ [pid 5115] <... futex resumed>) = ? [pid 5115] +++ exited with 0 +++ [pid 5112] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./9/binderfs") = 0 [ 46.798854][ T5113] REISERFS (device loop0): Using r5 hash to sort names [ 46.805999][ T5113] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./9/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./9") = 0 mkdir("./10", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5116 ./strace-static-x86_64: Process 5116 attached [pid 5116] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5116] chdir("./10") = 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5116] setpgid(0, 0) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5116] write(3, "1000", 4) = 4 [pid 5116] close(3) = 0 [pid 5116] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5116] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5116] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5116] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5116] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5117], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5117 [pid 5116] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5117 attached ) = 0 [pid 5117] set_robust_list(0x7f9999ebc9e0, 24 [pid 5116] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5117] <... set_robust_list resumed>) = 0 [pid 5117] memfd_create("syzkaller", 0) = 3 [pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5117] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5117] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5117] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5117] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5117] close(3) = 0 [pid 5117] mkdir("./file0", 0777) = 0 [ 46.922028][ T5117] loop0: detected capacity change from 0 to 8192 [ 46.932277][ T5117] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.945590][ T5117] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.954887][ T5117] REISERFS (device loop0): using ordered data mode [ 46.961407][ T5117] reiserfs: using flush barriers [ 46.967123][ T5117] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.983575][ T5117] REISERFS (device loop0): checking transaction log (loop0) [pid 5117] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5117] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5117] chdir("./file0") = 0 [pid 5117] ioctl(4, LOOP_CLR_FD) = 0 [pid 5117] close(4) = 0 [pid 5117] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5117] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5116] <... futex resumed>) = 0 [pid 5116] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5116] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] <... futex resumed>) = 0 [pid 5117] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5117] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5116] <... futex resumed>) = 0 [pid 5116] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5116] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] <... futex resumed>) = 1 [pid 5117] ftruncate(4, 3608577) = 0 [pid 5117] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5116] <... futex resumed>) = 0 [pid 5116] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5116] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5116] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5116] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5116] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5119], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5119 [pid 5116] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5116] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] <... futex resumed>) = 1 [pid 5117] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000./strace-static-x86_64: Process 5119 attached [pid 5119] set_robust_list(0x7f9991e9b9e0, 24 [pid 5117] <... openat resumed>) = 5 [pid 5119] <... set_robust_list resumed>) = 0 [pid 5117] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5119] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5117] <... futex resumed>) = 0 [pid 5117] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5119] <... mknod resumed>) = 0 [pid 5119] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5116] <... futex resumed>) = 0 [pid 5116] exit_group(0) = ? [pid 5117] <... futex resumed>) = ? [pid 5117] +++ exited with 0 +++ [pid 5119] +++ exited with 0 +++ [pid 5116] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./10/binderfs") = 0 [ 47.018596][ T5117] REISERFS (device loop0): Using r5 hash to sort names [ 47.025815][ T5117] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./10/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./10") = 0 mkdir("./11", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5120 ./strace-static-x86_64: Process 5120 attached [pid 5120] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5120] chdir("./11") = 0 [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5120] setpgid(0, 0) = 0 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5120] write(3, "1000", 4) = 4 [pid 5120] close(3) = 0 [pid 5120] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5120] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5120] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5120] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5120] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5121], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5121 [pid 5120] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5120] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5121 attached [pid 5121] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5121] memfd_create("syzkaller", 0) = 3 [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5121] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5121] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5121] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5121] close(3) = 0 [pid 5121] mkdir("./file0", 0777) = 0 [ 47.130786][ T5121] loop0: detected capacity change from 0 to 8192 [ 47.140556][ T5121] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 47.153644][ T5121] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 47.162897][ T5121] REISERFS (device loop0): using ordered data mode [ 47.169512][ T5121] reiserfs: using flush barriers [ 47.175188][ T5121] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 47.191607][ T5121] REISERFS (device loop0): checking transaction log (loop0) [pid 5121] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5121] chdir("./file0") = 0 [pid 5121] ioctl(4, LOOP_CLR_FD) = 0 [pid 5121] close(4) = 0 [pid 5121] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5120] <... futex resumed>) = 0 [pid 5120] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5120] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5121] <... futex resumed>) = 1 [pid 5121] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5121] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5120] <... futex resumed>) = 0 [pid 5120] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5120] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5121] <... futex resumed>) = 1 [pid 5121] ftruncate(4, 3608577) = 0 [pid 5121] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5120] <... futex resumed>) = 0 [pid 5120] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5120] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5120] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5120] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5120] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5123], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5123 [pid 5120] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5120] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5121] <... futex resumed>) = 1 [pid 5121] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000) = 5 [pid 5121] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5121] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5123 attached [pid 5123] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5123] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5123] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5120] <... futex resumed>) = 0 [pid 5120] exit_group(0) = ? [pid 5121] <... futex resumed>) = ? [pid 5123] +++ exited with 0 +++ [pid 5121] +++ exited with 0 +++ [pid 5120] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./11/binderfs") = 0 [ 47.227119][ T5121] REISERFS (device loop0): Using r5 hash to sort names [ 47.234148][ T5121] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./11/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./11") = 0 mkdir("./12", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5124 ./strace-static-x86_64: Process 5124 attached [pid 5124] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5124] chdir("./12") = 0 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5124] setpgid(0, 0) = 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5124] write(3, "1000", 4) = 4 [pid 5124] close(3) = 0 [pid 5124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5124] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5124] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5124] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5125], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5125 [pid 5124] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5124] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5125 attached [pid 5125] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5125] memfd_create("syzkaller", 0) = 3 [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5125] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5125] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5125] close(3) = 0 [pid 5125] mkdir("./file0", 0777) = 0 [ 47.340068][ T5125] loop0: detected capacity change from 0 to 8192 [ 47.348936][ T5125] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 47.362002][ T5125] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 47.371272][ T5125] REISERFS (device loop0): using ordered data mode [ 47.377801][ T5125] reiserfs: using flush barriers [ 47.383406][ T5125] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 47.399974][ T5125] REISERFS (device loop0): checking transaction log (loop0) [pid 5125] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5125] chdir("./file0") = 0 [pid 5125] ioctl(4, LOOP_CLR_FD) = 0 [pid 5125] close(4) = 0 [pid 5125] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5124] <... futex resumed>) = 0 [pid 5125] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5124] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5125] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5124] <... futex resumed>) = 0 [pid 5125] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5124] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5125] <... open resumed>) = 4 [pid 5125] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5124] <... futex resumed>) = 0 [pid 5125] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5124] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5125] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5124] <... futex resumed>) = 0 [pid 5125] ftruncate(4, 3608577 [pid 5124] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5125] <... ftruncate resumed>) = 0 [pid 5125] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5124] <... futex resumed>) = 0 [pid 5125] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5124] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5125] <... openat resumed>) = 5 [pid 5124] <... futex resumed>) = 0 [pid 5125] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5125] <... futex resumed>) = 0 [pid 5124] <... futex resumed>) = 0 [pid 5125] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5124] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5124] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5127], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5127 [pid 5124] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5124] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5127 attached [pid 5127] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5127] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5127] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] <... futex resumed>) = 0 [pid 5124] exit_group(0 [pid 5125] <... futex resumed>) = ? [pid 5124] <... exit_group resumed>) = ? [pid 5127] <... futex resumed>) = ? [pid 5125] +++ exited with 0 +++ [pid 5127] +++ exited with 0 +++ [pid 5124] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./12/binderfs") = 0 [ 47.433930][ T5125] REISERFS (device loop0): Using r5 hash to sort names [ 47.440921][ T5125] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./12/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./12") = 0 mkdir("./13", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5128 attached , child_tidptr=0x55555745f5d0) = 5128 [pid 5128] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5128] chdir("./13") = 0 [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5128] setpgid(0, 0) = 0 [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5128] write(3, "1000", 4) = 4 [pid 5128] close(3) = 0 [pid 5128] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5128] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5128] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5128] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5128] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5129 attached , parent_tid=[5129], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5129 [pid 5129] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5129] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5128] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5129] <... futex resumed>) = 0 [pid 5129] memfd_create("syzkaller", 0 [pid 5128] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5129] <... memfd_create resumed>) = 3 [pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5129] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5129] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5129] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5129] close(3) = 0 [pid 5129] mkdir("./file0", 0777) = 0 [ 47.565377][ T5129] loop0: detected capacity change from 0 to 8192 [ 47.574602][ T5129] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 47.587616][ T5129] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 47.597044][ T5129] REISERFS (device loop0): using ordered data mode [ 47.603598][ T5129] reiserfs: using flush barriers [ 47.609123][ T5129] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 47.625513][ T5129] REISERFS (device loop0): checking transaction log (loop0) [pid 5129] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5129] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5129] chdir("./file0") = 0 [pid 5129] ioctl(4, LOOP_CLR_FD) = 0 [pid 5129] close(4) = 0 [pid 5129] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5129] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5128] <... futex resumed>) = 0 [pid 5128] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5128] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] <... futex resumed>) = 0 [pid 5129] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5129] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5128] <... futex resumed>) = 0 [pid 5129] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5128] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5128] <... futex resumed>) = 0 [pid 5129] ftruncate(4, 3608577 [pid 5128] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] <... ftruncate resumed>) = 0 [pid 5129] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5128] <... futex resumed>) = 0 [pid 5129] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5128] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... openat resumed>) = 5 [pid 5128] <... futex resumed>) = 0 [pid 5129] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... futex resumed>) = 0 [pid 5128] <... futex resumed>) = 0 [pid 5129] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5128] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5128] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5128] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5131], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5131 [pid 5128] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5128] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5131 attached [pid 5131] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5131] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5131] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] <... futex resumed>) = 0 [pid 5128] exit_group(0 [pid 5129] <... futex resumed>) = ? [pid 5128] <... exit_group resumed>) = ? [pid 5129] +++ exited with 0 +++ [pid 5131] <... futex resumed>) = ? [pid 5131] +++ exited with 0 +++ [pid 5128] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./13/binderfs") = 0 [ 47.659655][ T5129] REISERFS (device loop0): Using r5 hash to sort names [ 47.666658][ T5129] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./13/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./13") = 0 mkdir("./14", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5132 ./strace-static-x86_64: Process 5132 attached [pid 5132] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5132] chdir("./14") = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5132] write(3, "1000", 4) = 4 [pid 5132] close(3) = 0 [pid 5132] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5132] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5132] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5132] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5133], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5133 ./strace-static-x86_64: Process 5133 attached [pid 5133] set_robust_list(0x7f9999ebc9e0, 24 [pid 5132] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5133] <... set_robust_list resumed>) = 0 [pid 5132] <... futex resumed>) = 0 [pid 5132] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5133] memfd_create("syzkaller", 0) = 3 [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5133] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5133] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5133] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5133] close(3) = 0 [pid 5133] mkdir("./file0", 0777) = 0 [ 47.773865][ T5133] loop0: detected capacity change from 0 to 8192 [ 47.782891][ T5133] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 47.796192][ T5133] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 47.805624][ T5133] REISERFS (device loop0): using ordered data mode [ 47.812136][ T5133] reiserfs: using flush barriers [ 47.818028][ T5133] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 47.834342][ T5133] REISERFS (device loop0): checking transaction log (loop0) [pid 5133] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5133] chdir("./file0") = 0 [pid 5133] ioctl(4, LOOP_CLR_FD) = 0 [pid 5133] close(4) = 0 [pid 5133] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5133] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5132] <... futex resumed>) = 0 [pid 5132] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5133] <... futex resumed>) = 0 [pid 5132] <... futex resumed>) = 1 [pid 5133] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5132] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5133] <... open resumed>) = 4 [pid 5133] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5132] <... futex resumed>) = 0 [pid 5133] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5132] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5133] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5133] ftruncate(4, 3608577) = 0 [pid 5133] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5132] <... futex resumed>) = 0 [pid 5133] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5132] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5133] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5132] <... futex resumed>) = 0 [pid 5133] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5132] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5133] <... openat resumed>) = 5 [pid 5132] <... futex resumed>) = 0 [pid 5133] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5132] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5133] <... futex resumed>) = 0 [pid 5132] <... mmap resumed>) = 0x7f9991e7b000 [pid 5133] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5132] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5132] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5135], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5135 [pid 5132] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5135 attached ) = 0 [pid 5135] set_robust_list(0x7f9991e9b9e0, 24 [pid 5132] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5135] <... set_robust_list resumed>) = 0 [pid 5135] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5135] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5132] <... futex resumed>) = 0 [pid 5132] exit_group(0 [pid 5133] <... futex resumed>) = ? [pid 5132] <... exit_group resumed>) = ? [pid 5133] +++ exited with 0 +++ [pid 5135] +++ exited with 0 +++ [pid 5132] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./14/binderfs") = 0 [ 47.867917][ T5133] REISERFS (device loop0): Using r5 hash to sort names [ 47.875070][ T5133] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./14/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./14") = 0 mkdir("./15", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5136 ./strace-static-x86_64: Process 5136 attached [pid 5136] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5136] chdir("./15") = 0 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [pid 5136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5136] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5136] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5136] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5137], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5137 ./strace-static-x86_64: Process 5137 attached [pid 5136] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5137] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5137] memfd_create("syzkaller", 0) = 3 [pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5137] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5137] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5137] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5137] close(3) = 0 [pid 5137] mkdir("./file0", 0777) = 0 [ 47.984476][ T5137] loop0: detected capacity change from 0 to 8192 [ 47.994148][ T5137] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.007193][ T5137] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.016454][ T5137] REISERFS (device loop0): using ordered data mode [ 48.022955][ T5137] reiserfs: using flush barriers [ 48.028610][ T5137] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 48.044874][ T5137] REISERFS (device loop0): checking transaction log (loop0) [pid 5137] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5137] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5137] chdir("./file0") = 0 [pid 5137] ioctl(4, LOOP_CLR_FD) = 0 [pid 5137] close(4) = 0 [pid 5137] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5136] <... futex resumed>) = 0 [pid 5137] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5136] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] <... open resumed>) = 4 [pid 5136] <... futex resumed>) = 0 [pid 5136] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5136] <... futex resumed>) = 0 [pid 5137] ftruncate(4, 3608577 [pid 5136] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] <... ftruncate resumed>) = 0 [pid 5136] <... futex resumed>) = 0 [pid 5137] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] <... futex resumed>) = 0 [pid 5136] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5137] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5136] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] <... openat resumed>) = 5 [pid 5136] <... futex resumed>) = 0 [pid 5137] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] <... futex resumed>) = 0 [pid 5136] <... futex resumed>) = 0 [pid 5137] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5136] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5136] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5136] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5139], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5139 [pid 5136] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5139 attached [pid 5139] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5139] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5139] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5136] <... futex resumed>) = 0 [pid 5139] futex(0x7f9999f967b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5136] exit_group(0 [pid 5139] <... futex resumed>) = ? [pid 5136] <... exit_group resumed>) = ? [pid 5139] +++ exited with 0 +++ [pid 5137] <... futex resumed>) = ? [pid 5137] +++ exited with 0 +++ [pid 5136] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./15/binderfs") = 0 [ 48.079318][ T5137] REISERFS (device loop0): Using r5 hash to sort names [ 48.086333][ T5137] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./15/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./15") = 0 mkdir("./16", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5140 ./strace-static-x86_64: Process 5140 attached [pid 5140] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5140] chdir("./16") = 0 [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5140] setpgid(0, 0) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5140] write(3, "1000", 4) = 4 [pid 5140] close(3) = 0 [pid 5140] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5140] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5140] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5140] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5141 attached , parent_tid=[5141], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5141 [pid 5141] set_robust_list(0x7f9999ebc9e0, 24 [pid 5140] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5141] <... set_robust_list resumed>) = 0 [pid 5140] <... futex resumed>) = 0 [pid 5141] memfd_create("syzkaller", 0 [pid 5140] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5141] <... memfd_create resumed>) = 3 [pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5141] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5141] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5141] close(3) = 0 [pid 5141] mkdir("./file0", 0777) = 0 [ 48.195927][ T5141] loop0: detected capacity change from 0 to 8192 [ 48.205496][ T5141] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.218456][ T5141] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.227642][ T5141] REISERFS (device loop0): using ordered data mode [ 48.234161][ T5141] reiserfs: using flush barriers [ 48.239730][ T5141] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 48.256049][ T5141] REISERFS (device loop0): checking transaction log (loop0) [pid 5141] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5141] chdir("./file0") = 0 [pid 5141] ioctl(4, LOOP_CLR_FD) = 0 [pid 5141] close(4) = 0 [pid 5141] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5140] <... futex resumed>) = 0 [pid 5141] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5140] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5140] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5141] <... open resumed>) = 4 [pid 5141] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5140] <... futex resumed>) = 0 [pid 5141] ftruncate(4, 3608577 [pid 5140] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5140] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5141] <... ftruncate resumed>) = 0 [pid 5141] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5140] <... futex resumed>) = 0 [pid 5141] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5140] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5141] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5140] <... futex resumed>) = 0 [pid 5141] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5140] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5141] <... openat resumed>) = 5 [pid 5140] <... futex resumed>) = 0 [pid 5141] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5141] <... futex resumed>) = 0 [pid 5141] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5140] <... mmap resumed>) = 0x7f9991e7b000 [pid 5140] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5140] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5143], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5143 [pid 5140] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5140] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5143 attached [pid 5143] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5143] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5143] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5140] <... futex resumed>) = 0 [pid 5140] exit_group(0) = ? [pid 5141] <... futex resumed>) = ? [pid 5143] <... futex resumed>) = ? [pid 5141] +++ exited with 0 +++ [pid 5143] +++ exited with 0 +++ [pid 5140] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./16/binderfs") = 0 [ 48.290317][ T5141] REISERFS (device loop0): Using r5 hash to sort names [ 48.297490][ T5141] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./16/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./16") = 0 mkdir("./17", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5144 ./strace-static-x86_64: Process 5144 attached [pid 5144] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5144] chdir("./17") = 0 [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5144] setpgid(0, 0) = 0 [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5144] write(3, "1000", 4) = 4 [pid 5144] close(3) = 0 [pid 5144] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5144] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5144] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5144] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5144] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5145], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5145 [pid 5144] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5144] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5145 attached [pid 5145] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5145] memfd_create("syzkaller", 0) = 3 [pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5145] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5145] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5145] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5145] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5145] close(3) = 0 [pid 5145] mkdir("./file0", 0777) = 0 [ 48.414452][ T5145] loop0: detected capacity change from 0 to 8192 [ 48.423658][ T5145] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.436719][ T5145] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.445914][ T5145] REISERFS (device loop0): using ordered data mode [ 48.452413][ T5145] reiserfs: using flush barriers [ 48.458231][ T5145] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 48.474481][ T5145] REISERFS (device loop0): checking transaction log (loop0) [pid 5145] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5145] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5145] chdir("./file0") = 0 [pid 5145] ioctl(4, LOOP_CLR_FD) = 0 [pid 5145] close(4) = 0 [pid 5145] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5144] <... futex resumed>) = 0 [pid 5145] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5144] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5145] <... open resumed>) = 4 [pid 5144] <... futex resumed>) = 0 [pid 5144] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5145] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5144] <... futex resumed>) = 0 [pid 5144] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5145] <... futex resumed>) = 1 [pid 5144] <... futex resumed>) = 0 [pid 5145] ftruncate(4, 3608577 [pid 5144] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5145] <... ftruncate resumed>) = 0 [pid 5145] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5144] <... futex resumed>) = 0 [pid 5144] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5145] <... futex resumed>) = 1 [pid 5144] <... futex resumed>) = 0 [pid 5145] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5144] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5145] <... openat resumed>) = 5 [pid 5144] <... futex resumed>) = 0 [pid 5145] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5144] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5145] <... futex resumed>) = 0 [pid 5144] <... mmap resumed>) = 0x7f9991e7b000 [pid 5145] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5144] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5144] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5147], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5147 [pid 5144] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5144] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5147 attached [pid 5147] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5147] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5147] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5144] <... futex resumed>) = 0 [pid 5144] exit_group(0 [pid 5145] <... futex resumed>) = ? [pid 5144] <... exit_group resumed>) = ? [pid 5145] +++ exited with 0 +++ [pid 5147] +++ exited with 0 +++ [pid 5144] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./17/binderfs") = 0 [ 48.507258][ T5145] REISERFS (device loop0): Using r5 hash to sort names [ 48.514414][ T5145] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./17/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./17") = 0 mkdir("./18", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5148 ./strace-static-x86_64: Process 5148 attached [pid 5148] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5148] chdir("./18") = 0 [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5148] setpgid(0, 0) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5148] write(3, "1000", 4) = 4 [pid 5148] close(3) = 0 [pid 5148] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5148] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5148] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5148] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5149], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5149 [pid 5148] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5148] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5149 attached [pid 5149] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5149] memfd_create("syzkaller", 0) = 3 [pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5149] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5149] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5149] close(3) = 0 [pid 5149] mkdir("./file0", 0777) = 0 [ 48.621430][ T5149] loop0: detected capacity change from 0 to 8192 [ 48.630769][ T5149] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.643822][ T5149] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.652973][ T5149] REISERFS (device loop0): using ordered data mode [ 48.659548][ T5149] reiserfs: using flush barriers [ 48.665076][ T5149] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 48.681419][ T5149] REISERFS (device loop0): checking transaction log (loop0) [pid 5149] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5149] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5149] chdir("./file0") = 0 [pid 5149] ioctl(4, LOOP_CLR_FD) = 0 [pid 5149] close(4) = 0 [pid 5149] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5149] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5148] <... futex resumed>) = 0 [pid 5148] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5148] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5149] <... futex resumed>) = 0 [pid 5149] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5149] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5149] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5148] <... futex resumed>) = 0 [pid 5148] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5149] <... futex resumed>) = 0 [pid 5148] <... futex resumed>) = 1 [pid 5149] ftruncate(4, 3608577 [pid 5148] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5149] <... ftruncate resumed>) = 0 [pid 5149] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5148] <... futex resumed>) = 0 [pid 5149] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5148] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5149] <... openat resumed>) = 5 [pid 5148] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5149] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5149] <... futex resumed>) = 0 [pid 5149] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5148] <... mmap resumed>) = 0x7f9991e7b000 [pid 5148] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5148] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5151 attached , parent_tid=[5151], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5151 [pid 5148] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5148] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5151] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5151] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5151] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5148] <... futex resumed>) = 0 [pid 5148] exit_group(0 [pid 5149] <... futex resumed>) = ? [pid 5148] <... exit_group resumed>) = ? [pid 5149] +++ exited with 0 +++ [pid 5151] +++ exited with 0 +++ [pid 5148] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./18/binderfs") = 0 [ 48.716151][ T5149] REISERFS (device loop0): Using r5 hash to sort names [ 48.723248][ T5149] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./18/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./18") = 0 mkdir("./19", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5152 ./strace-static-x86_64: Process 5152 attached [pid 5152] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5152] chdir("./19") = 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5152] setpgid(0, 0) = 0 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5152] write(3, "1000", 4) = 4 [pid 5152] close(3) = 0 [pid 5152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5152] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5152] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5152] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5152] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5153], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5153 [pid 5152] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5152] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5153 attached [pid 5153] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5153] memfd_create("syzkaller", 0) = 3 [pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5153] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5153] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5153] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5153] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5153] close(3) = 0 [pid 5153] mkdir("./file0", 0777) = 0 [ 48.829741][ T5153] loop0: detected capacity change from 0 to 8192 [ 48.839475][ T5153] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.852786][ T5153] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.862158][ T5153] REISERFS (device loop0): using ordered data mode [ 48.868709][ T5153] reiserfs: using flush barriers [ 48.874344][ T5153] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 48.890699][ T5153] REISERFS (device loop0): checking transaction log (loop0) [pid 5153] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5153] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5153] chdir("./file0") = 0 [pid 5153] ioctl(4, LOOP_CLR_FD) = 0 [pid 5153] close(4) = 0 [pid 5153] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5152] <... futex resumed>) = 0 [pid 5153] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5152] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5153] <... open resumed>) = 4 [pid 5152] <... futex resumed>) = 0 [pid 5153] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5152] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5153] <... futex resumed>) = 0 [pid 5152] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5153] ftruncate(4, 3608577 [pid 5152] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5153] <... ftruncate resumed>) = 0 [pid 5152] <... futex resumed>) = 0 [pid 5152] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5153] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5152] <... futex resumed>) = 0 [pid 5153] <... futex resumed>) = 1 [pid 5152] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5153] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5152] <... futex resumed>) = 0 [pid 5153] <... openat resumed>) = 5 [pid 5152] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5153] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5152] <... futex resumed>) = 0 [pid 5153] <... futex resumed>) = 0 [pid 5152] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5153] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5152] <... mmap resumed>) = 0x7f9991e7b000 [pid 5152] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5152] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5155], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5155 [pid 5152] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5152] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5155 attached [pid 5155] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5155] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5155] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5152] <... futex resumed>) = 0 [pid 5152] exit_group(0 [pid 5153] <... futex resumed>) = ? [pid 5152] <... exit_group resumed>) = ? [pid 5153] +++ exited with 0 +++ [pid 5155] <... futex resumed>) = ? [pid 5155] +++ exited with 0 +++ [pid 5152] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./19/binderfs") = 0 [ 48.925556][ T5153] REISERFS (device loop0): Using r5 hash to sort names [ 48.932760][ T5153] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./19/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./19") = 0 mkdir("./20", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5156 ./strace-static-x86_64: Process 5156 attached [pid 5156] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5156] chdir("./20") = 0 [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5156] setpgid(0, 0) = 0 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5156] write(3, "1000", 4) = 4 [pid 5156] close(3) = 0 [pid 5156] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5156] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5156] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5156] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5156] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5157], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5157 [pid 5156] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5156] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5157 attached [pid 5157] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5157] memfd_create("syzkaller", 0) = 3 [pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5157] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5157] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5157] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5157] close(3) = 0 [pid 5157] mkdir("./file0", 0777) = 0 [ 49.038201][ T5157] loop0: detected capacity change from 0 to 8192 [ 49.047273][ T5157] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.060292][ T5157] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.069705][ T5157] REISERFS (device loop0): using ordered data mode [ 49.076282][ T5157] reiserfs: using flush barriers [ 49.082193][ T5157] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.098581][ T5157] REISERFS (device loop0): checking transaction log (loop0) [pid 5157] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5157] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5157] chdir("./file0") = 0 [pid 5157] ioctl(4, LOOP_CLR_FD) = 0 [pid 5157] close(4) = 0 [pid 5157] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5156] <... futex resumed>) = 0 [pid 5157] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5156] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5157] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5156] <... futex resumed>) = 0 [pid 5157] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5156] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5157] <... open resumed>) = 4 [pid 5157] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5157] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5156] <... futex resumed>) = 0 [pid 5156] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5156] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5157] <... futex resumed>) = 0 [pid 5157] ftruncate(4, 3608577) = 0 [pid 5157] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5156] <... futex resumed>) = 0 [pid 5157] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5156] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5157] <... openat resumed>) = 5 [pid 5156] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5157] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5156] <... futex resumed>) = 0 [pid 5157] <... futex resumed>) = 0 [pid 5156] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5157] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5156] <... mmap resumed>) = 0x7f9991e7b000 [pid 5156] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5156] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5159], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5159 [pid 5156] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5156] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5159 attached [pid 5159] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5159] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5159] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5156] <... futex resumed>) = 0 [pid 5156] exit_group(0 [pid 5157] <... futex resumed>) = ? [pid 5156] <... exit_group resumed>) = ? [pid 5157] +++ exited with 0 +++ [pid 5159] <... futex resumed>) = ? [pid 5159] +++ exited with 0 +++ [pid 5156] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./20/binderfs") = 0 [ 49.132738][ T5157] REISERFS (device loop0): Using r5 hash to sort names [ 49.139753][ T5157] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./20/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./20") = 0 mkdir("./21", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5160 ./strace-static-x86_64: Process 5160 attached [pid 5160] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5160] chdir("./21") = 0 [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5160] setpgid(0, 0) = 0 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5160] write(3, "1000", 4) = 4 [pid 5160] close(3) = 0 [pid 5160] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5160] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5160] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5160] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5160] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5161], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5161 [pid 5160] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5160] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5161 attached [pid 5161] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5161] memfd_create("syzkaller", 0) = 3 [pid 5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5161] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5161] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5161] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5161] close(3) = 0 [pid 5161] mkdir("./file0", 0777) = 0 [ 49.253060][ T5161] loop0: detected capacity change from 0 to 8192 [ 49.262740][ T5161] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.275819][ T5161] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.285094][ T5161] REISERFS (device loop0): using ordered data mode [ 49.291624][ T5161] reiserfs: using flush barriers [ 49.297373][ T5161] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.313718][ T5161] REISERFS (device loop0): checking transaction log (loop0) [pid 5161] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5161] chdir("./file0") = 0 [pid 5161] ioctl(4, LOOP_CLR_FD) = 0 [pid 5161] close(4) = 0 [pid 5161] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5160] <... futex resumed>) = 0 [pid 5160] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5160] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5161] <... futex resumed>) = 1 [pid 5161] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5161] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5160] <... futex resumed>) = 0 [pid 5160] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5160] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5161] <... futex resumed>) = 1 [pid 5161] ftruncate(4, 3608577) = 0 [pid 5161] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5160] <... futex resumed>) = 0 [pid 5160] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5160] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5160] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5160] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5160] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5163], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5163 [pid 5160] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5160] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5161] <... futex resumed>) = 1 [pid 5161] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000) = 5 [pid 5161] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5161] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5163 attached [pid 5163] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5163] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5163] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5160] <... futex resumed>) = 0 [pid 5160] exit_group(0) = ? [pid 5161] <... futex resumed>) = ? [pid 5161] +++ exited with 0 +++ [pid 5163] +++ exited with 0 +++ [pid 5160] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./21/binderfs") = 0 [ 49.348524][ T5161] REISERFS (device loop0): Using r5 hash to sort names [ 49.355680][ T5161] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./21/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./21") = 0 mkdir("./22", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5164 ./strace-static-x86_64: Process 5164 attached [pid 5164] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5164] chdir("./22") = 0 [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5164] setpgid(0, 0) = 0 [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5164] write(3, "1000", 4) = 4 [pid 5164] close(3) = 0 [pid 5164] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5164] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5164] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5164] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5164] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5165], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5165 [pid 5164] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5164] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5165 attached [pid 5165] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5165] memfd_create("syzkaller", 0) = 3 [pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5165] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5165] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5165] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5165] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5165] close(3) = 0 [pid 5165] mkdir("./file0", 0777) = 0 [ 49.459374][ T5165] loop0: detected capacity change from 0 to 8192 [ 49.468546][ T5165] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.481691][ T5165] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.490858][ T5165] REISERFS (device loop0): using ordered data mode [ 49.497392][ T5165] reiserfs: using flush barriers [ 49.502886][ T5165] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.519198][ T5165] REISERFS (device loop0): checking transaction log (loop0) [pid 5165] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5165] chdir("./file0") = 0 [pid 5165] ioctl(4, LOOP_CLR_FD) = 0 [pid 5165] close(4) = 0 [pid 5165] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5164] <... futex resumed>) = 0 [pid 5165] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5164] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5165] <... open resumed>) = 4 [pid 5164] <... futex resumed>) = 0 [pid 5164] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5165] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5164] <... futex resumed>) = 0 [pid 5164] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5165] <... futex resumed>) = 1 [pid 5164] <... futex resumed>) = 0 [pid 5165] ftruncate(4, 3608577 [pid 5164] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5165] <... ftruncate resumed>) = 0 [pid 5165] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5164] <... futex resumed>) = 0 [pid 5164] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5165] <... futex resumed>) = 1 [pid 5164] <... futex resumed>) = 0 [pid 5165] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5164] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5165] <... openat resumed>) = 5 [pid 5164] <... futex resumed>) = 0 [pid 5165] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5164] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5165] <... futex resumed>) = 0 [pid 5164] <... mmap resumed>) = 0x7f9991e7b000 [pid 5165] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5164] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5164] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5167], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5167 [pid 5164] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5164] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5167 attached [pid 5167] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5167] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5167] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5164] <... futex resumed>) = 0 [pid 5164] exit_group(0 [pid 5165] <... futex resumed>) = ? [pid 5164] <... exit_group resumed>) = ? [pid 5165] +++ exited with 0 +++ [pid 5167] <... futex resumed>) = ? [pid 5167] +++ exited with 0 +++ [pid 5164] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./22/binderfs") = 0 [ 49.553373][ T5165] REISERFS (device loop0): Using r5 hash to sort names [ 49.560357][ T5165] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./22/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./22") = 0 mkdir("./23", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5168 ./strace-static-x86_64: Process 5168 attached [pid 5168] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5168] chdir("./23") = 0 [pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5168] setpgid(0, 0) = 0 [pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5168] write(3, "1000", 4) = 4 [pid 5168] close(3) = 0 [pid 5168] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5168] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5168] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5168] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5168] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5169 attached , parent_tid=[5169], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5169 [pid 5169] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5169] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5168] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5168] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5169] <... futex resumed>) = 0 [pid 5169] memfd_create("syzkaller", 0) = 3 [pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5169] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5169] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5169] close(3) = 0 [pid 5169] mkdir("./file0", 0777) = 0 [ 49.677844][ T5169] loop0: detected capacity change from 0 to 8192 [ 49.687435][ T5169] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.700417][ T5169] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.709696][ T5169] REISERFS (device loop0): using ordered data mode [ 49.716209][ T5169] reiserfs: using flush barriers [ 49.721689][ T5169] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.738029][ T5169] REISERFS (device loop0): checking transaction log (loop0) [pid 5169] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5169] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5169] chdir("./file0") = 0 [pid 5169] ioctl(4, LOOP_CLR_FD) = 0 [pid 5169] close(4) = 0 [pid 5169] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5168] <... futex resumed>) = 0 [pid 5169] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5168] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5169] <... open resumed>) = 4 [pid 5168] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5169] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5168] <... futex resumed>) = 0 [pid 5169] ftruncate(4, 3608577 [pid 5168] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5169] <... ftruncate resumed>) = 0 [pid 5168] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5169] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5168] <... futex resumed>) = 0 [pid 5169] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5168] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5169] <... openat resumed>) = 5 [pid 5168] <... futex resumed>) = 0 [pid 5169] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5168] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5169] <... futex resumed>) = 0 [pid 5168] <... futex resumed>) = 0 [pid 5169] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5168] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5168] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5168] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5171], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5171 [pid 5168] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5168] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5171 attached [pid 5171] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5171] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5171] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5168] <... futex resumed>) = 0 [pid 5168] exit_group(0 [pid 5169] <... futex resumed>) = ? [pid 5168] <... exit_group resumed>) = ? [pid 5169] +++ exited with 0 +++ [pid 5171] <... futex resumed>) = ? [pid 5171] +++ exited with 0 +++ [pid 5168] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./23/binderfs") = 0 [ 49.771008][ T5169] REISERFS (device loop0): Using r5 hash to sort names [ 49.778025][ T5169] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./23/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./23") = 0 mkdir("./24", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5172 ./strace-static-x86_64: Process 5172 attached [pid 5172] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5172] chdir("./24") = 0 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5172] setpgid(0, 0) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5172] write(3, "1000", 4) = 4 [pid 5172] close(3) = 0 [pid 5172] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5172] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5172] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5172] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5172] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5173], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5173 [pid 5172] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5172] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5173 attached [pid 5173] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5173] memfd_create("syzkaller", 0) = 3 [pid 5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5173] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5173] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5173] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5173] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5173] close(3) = 0 [pid 5173] mkdir("./file0", 0777) = 0 [ 49.881545][ T5173] loop0: detected capacity change from 0 to 8192 [ 49.890994][ T5173] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.904016][ T5173] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.913161][ T5173] REISERFS (device loop0): using ordered data mode [ 49.919729][ T5173] reiserfs: using flush barriers [ 49.925508][ T5173] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.941744][ T5173] REISERFS (device loop0): checking transaction log (loop0) [pid 5173] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5173] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5173] chdir("./file0") = 0 [pid 5173] ioctl(4, LOOP_CLR_FD) = 0 [pid 5173] close(4) = 0 [pid 5173] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5172] <... futex resumed>) = 0 [pid 5173] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5172] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5173] <... open resumed>) = 4 [pid 5172] <... futex resumed>) = 0 [pid 5173] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5172] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5173] <... futex resumed>) = 0 [pid 5172] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5173] ftruncate(4, 3608577 [pid 5172] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5172] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5173] <... ftruncate resumed>) = 0 [pid 5173] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5172] <... futex resumed>) = 0 [pid 5173] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5172] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5173] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5172] <... futex resumed>) = 0 [pid 5173] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5172] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5173] <... openat resumed>) = 5 [pid 5172] <... futex resumed>) = 0 [pid 5173] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5172] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5173] <... futex resumed>) = 0 [pid 5172] <... mmap resumed>) = 0x7f9991e7b000 [pid 5173] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5172] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5172] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5175 attached [pid 5175] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5175] futex(0x7f9999f967b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5172] <... clone resumed>, parent_tid=[5175], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5175 [pid 5172] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5175] <... futex resumed>) = 0 [pid 5172] <... futex resumed>) = 1 [pid 5175] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5172] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5175] <... mknod resumed>) = 0 [pid 5175] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5172] <... futex resumed>) = 0 [pid 5172] exit_group(0) = ? [pid 5173] <... futex resumed>) = ? [pid 5175] <... futex resumed>) = ? [pid 5173] +++ exited with 0 +++ [pid 5175] +++ exited with 0 +++ [pid 5172] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./24/binderfs") = 0 [ 49.975401][ T5173] REISERFS (device loop0): Using r5 hash to sort names [ 49.982479][ T5173] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./24/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./24") = 0 mkdir("./25", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5176 ./strace-static-x86_64: Process 5176 attached [pid 5176] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5176] chdir("./25") = 0 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5176] setpgid(0, 0) = 0 [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5176] write(3, "1000", 4) = 4 [pid 5176] close(3) = 0 [pid 5176] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5176] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5176] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5176] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5177 attached [pid 5177] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5177] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5176] <... clone resumed>, parent_tid=[5177], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5177 [pid 5176] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5176] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5177] <... futex resumed>) = 0 [pid 5177] memfd_create("syzkaller", 0) = 3 [pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5177] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5177] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5177] close(3) = 0 [pid 5177] mkdir("./file0", 0777) = 0 [ 50.102252][ T5177] loop0: detected capacity change from 0 to 8192 [ 50.112177][ T5177] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 50.125193][ T5177] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 50.134449][ T5177] REISERFS (device loop0): using ordered data mode [ 50.140935][ T5177] reiserfs: using flush barriers [ 50.146599][ T5177] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.162841][ T5177] REISERFS (device loop0): checking transaction log (loop0) [pid 5177] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5177] chdir("./file0") = 0 [pid 5177] ioctl(4, LOOP_CLR_FD) = 0 [pid 5177] close(4) = 0 [pid 5177] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5177] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5176] <... futex resumed>) = 0 [pid 5176] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5177] <... futex resumed>) = 0 [pid 5176] <... futex resumed>) = 1 [pid 5177] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000 [pid 5176] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5177] <... open resumed>) = 4 [pid 5177] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5176] <... futex resumed>) = 0 [pid 5177] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5176] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5177] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5176] <... futex resumed>) = 0 [pid 5177] ftruncate(4, 3608577 [pid 5176] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5177] <... ftruncate resumed>) = 0 [pid 5177] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5176] <... futex resumed>) = 0 [pid 5177] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5176] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5177] <... openat resumed>) = 5 [pid 5176] <... futex resumed>) = 0 [pid 5177] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5176] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5177] <... futex resumed>) = 0 [pid 5176] <... futex resumed>) = 0 [pid 5177] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5176] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5176] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5179], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5179 [pid 5176] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5176] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5179 attached [pid 5179] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5179] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5179] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5176] <... futex resumed>) = 0 [pid 5176] exit_group(0 [pid 5177] <... futex resumed>) = ? [pid 5176] <... exit_group resumed>) = ? [pid 5177] +++ exited with 0 +++ [pid 5179] <... futex resumed>) = ? [pid 5179] +++ exited with 0 +++ [pid 5176] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./25/binderfs") = 0 [ 50.197754][ T5177] REISERFS (device loop0): Using r5 hash to sort names [ 50.204891][ T5177] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./25/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./25") = 0 mkdir("./26", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5180 ./strace-static-x86_64: Process 5180 attached [pid 5180] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5180] chdir("./26") = 0 [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5180] setpgid(0, 0) = 0 [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5180] write(3, "1000", 4) = 4 [pid 5180] close(3) = 0 [pid 5180] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5180] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5180] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5180] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5180] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5181 attached , parent_tid=[5181], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5181 [pid 5181] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5181] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5180] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5181] <... futex resumed>) = 0 [pid 5181] memfd_create("syzkaller", 0) = 3 [pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5180] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5181] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5181] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5181] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5181] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5181] close(3) = 0 [pid 5181] mkdir("./file0", 0777) = 0 [ 50.330393][ T5181] loop0: detected capacity change from 0 to 8192 [ 50.339257][ T5181] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 50.352249][ T5181] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 50.361459][ T5181] REISERFS (device loop0): using ordered data mode [ 50.367989][ T5181] reiserfs: using flush barriers [ 50.373596][ T5181] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.389814][ T5181] REISERFS (device loop0): checking transaction log (loop0) [pid 5181] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5181] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5181] chdir("./file0") = 0 [pid 5181] ioctl(4, LOOP_CLR_FD) = 0 [pid 5181] close(4) = 0 [pid 5181] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5180] <... futex resumed>) = 0 [pid 5180] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5180] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5181] <... futex resumed>) = 1 [pid 5181] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5181] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5180] <... futex resumed>) = 0 [pid 5180] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5180] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5181] <... futex resumed>) = 1 [pid 5181] ftruncate(4, 3608577) = 0 [pid 5181] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5181] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5180] <... futex resumed>) = 0 [pid 5180] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5180] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5180] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5180] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5181] <... futex resumed>) = 0 [pid 5180] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5181] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5180] <... clone resumed>, parent_tid=[5183], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5183 [pid 5180] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5180] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5181] <... openat resumed>) = 5 [pid 5181] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5181] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5183 attached [pid 5183] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5183] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0 [pid 5183] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5180] <... futex resumed>) = 0 [pid 5180] exit_group(0) = ? [pid 5181] <... futex resumed>) = ? [pid 5181] +++ exited with 0 +++ [pid 5183] +++ exited with 0 +++ [pid 5180] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5180, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555557460620 /* 4 entries */, 32768) = 112 umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./26/binderfs") = 0 [ 50.423501][ T5181] REISERFS (device loop0): Using r5 hash to sort names [ 50.430938][ T5181] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557468660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557468660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./26/file0") = 0 getdents64(3, 0x555557460620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./26") = 0 mkdir("./27", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745f5d0) = 5184 ./strace-static-x86_64: Process 5184 attached [pid 5184] set_robust_list(0x55555745f5e0, 24) = 0 [pid 5184] chdir("./27") = 0 [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5184] setpgid(0, 0) = 0 [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5184] write(3, "1000", 4) = 4 [pid 5184] close(3) = 0 [pid 5184] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5184] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5184] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9999e9c000 [pid 5184] mprotect(0x7f9999e9d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5184] clone(child_stack=0x7f9999ebc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5185], tls=0x7f9999ebc700, child_tidptr=0x7f9999ebc9d0) = 5185 [pid 5184] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5184] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5185 attached [pid 5185] set_robust_list(0x7f9999ebc9e0, 24) = 0 [pid 5185] memfd_create("syzkaller", 0) = 3 [pid 5185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9991a9c000 [pid 5185] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5185] munmap(0x7f9991a9c000, 4194304) = 0 [pid 5185] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5185] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5185] close(3) = 0 [pid 5185] mkdir("./file0", 0777) = 0 [ 50.544665][ T5185] loop0: detected capacity change from 0 to 8192 [ 50.554679][ T5185] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 50.567717][ T5185] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 50.577190][ T5185] REISERFS (device loop0): using ordered data mode [ 50.583934][ T5185] reiserfs: using flush barriers [ 50.589495][ T5185] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.605847][ T5185] REISERFS (device loop0): checking transaction log (loop0) [pid 5185] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "") = 0 [pid 5185] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5185] chdir("./file0") = 0 [pid 5185] ioctl(4, LOOP_CLR_FD) = 0 [pid 5185] close(4) = 0 [pid 5185] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5185] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5184] <... futex resumed>) = 0 [pid 5184] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5184] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5185] <... futex resumed>) = 0 [pid 5185] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE|O_NOATIME, 000) = 4 [pid 5185] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5184] <... futex resumed>) = 0 [pid 5184] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5184] futex(0x7f9999f967ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5185] <... futex resumed>) = 1 [pid 5185] ftruncate(4, 3608577) = 0 [pid 5185] futex(0x7f9999f967ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5185] futex(0x7f9999f967a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5184] <... futex resumed>) = 0 [pid 5184] futex(0x7f9999f967a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5184] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5184] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f9991e7b000 [pid 5184] mprotect(0x7f9991e7c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5184] clone(child_stack=0x7f9991e9b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5187 attached [pid 5185] <... futex resumed>) = 0 [pid 5184] <... clone resumed>, parent_tid=[5187], tls=0x7f9991e9b700, child_tidptr=0x7f9991e9b9d0) = 5187 [pid 5184] futex(0x7f9999f967b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5184] futex(0x7f9999f967bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5187] set_robust_list(0x7f9991e9b9e0, 24) = 0 [pid 5187] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5185] openat(AT_FDCWD, ".log", O_WRONLY|O_CREAT|O_TRUNC, 000 [pid 5187] <... mknod resumed>) = 0 [pid 5187] futex(0x7f9999f967bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5184] <... futex resumed>) = 0 [pid 5187] <... futex resumed>) = 1 [ 50.639696][ T5185] REISERFS (device loop0): Using r5 hash to sort names [ 50.646956][ T5185] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 50.681222][ T5185] REISERFS panic (device loop0): vs-12195 balance_leaf: CFR not initialized [ 50.690612][ T5185] ------------[ cut here ]------------ [ 50.696302][ T5185] kernel BUG at fs/reiserfs/prints.c:390! [ 50.702148][ T5185] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 50.708220][ T5185] CPU: 1 PID: 5185 Comm: syz-executor752 Not tainted 6.2.0-syzkaller-12017-g1ec35eadc3b4 #0 [ 50.718260][ T5185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023 [ 50.728306][ T5185] RIP: 0010:__reiserfs_panic+0xf7/0x150 [ 50.733868][ T5185] Code: 65 ff 4d 89 e8 4c 89 f1 4c 89 e2 48 8d b3 a8 06 00 00 49 c7 c1 20 ee eb 91 48 c7 c7 40 b6 61 8a e8 be 8e 49 ff e8 29 eb 65 ff <0f> 0b 49 c7 c6 a0 b4 61 8a 4d 89 f4 eb c5 e8 16 eb 65 ff 4d 85 e4 [ 50.753460][ T5185] RSP: 0018:ffffc90004a0ed48 EFLAGS: 00010293 [ 50.759514][ T5185] RAX: 0000000000000000 RBX: ffff888071580000 RCX: 0000000000000000 [ 50.767462][ T5185] RDX: ffff888026750000 RSI: ffffffff821f1737 RDI: 0000000000000005 [ 50.775412][ T5185] RBP: ffffc90004a0ee18 R08: 0000000000000005 R09: 0000000000000000 [ 50.783361][ T5185] R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff8a612c20 [ 50.791314][ T5185] R13: ffffffff8a613600 R14: ffffffff8a61b4e0 R15: 0000000000000000 [ 50.799276][ T5185] FS: 00007f9999ebc700(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 50.808212][ T5185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.814786][ T5185] CR2: 00007f9999f51c60 CR3: 0000000076745000 CR4: 0000000000350ee0 [ 50.822744][ T5185] Call Trace: [ 50.826029][ T5185] [ 50.828945][ T5185] ? reiserfs_debug+0x10/0x10 [ 50.833616][ T5185] ? leaf_insert_into_buf+0x86f/0xa20 [ 50.838984][ T5185] balance_leaf+0xd35f/0xddc0 [ 50.843646][ T5185] ? reiserfs_prepare_for_journal+0x162/0x2b0 [ 50.849696][ T5185] ? fix_nodes+0x14cf/0x8660 [ 50.854275][ T5185] ? replace_key+0x170/0x170 [ 50.858850][ T5185] do_balance+0x319/0x810 [ 50.863167][ T5185] ? get_right_neighbor_position+0x170/0x170 [ 50.869137][ T5185] ? wait_for_completion_io_timeout+0x20/0x20 [ 50.875207][ T5185] reiserfs_insert_item+0xd84/0x11a0 [ 50.880488][ T5185] ? reiserfs_paste_into_item+0x8d0/0x8d0 [ 50.886220][ T5185] ? spin_bug+0x1c0/0x1c0 [ 50.890537][ T5185] ? from_kgid+0x8b/0xd0 [ 50.894764][ T5185] ? do_raw_spin_unlock+0x175/0x230 [ 50.899952][ T5185] ? _raw_spin_unlock+0x28/0x40 [ 50.904801][ T5185] ? real_space_diff+0x135/0x170 [ 50.909724][ T5185] reiserfs_new_inode+0xe55/0x2190 [ 50.914824][ T5185] ? reiserfs_fh_to_parent+0x1b0/0x1b0 [ 50.920269][ T5185] ? __mutex_unlock_slowpath+0x157/0x5e0 [ 50.925892][ T5185] ? wait_for_completion_io_timeout+0x20/0x20 [ 50.931956][ T5185] ? dquot_get_next_dqblk+0x180/0x180 [ 50.937320][ T5185] ? make_vfsgid+0x170/0x170 [ 50.941904][ T5185] ? bpf_lsm_inode_init_security+0x9/0x10 [ 50.947608][ T5185] ? security_old_inode_init_security+0xf8/0x130 [ 50.953938][ T5185] reiserfs_create+0x351/0x730 [ 50.958689][ T5185] ? reiserfs_link+0x520/0x520 [ 50.963440][ T5185] ? apparmor_path_mknod+0x16f/0x730 [ 50.968720][ T5185] ? security_inode_permission+0xc9/0xf0 [ 50.974339][ T5185] ? bpf_lsm_inode_create+0x9/0x10 [ 50.979432][ T5185] ? reiserfs_link+0x520/0x520 [ 50.984185][ T5185] lookup_open.isra.0+0x105a/0x1400 [ 50.989373][ T5185] ? link_path_walk.part.0+0xd60/0xd60 [ 50.994825][ T5185] ? down_write_killable_nested+0x250/0x250 [ 51.000712][ T5185] ? __mnt_want_write+0x1fe/0x2e0 [ 51.005726][ T5185] path_openat+0x975/0x2750 [ 51.010219][ T5185] ? __lock_acquire+0x18bc/0x5d40 [ 51.015231][ T5185] ? path_lookupat+0x840/0x840 [ 51.019986][ T5185] do_filp_open+0x1ba/0x410 [ 51.024487][ T5185] ? may_open_dev+0xf0/0xf0 [ 51.028978][ T5185] ? find_held_lock+0x2d/0x110 [ 51.033729][ T5185] ? do_raw_spin_lock+0x124/0x2b0 [ 51.038744][ T5185] ? spin_bug+0x1c0/0x1c0 [ 51.043059][ T5185] ? _raw_spin_unlock+0x28/0x40 [ 51.047905][ T5185] ? alloc_fd+0x2e4/0x750 [ 51.052219][ T5185] do_sys_openat2+0x16d/0x4c0 [ 51.056893][ T5185] ? build_open_flags+0x6f0/0x6f0 [ 51.061911][ T5185] ? ptrace_notify+0xfe/0x140 [ 51.066574][ T5185] __x64_sys_openat+0x143/0x1f0 [ 51.071420][ T5185] ? __ia32_sys_open+0x1c0/0x1c0 [ 51.076356][ T5185] ? _raw_spin_unlock_irq+0x23/0x50 [ 51.081559][ T5185] ? lockdep_hardirqs_on+0x7d/0x100 [ 51.086751][ T5185] ? _raw_spin_unlock_irq+0x2e/0x50 [ 51.091944][ T5185] ? ptrace_notify+0xfe/0x140 [ 51.096608][ T5185] do_syscall_64+0x39/0xb0 [ 51.101010][ T5185] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.106896][ T5185] RIP: 0033:0x7f9999f10589 [ 51.111295][ T5185] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 51.130888][ T5185] RSP: 002b:00007f9999ebc2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 51.139286][ T5185] RAX: ffffffffffffffda RBX: 00007f9999f967a0 RCX: 00007f9999f10589 [ 51.147241][ T5185] RDX: 0000000000000241 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 51.155197][ T5185] RBP: 00007f9999f632b0 R08: 0000000000000000 R09: 0000000000000000 [ 51.163157][ T5185] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9999f631b8 [ 51.171116][ T5185] R13: 0030656c69662f2e R14: 7366726573696572 R15: 00007f9999f967a8 [ 51.179080][ T5185] [pid 5187] futex(0x7f9999f967b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5184] exit_group(0) = ? [pid 5187] <... futex resumed>) = ? [pid 5187] +++ exited with 0 +++ [ 51.182086][ T5185] Modules linked in: [ 51.186667][ T5185] ---[ end trace 0000000000000000 ]--- [ 51.192139][ T5185] RIP: 0010:__reiserfs_panic+0xf7/0x150 [ 51.197856][ T5185] Code: 65 ff 4d 89 e8 4c 89 f1 4c 89 e2 48 8d b3 a8 06 00 00 49 c7 c1 20 ee eb 91 48 c7 c7 40 b6 61 8a e8 be 8e 49 ff e8 29 eb 65 ff <0f> 0b 49 c7 c6 a0 b4 61 8a 4d 89 f4 eb c5 e8 16 eb 65 ff 4d 85 e4 [ 51.217721][ T5185] RSP: 0018:ffffc90004a0ed48 EFLAGS: 00010293 [ 51.223817][ T5185] RAX: 0000000000000000 RBX: ffff888071580000 RCX: 0000000000000000 [ 51.231787][ T5185] RDX: ffff888026750000 RSI: ffffffff821f1737 RDI: 0000000000000005 [ 51.239773][ T5185] RBP: ffffc90004a0ee18 R08: 0000000000000005 R09: 0000000000000000 [ 51.247758][ T5185] R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff8a612c20 [ 51.255742][ T5185] R13: ffffffff8a613600 R14: ffffffff8a61b4e0 R15: 0000000000000000 [ 51.263726][ T5185] FS: 00007f9999ebc700(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 51.272649][ T5185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 51.279262][ T5185] CR2: 00007f9999f51c60 CR3: 0000000076745000 CR4: 0000000000350ee0 [ 51.287248][ T5185] Kernel panic - not syncing: Fatal exception [ 51.294104][ T5185] Kernel Offset: disabled [ 51.298413][ T5185] Rebooting in 86400 seconds..