./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1501964697 <...> Warning: Permanently added '10.128.1.23' (ECDSA) to the list of known hosts. execve("./syz-executor1501964697", ["./syz-executor1501964697"], 0x7ffcef727800 /* 10 vars */) = 0 brk(NULL) = 0x555556cf2000 brk(0x555556cf2c40) = 0x555556cf2c40 arch_prctl(ARCH_SET_FS, 0x555556cf2300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1501964697", 4096) = 28 brk(0x555556d13c40) = 0x555556d13c40 brk(0x555556d14000) = 0x555556d14000 mprotect(0x7fface060000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 5064 mkdir("./syzkaller.2uDsY8", 0700) = 0 chmod("./syzkaller.2uDsY8", 0777) = 0 chdir("./syzkaller.2uDsY8") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5066 attached , child_tidptr=0x555556cf25d0) = 5066 [pid 5066] chdir("./0") = 0 [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5066] setpgid(0, 0) = 0 [pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "1000", 4) = 4 [pid 5066] close(3) = 0 [pid 5066] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5066] memfd_create("syzkaller", 0) = 3 [pid 5066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5066] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5066] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5066] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5066] close(3) = 0 [pid 5066] mkdir("./file0", 0777) = 0 [ 44.965906][ T5066] loop0: detected capacity chafrom 0 to 8192 [ 45.081065][ T5066] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 45.094479][ T5066] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 45.104122][ T5066] REISERFS (device loop0): using ordered data mode [ 45.110694][ T5066] reiserfs: using flush barriers [ 45.116898][ T5066] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.133541][ T5066] REISERFS (device loop0): checking transaction log (loop0) [pid 5066] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5066] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5066] chdir("./file0") = 0 [pid 5066] ioctl(4, LOOP_CLR_FD) = 0 [pid 5066] close(4) = 0 [pid 5066] creat("./bus", 000) = 4 [pid 5066] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5066] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5066] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5066] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5066] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5066] exit_group(0) = ? [pid 5066] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5066, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./0/binderfs") = 0 [ 45.170754][ T5066] REISERFS (device loop0): Using r5 hash to sort names [ 45.178633][ T5066] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5068 ./strace-static-x86_64: Process 5068 attached [pid 5068] chdir("./1") = 0 [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5068] setpgid(0, 0) = 0 [pid 5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5068] write(3, "1000", 4) = 4 [pid 5068] close(3) = 0 [pid 5068] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5068] memfd_create("syzkaller", 0) = 3 [pid 5068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5068] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5068] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5068] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5068] close(3) = 0 [pid 5068] mkdir("./file0", 0777) = 0 [ 45.302118][ T5068] loop0: detected capacity change from 0 to 8192 [ 45.312639][ T5068] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 45.325751][ T5068] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 45.335059][ T5068] REISERFS (device loop0): using ordered data mode [ 45.341702][ T5068] reiserfs: using flush barriers [ 45.347383][ T5068] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.363827][ T5068] REISERFS (device loop0): checking transaction log (loop0) [pid 5068] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5068] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5068] chdir("./file0") = 0 [pid 5068] ioctl(4, LOOP_CLR_FD) = 0 [pid 5068] close(4) = 0 [pid 5068] creat("./bus", 000) = 4 [pid 5068] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5068] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5068] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5068] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5068] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5068] exit_group(0) = ? [pid 5068] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5068, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1/binderfs") = 0 [ 45.399939][ T5068] REISERFS (device loop0): Using r5 hash to sort names [ 45.407068][ T5068] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5070 ./strace-static-x86_64: Process 5070 attached [pid 5070] chdir("./2") = 0 [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5070] setpgid(0, 0) = 0 [pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5070] write(3, "1000", 4) = 4 [pid 5070] close(3) = 0 [pid 5070] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5070] memfd_create("syzkaller", 0) = 3 [pid 5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5070] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5070] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5070] close(3) = 0 [pid 5070] mkdir("./file0", 0777) = 0 [ 45.530197][ T5070] loop0: detected capacity change from 0 to 8192 [ 45.540465][ T5070] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 45.553731][ T5070] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 45.563208][ T5070] REISERFS (device loop0): using ordered data mode [ 45.570046][ T5070] reiserfs: using flush barriers [ 45.575770][ T5070] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.592166][ T5070] REISERFS (device loop0): checking transaction log (loop0) [pid 5070] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5070] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5070] chdir("./file0") = 0 [pid 5070] ioctl(4, LOOP_CLR_FD) = 0 [pid 5070] close(4) = 0 [pid 5070] creat("./bus", 000) = 4 [pid 5070] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5070] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5070] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5070] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5070] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5070] exit_group(0) = ? [pid 5070] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5070, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./2/binderfs") = 0 [ 45.628186][ T5070] REISERFS (device loop0): Using r5 hash to sort names [ 45.635908][ T5070] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./2/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./2") = 0 mkdir("./3", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5072 ./strace-static-x86_64: Process 5072 attached [pid 5072] chdir("./3") = 0 [pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5072] setpgid(0, 0) = 0 [pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "1000", 4) = 4 [pid 5072] close(3) = 0 [pid 5072] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5072] memfd_create("syzkaller", 0) = 3 [pid 5072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5072] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5072] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5072] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5072] close(3) = 0 [pid 5072] mkdir("./file0", 0777) = 0 [ 45.762153][ T5072] loop0: detected capacity change from 0 to 8192 [ 45.772417][ T5072] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 45.785562][ T5072] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 45.794953][ T5072] REISERFS (device loop0): using ordered data mode [ 45.801580][ T5072] reiserfs: using flush barriers [ 45.807190][ T5072] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.823739][ T5072] REISERFS (device loop0): checking transaction log (loop0) [pid 5072] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5072] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5072] chdir("./file0") = 0 [pid 5072] ioctl(4, LOOP_CLR_FD) = 0 [pid 5072] close(4) = 0 [pid 5072] creat("./bus", 000) = 4 [pid 5072] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5072] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5072] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5072] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5072] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5072] exit_group(0) = ? [pid 5072] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5072, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./3/binderfs") = 0 [ 45.854977][ T5072] REISERFS (device loop0): Using r5 hash to sort names [ 45.862430][ T5072] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./3/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./3") = 0 mkdir("./4", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5074 ./strace-static-x86_64: Process 5074 attached [pid 5074] chdir("./4") = 0 [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5074] setpgid(0, 0) = 0 [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5074] write(3, "1000", 4) = 4 [pid 5074] close(3) = 0 [pid 5074] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5074] memfd_create("syzkaller", 0) = 3 [pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5074] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5074] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5074] close(3) = 0 [pid 5074] mkdir("./file0", 0777) = 0 [ 45.983691][ T5074] loop0: detected capacity change from 0 to 8192 [ 45.993116][ T5074] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.006226][ T5074] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.015578][ T5074] REISERFS (device loop0): using ordered data mode [ 46.022132][ T5074] reiserfs: using flush barriers [ 46.027811][ T5074] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.044419][ T5074] REISERFS (device loop0): checking transaction log (loop0) [pid 5074] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5074] chdir("./file0") = 0 [pid 5074] ioctl(4, LOOP_CLR_FD) = 0 [pid 5074] close(4) = 0 [pid 5074] creat("./bus", 000) = 4 [pid 5074] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5074] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5074] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5074] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5074] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5074] exit_group(0) = ? [pid 5074] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5074, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./4/binderfs") = 0 [ 46.080303][ T5074] REISERFS (device loop0): Using r5 hash to sort names [ 46.087484][ T5074] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./4/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./4") = 0 mkdir("./5", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5076 ./strace-static-x86_64: Process 5076 attached [pid 5076] chdir("./5") = 0 [pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5076] setpgid(0, 0) = 0 [pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5076] write(3, "1000", 4) = 4 [pid 5076] close(3) = 0 [pid 5076] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] memfd_create("syzkaller", 0) = 3 [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5076] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5076] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5076] close(3) = 0 [pid 5076] mkdir("./file0", 0777) = 0 [ 46.198490][ T5076] loop0: detected capacity change from 0 to 8192 [ 46.207885][ T5076] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.220931][ T5076] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.230138][ T5076] REISERFS (device loop0): using ordered data mode [ 46.236665][ T5076] reiserfs: using flush barriers [ 46.242524][ T5076] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.258923][ T5076] REISERFS (device loop0): checking transaction log (loop0) [pid 5076] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5076] chdir("./file0") = 0 [pid 5076] ioctl(4, LOOP_CLR_FD) = 0 [pid 5076] close(4) = 0 [pid 5076] creat("./bus", 000) = 4 [pid 5076] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5076] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5076] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5076] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5076] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5076] exit_group(0) = ? [pid 5076] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./5/binderfs") = 0 [ 46.289699][ T5076] REISERFS (device loop0): Using r5 hash to sort names [ 46.296904][ T5076] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./5/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./5") = 0 mkdir("./6", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5078 ./strace-static-x86_64: Process 5078 attached [pid 5078] chdir("./6") = 0 [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] setpgid(0, 0) = 0 [pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "1000", 4) = 4 [pid 5078] close(3) = 0 [pid 5078] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] memfd_create("syzkaller", 0) = 3 [pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5078] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5078] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5078] close(3) = 0 [pid 5078] mkdir("./file0", 0777) = 0 [ 46.407061][ T5078] loop0: detected capacity change from 0 to 8192 [ 46.417735][ T5078] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.430837][ T5078] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.440283][ T5078] REISERFS (device loop0): using ordered data mode [ 46.446794][ T5078] reiserfs: using flush barriers [ 46.452834][ T5078] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.469150][ T5078] REISERFS (device loop0): checking transaction log (loop0) [pid 5078] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5078] chdir("./file0") = 0 [pid 5078] ioctl(4, LOOP_CLR_FD) = 0 [pid 5078] close(4) = 0 [pid 5078] creat("./bus", 000) = 4 [pid 5078] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5078] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5078] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5078] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5078] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5078] exit_group(0) = ? [pid 5078] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./6/binderfs") = 0 [ 46.504040][ T5078] REISERFS (device loop0): Using r5 hash to sort names [ 46.511401][ T5078] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./6/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./6") = 0 mkdir("./7", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5080 ./strace-static-x86_64: Process 5080 attached [pid 5080] chdir("./7") = 0 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5080] setpgid(0, 0) = 0 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] write(3, "1000", 4) = 4 [pid 5080] close(3) = 0 [pid 5080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] memfd_create("syzkaller", 0) = 3 [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5080] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5080] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5080] close(3) = 0 [pid 5080] mkdir("./file0", 0777) = 0 [ 46.626753][ T5080] loop0: detected capacity change from 0 to 8192 [ 46.636103][ T5080] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.649388][ T5080] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.658594][ T5080] REISERFS (device loop0): using ordered data mode [ 46.665157][ T5080] reiserfs: using flush barriers [ 46.670898][ T5080] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.687344][ T5080] REISERFS (device loop0): checking transaction log (loop0) [pid 5080] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] chdir("./file0") = 0 [pid 5080] ioctl(4, LOOP_CLR_FD) = 0 [pid 5080] close(4) = 0 [pid 5080] creat("./bus", 000) = 4 [pid 5080] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5080] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5080] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5080] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5080] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5080] exit_group(0) = ? [pid 5080] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./7/binderfs") = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 46.724324][ T5080] REISERFS (device loop0): Using r5 hash to sort names [ 46.731599][ T5080] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./7/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./7") = 0 mkdir("./8", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5082 ./strace-static-x86_64: Process 5082 attached [pid 5082] chdir("./8") = 0 [pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5082] setpgid(0, 0) = 0 [pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5082] write(3, "1000", 4) = 4 [pid 5082] close(3) = 0 [pid 5082] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5082] memfd_create("syzkaller", 0) = 3 [pid 5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5082] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5082] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5082] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5082] close(3) = 0 [pid 5082] mkdir("./file0", 0777) = 0 [ 46.839711][ T5082] loop0: detected capacity change from 0 to 8192 [ 46.849877][ T5082] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 46.863109][ T5082] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 46.872724][ T5082] REISERFS (device loop0): using ordered data mode [ 46.879460][ T5082] reiserfs: using flush barriers [ 46.885323][ T5082] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 46.901762][ T5082] REISERFS (device loop0): checking transaction log (loop0) [pid 5082] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5082] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5082] chdir("./file0") = 0 [pid 5082] ioctl(4, LOOP_CLR_FD) = 0 [pid 5082] close(4) = 0 [pid 5082] creat("./bus", 000) = 4 [pid 5082] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5082] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5082] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5082] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5082] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5082] exit_group(0) = ? [pid 5082] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./8/binderfs") = 0 [ 46.938334][ T5082] REISERFS (device loop0): Using r5 hash to sort names [ 46.945463][ T5082] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./8/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./8") = 0 mkdir("./9", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5084 ./strace-static-x86_64: Process 5084 attached [pid 5084] chdir("./9") = 0 [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5084] setpgid(0, 0) = 0 [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5084] write(3, "1000", 4) = 4 [pid 5084] close(3) = 0 [pid 5084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5084] memfd_create("syzkaller", 0) = 3 [pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5084] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5084] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5084] close(3) = 0 [pid 5084] mkdir("./file0", 0777) = 0 [ 47.056825][ T5084] loop0: detected capacity change from 0 to 8192 [ 47.066567][ T5084] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 47.079854][ T5084] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 47.089196][ T5084] REISERFS (device loop0): using ordered data mode [ 47.095745][ T5084] reiserfs: using flush barriers [ 47.101493][ T5084] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 47.118238][ T5084] REISERFS (device loop0): checking transaction log (loop0) [pid 5084] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5084] chdir("./file0") = 0 [pid 5084] ioctl(4, LOOP_CLR_FD) = 0 [pid 5084] close(4) = 0 [pid 5084] creat("./bus", 000) = 4 [pid 5084] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5084] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5084] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5084] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5084] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5084] exit_group(0) = ? [pid 5084] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./9/binderfs") = 0 [ 47.149241][ T5084] REISERFS (device loop0): Using r5 hash to sort names [ 47.156617][ T5084] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./9/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./9") = 0 mkdir("./10", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5086 attached , child_tidptr=0x555556cf25d0) = 5086 [pid 5086] chdir("./10") = 0 [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5086] setpgid(0, 0) = 0 [pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "1000", 4) = 4 [pid 5086] close(3) = 0 [pid 5086] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5086] memfd_create("syzkaller", 0) = 3 [pid 5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5086] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5086] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5086] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5086] close(3) = 0 [pid 5086] mkdir("./file0", 0777) = 0 [ 47.260638][ T5086] loop0: detected capacity change from 0 to 8192 [ 47.270635][ T5086] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 47.283776][ T5086] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 47.293024][ T5086] REISERFS (device loop0): using ordered data mode [ 47.299574][ T5086] reiserfs: using flush barriers [ 47.305293][ T5086] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 47.321771][ T5086] REISERFS (device loop0): checking transaction log (loop0) [pid 5086] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5086] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5086] chdir("./file0") = 0 [pid 5086] ioctl(4, LOOP_CLR_FD) = 0 [pid 5086] close(4) = 0 [pid 5086] creat("./bus", 000) = 4 [pid 5086] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5086] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5086] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5086] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5086] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5086] exit_group(0) = ? [pid 5086] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./10/binderfs") = 0 [ 47.353334][ T5086] REISERFS (device loop0): Using r5 hash to sort names [ 47.360543][ T5086] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./10/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./10") = 0 mkdir("./11", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5088 ./strace-static-x86_64: Process 5088 attached [pid 5088] chdir("./11") = 0 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] setpgid(0, 0) = 0 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] write(3, "1000", 4) = 4 [pid 5088] close(3) = 0 [pid 5088] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5088] memfd_create("syzkaller", 0) = 3 [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5088] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5088] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5088] close(3) = 0 [pid 5088] mkdir("./file0", 0777) = 0 [ 47.472880][ T5088] loop0: detected capacity change from 0 to 8192 [ 47.482216][ T5088] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 47.495508][ T5088] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 47.505015][ T5088] REISERFS (device loop0): using ordered data mode [ 47.511575][ T5088] reiserfs: using flush barriers [ 47.517291][ T5088] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 47.533740][ T5088] REISERFS (device loop0): checking transaction log (loop0) [pid 5088] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5088] chdir("./file0") = 0 [pid 5088] ioctl(4, LOOP_CLR_FD) = 0 [pid 5088] close(4) = 0 [pid 5088] creat("./bus", 000) = 4 [pid 5088] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5088] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5088] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5088] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5088] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5088] exit_group(0) = ? [pid 5088] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./11/binderfs") = 0 [ 47.570315][ T5088] REISERFS (device loop0): Using r5 hash to sort names [ 47.577467][ T5088] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./11/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./11") = 0 mkdir("./12", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5090 ./strace-static-x86_64: Process 5090 attached [pid 5090] chdir("./12") = 0 [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] setpgid(0, 0) = 0 [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] write(3, "1000", 4) = 4 [pid 5090] close(3) = 0 [pid 5090] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5090] memfd_create("syzkaller", 0) = 3 [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5090] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5090] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5090] close(3) = 0 [pid 5090] mkdir("./file0", 0777) = 0 [ 47.697383][ T5090] loop0: detected capacity change from 0 to 8192 [ 47.707729][ T5090] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 47.720894][ T5090] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 47.730215][ T5090] REISERFS (device loop0): using ordered data mode [ 47.736753][ T5090] reiserfs: using flush barriers [ 47.742673][ T5090] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 47.760137][ T5090] REISERFS (device loop0): checking transaction log (loop0) [pid 5090] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5090] chdir("./file0") = 0 [pid 5090] ioctl(4, LOOP_CLR_FD) = 0 [pid 5090] close(4) = 0 [pid 5090] creat("./bus", 000) = 4 [pid 5090] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5090] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5090] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5090] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5090] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5090] exit_group(0) = ? [pid 5090] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./12/binderfs") = 0 [ 47.792083][ T5090] REISERFS (device loop0): Using r5 hash to sort names [ 47.799591][ T5090] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./12/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./12") = 0 mkdir("./13", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5092 ./strace-static-x86_64: Process 5092 attached [pid 5092] chdir("./13") = 0 [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5092] setpgid(0, 0) = 0 [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5092] write(3, "1000", 4) = 4 [pid 5092] close(3) = 0 [pid 5092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5092] memfd_create("syzkaller", 0) = 3 [pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5092] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5092] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5092] close(3) = 0 [pid 5092] mkdir("./file0", 0777) = 0 [ 47.896206][ T5092] loop0: detected capacity change from 0 to 8192 [ 47.906571][ T5092] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 47.919862][ T5092] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 47.929291][ T5092] REISERFS (device loop0): using ordered data mode [ 47.935808][ T5092] reiserfs: using flush barriers [ 47.941647][ T5092] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 47.958144][ T5092] REISERFS (device loop0): checking transaction log (loop0) [pid 5092] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5092] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5092] chdir("./file0") = 0 [pid 5092] ioctl(4, LOOP_CLR_FD) = 0 [pid 5092] close(4) = 0 [pid 5092] creat("./bus", 000) = 4 [pid 5092] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5092] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5092] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5092] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5092] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5092] exit_group(0) = ? [pid 5092] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./13/binderfs") = 0 [ 47.993795][ T5092] REISERFS (device loop0): Using r5 hash to sort names [ 48.001178][ T5092] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./13/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./13") = 0 mkdir("./14", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5094 ./strace-static-x86_64: Process 5094 attached [pid 5094] chdir("./14") = 0 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5094] setpgid(0, 0) = 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1000", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5094] memfd_create("syzkaller", 0) = 3 [pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5094] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5094] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5094] close(3) = 0 [pid 5094] mkdir("./file0", 0777) = 0 [ 48.124028][ T5094] loop0: detected capacity change from 0 to 8192 [ 48.133761][ T5094] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.146846][ T5094] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.156033][ T5094] REISERFS (device loop0): using ordered data mode [ 48.162611][ T5094] reiserfs: using flush barriers [ 48.168172][ T5094] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 48.184570][ T5094] REISERFS (device loop0): checking transaction log (loop0) [pid 5094] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5094] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5094] chdir("./file0") = 0 [pid 5094] ioctl(4, LOOP_CLR_FD) = 0 [pid 5094] close(4) = 0 [pid 5094] creat("./bus", 000) = 4 [pid 5094] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5094] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5094] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5094] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5094] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5094] exit_group(0) = ? [pid 5094] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./14/binderfs") = 0 [ 48.219642][ T5094] REISERFS (device loop0): Using r5 hash to sort names [ 48.226744][ T5094] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./14/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./14") = 0 mkdir("./15", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5096 attached [pid 5096] chdir("./15") = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5096 [pid 5096] setpgid(0, 0) = 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5096] write(3, "1000", 4) = 4 [pid 5096] close(3) = 0 [pid 5096] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5096] memfd_create("syzkaller", 0) = 3 [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5096] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5096] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5096] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5096] close(3) = 0 [pid 5096] mkdir("./file0", 0777) = 0 [ 48.333443][ T5096] loop0: detected capacity change from 0 to 8192 [ 48.342866][ T5096] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.355959][ T5096] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.365297][ T5096] REISERFS (device loop0): using ordered data mode [ 48.371885][ T5096] reiserfs: using flush barriers [ 48.377821][ T5096] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 48.394228][ T5096] REISERFS (device loop0): checking transaction log (loop0) [pid 5096] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5096] chdir("./file0") = 0 [pid 5096] ioctl(4, LOOP_CLR_FD) = 0 [pid 5096] close(4) = 0 [pid 5096] creat("./bus", 000) = 4 [pid 5096] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5096] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5096] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5096] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5096] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5096] exit_group(0) = ? [pid 5096] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./15/binderfs") = 0 [ 48.429307][ T5096] REISERFS (device loop0): Using r5 hash to sort names [ 48.436483][ T5096] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./15/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./15") = 0 mkdir("./16", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5098 attached [pid 5098] chdir("./16") = 0 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5098] setpgid(0, 0) = 0 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5098 [pid 5098] <... openat resumed>) = 3 [pid 5098] write(3, "1000", 4) = 4 [pid 5098] close(3) = 0 [pid 5098] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5098] memfd_create("syzkaller", 0) = 3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5098] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5098] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5098] close(3) = 0 [pid 5098] mkdir("./file0", 0777) = 0 [ 48.544185][ T5098] loop0: detected capacity change from 0 to 8192 [ 48.553711][ T5098] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.566987][ T5098] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.576359][ T5098] REISERFS (device loop0): using ordered data mode [ 48.582941][ T5098] reiserfs: using flush barriers [ 48.588675][ T5098] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 48.605190][ T5098] REISERFS (device loop0): checking transaction log (loop0) [pid 5098] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5098] chdir("./file0") = 0 [pid 5098] ioctl(4, LOOP_CLR_FD) = 0 [pid 5098] close(4) = 0 [pid 5098] creat("./bus", 000) = 4 [pid 5098] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5098] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5098] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5098] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5098] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5098] exit_group(0) = ? [pid 5098] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./16/binderfs") = 0 [ 48.639794][ T5098] REISERFS (device loop0): Using r5 hash to sort names [ 48.646886][ T5098] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./16/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./16") = 0 mkdir("./17", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5100 ./strace-static-x86_64: Process 5100 attached [pid 5100] chdir("./17") = 0 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5100] setpgid(0, 0) = 0 [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5100] write(3, "1000", 4) = 4 [pid 5100] close(3) = 0 [pid 5100] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5100] memfd_create("syzkaller", 0) = 3 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5100] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5100] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5100] close(3) = 0 [pid 5100] mkdir("./file0", 0777) = 0 [ 48.757096][ T5100] loop0: detected capacity change from 0 to 8192 [ 48.766390][ T5100] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.779596][ T5100] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.788872][ T5100] REISERFS (device loop0): using ordered data mode [ 48.795396][ T5100] reiserfs: using flush barriers [ 48.801202][ T5100] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 48.817571][ T5100] REISERFS (device loop0): checking transaction log (loop0) [pid 5100] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5100] chdir("./file0") = 0 [pid 5100] ioctl(4, LOOP_CLR_FD) = 0 [pid 5100] close(4) = 0 [pid 5100] creat("./bus", 000) = 4 [pid 5100] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5100] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5100] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5100] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5100] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5100] exit_group(0) = ? [pid 5100] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./17/binderfs") = 0 [ 48.851846][ T5100] REISERFS (device loop0): Using r5 hash to sort names [ 48.859650][ T5100] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./17/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./17") = 0 mkdir("./18", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5102 ./strace-static-x86_64: Process 5102 attached [pid 5102] chdir("./18") = 0 [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5102] setpgid(0, 0) = 0 [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5102] write(3, "1000", 4) = 4 [pid 5102] close(3) = 0 [pid 5102] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5102] memfd_create("syzkaller", 0) = 3 [pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5102] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5102] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5102] close(3) = 0 [pid 5102] mkdir("./file0", 0777) = 0 [ 48.952775][ T5102] loop0: detected capacity change from 0 to 8192 [ 48.962642][ T5102] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 48.975873][ T5102] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.985359][ T5102] REISERFS (device loop0): using ordered data mode [ 48.992082][ T5102] reiserfs: using flush barriers [ 48.997900][ T5102] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.014342][ T5102] REISERFS (device loop0): checking transaction log (loop0) [pid 5102] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5102] chdir("./file0") = 0 [pid 5102] ioctl(4, LOOP_CLR_FD) = 0 [pid 5102] close(4) = 0 [pid 5102] creat("./bus", 000) = 4 [pid 5102] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5102] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5102] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5102] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5102] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5102] exit_group(0) = ? [pid 5102] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./18/binderfs") = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./18/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 49.043913][ T5102] REISERFS (device loop0): Using r5 hash to sort names [ 49.051143][ T5102] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./18") = 0 mkdir("./19", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5104 ./strace-static-x86_64: Process 5104 attached [pid 5104] chdir("./19") = 0 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5104] setpgid(0, 0) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5104] write(3, "1000", 4) = 4 [pid 5104] close(3) = 0 [pid 5104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5104] memfd_create("syzkaller", 0) = 3 [pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5104] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5104] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5104] close(3) = 0 [pid 5104] mkdir("./file0", 0777) = 0 [ 49.148696][ T5104] loop0: detected capacity change from 0 to 8192 [ 49.159182][ T5104] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.172397][ T5104] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.181726][ T5104] REISERFS (device loop0): using ordered data mode [ 49.188343][ T5104] reiserfs: using flush barriers [ 49.194280][ T5104] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.210598][ T5104] REISERFS (device loop0): checking transaction log (loop0) [pid 5104] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5104] chdir("./file0") = 0 [pid 5104] ioctl(4, LOOP_CLR_FD) = 0 [pid 5104] close(4) = 0 [pid 5104] creat("./bus", 000) = 4 [pid 5104] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5104] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5104] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5104] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5104] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5104] exit_group(0) = ? [pid 5104] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./19/binderfs") = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 49.245342][ T5104] REISERFS (device loop0): Using r5 hash to sort names [ 49.252561][ T5104] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./19/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./19") = 0 mkdir("./20", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5106 ./strace-static-x86_64: Process 5106 attached [pid 5106] chdir("./20") = 0 [pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5106] setpgid(0, 0) = 0 [pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5106] write(3, "1000", 4) = 4 [pid 5106] close(3) = 0 [pid 5106] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5106] memfd_create("syzkaller", 0) = 3 [pid 5106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5106] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5106] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5106] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5106] close(3) = 0 [pid 5106] mkdir("./file0", 0777) = 0 [ 49.354309][ T5106] loop0: detected capacity change from 0 to 8192 [ 49.363435][ T5106] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.376580][ T5106] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.385825][ T5106] REISERFS (device loop0): using ordered data mode [ 49.392460][ T5106] reiserfs: using flush barriers [ 49.398157][ T5106] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.414747][ T5106] REISERFS (device loop0): checking transaction log (loop0) [pid 5106] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5106] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5106] chdir("./file0") = 0 [pid 5106] ioctl(4, LOOP_CLR_FD) = 0 [pid 5106] close(4) = 0 [pid 5106] creat("./bus", 000) = 4 [pid 5106] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5106] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5106] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5106] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5106] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5106] exit_group(0) = ? [pid 5106] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./20/binderfs") = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./20/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./20") = 0 [ 49.448943][ T5106] REISERFS (device loop0): Using r5 hash to sort names [ 49.456127][ T5106] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. mkdir("./21", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5108 ./strace-static-x86_64: Process 5108 attached [pid 5108] chdir("./21") = 0 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5108] setpgid(0, 0) = 0 [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5108] write(3, "1000", 4) = 4 [pid 5108] close(3) = 0 [pid 5108] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5108] memfd_create("syzkaller", 0) = 3 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5108] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5108] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5108] close(3) = 0 [pid 5108] mkdir("./file0", 0777) = 0 [ 49.553549][ T5108] loop0: detected capacity change from 0 to 8192 [ 49.562614][ T5108] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.575709][ T5108] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.584975][ T5108] REISERFS (device loop0): using ordered data mode [ 49.591522][ T5108] reiserfs: using flush barriers [ 49.597110][ T5108] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.613504][ T5108] REISERFS (device loop0): checking transaction log (loop0) [ 49.642265][ T5108] REISERFS (device loop0): Using r5 hash to sort names [pid 5108] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5108] chdir("./file0") = 0 [pid 5108] ioctl(4, LOOP_CLR_FD) = 0 [pid 5108] close(4) = 0 [pid 5108] creat("./bus", 000) = 4 [pid 5108] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5108] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5108] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5108] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5108] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5108] exit_group(0) = ? [pid 5108] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./21/binderfs") = 0 [ 49.649534][ T5108] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./21/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./21") = 0 mkdir("./22", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5110 ./strace-static-x86_64: Process 5110 attached [pid 5110] chdir("./22") = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5110] setpgid(0, 0) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5110] write(3, "1000", 4) = 4 [pid 5110] close(3) = 0 [pid 5110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5110] memfd_create("syzkaller", 0) = 3 [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5110] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5110] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5110] close(3) = 0 [pid 5110] mkdir("./file0", 0777) = 0 [ 49.750990][ T5110] loop0: detected capacity change from 0 to 8192 [ 49.760459][ T5110] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.773700][ T5110] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.783014][ T5110] REISERFS (device loop0): using ordered data mode [ 49.789597][ T5110] reiserfs: using flush barriers [ 49.795387][ T5110] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 49.811758][ T5110] REISERFS (device loop0): checking transaction log (loop0) [pid 5110] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5110] chdir("./file0") = 0 [pid 5110] ioctl(4, LOOP_CLR_FD) = 0 [pid 5110] close(4) = 0 [pid 5110] creat("./bus", 000) = 4 [pid 5110] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5110] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5110] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5110] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5110] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5110] exit_group(0) = ? [pid 5110] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./22/binderfs") = 0 [ 49.846470][ T5110] REISERFS (device loop0): Using r5 hash to sort names [ 49.853730][ T5110] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./22/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./22") = 0 mkdir("./23", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5112 ./strace-static-x86_64: Process 5112 attached [pid 5112] chdir("./23") = 0 [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5112] setpgid(0, 0) = 0 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5112] write(3, "1000", 4) = 4 [pid 5112] close(3) = 0 [pid 5112] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5112] memfd_create("syzkaller", 0) = 3 [pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5112] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5112] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5112] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5112] close(3) = 0 [pid 5112] mkdir("./file0", 0777) = 0 [ 49.970691][ T5112] loop0: detected capacity change from 0 to 8192 [ 49.980089][ T5112] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 49.993143][ T5112] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 50.002598][ T5112] REISERFS (device loop0): using ordered data mode [ 50.009176][ T5112] reiserfs: using flush barriers [ 50.015041][ T5112] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.031695][ T5112] REISERFS (device loop0): checking transaction log (loop0) [pid 5112] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5112] chdir("./file0") = 0 [pid 5112] ioctl(4, LOOP_CLR_FD) = 0 [pid 5112] close(4) = 0 [pid 5112] creat("./bus", 000) = 4 [pid 5112] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5112] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5112] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5112] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5112] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5112] exit_group(0) = ? [pid 5112] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./23/binderfs") = 0 [ 50.067052][ T5112] REISERFS (device loop0): Using r5 hash to sort names [ 50.074225][ T5112] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./23/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./23") = 0 mkdir("./24", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5114 ./strace-static-x86_64: Process 5114 attached [pid 5114] chdir("./24") = 0 [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5114] setpgid(0, 0) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5114] write(3, "1000", 4) = 4 [pid 5114] close(3) = 0 [pid 5114] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5114] memfd_create("syzkaller", 0) = 3 [pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5114] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5114] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5114] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5114] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5114] close(3) = 0 [pid 5114] mkdir("./file0", 0777) = 0 [ 50.174527][ T5114] loop0: detected capacity change from 0 to 8192 [ 50.184199][ T5114] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 50.197282][ T5114] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 50.206696][ T5114] REISERFS (device loop0): using ordered data mode [ 50.213227][ T5114] reiserfs: using flush barriers [ 50.218858][ T5114] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.235353][ T5114] REISERFS (device loop0): checking transaction log (loop0) [pid 5114] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5114] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5114] chdir("./file0") = 0 [pid 5114] ioctl(4, LOOP_CLR_FD) = 0 [pid 5114] close(4) = 0 [pid 5114] creat("./bus", 000) = 4 [pid 5114] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5114] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5114] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5114] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5114] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5114] exit_group(0) = ? [pid 5114] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./24/binderfs") = 0 [ 50.270293][ T5114] REISERFS (device loop0): Using r5 hash to sort names [ 50.277498][ T5114] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./24/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./24") = 0 mkdir("./25", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5116 ./strace-static-x86_64: Process 5116 attached [pid 5116] chdir("./25") = 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5116] setpgid(0, 0) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5116] write(3, "1000", 4) = 4 [pid 5116] close(3) = 0 [pid 5116] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5116] memfd_create("syzkaller", 0) = 3 [pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5116] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5116] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5116] close(3) = 0 [pid 5116] mkdir("./file0", 0777) = 0 [ 50.391729][ T5116] loop0: detected capacity change from 0 to 8192 [ 50.400978][ T5116] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 50.414183][ T5116] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 50.423472][ T5116] REISERFS (device loop0): using ordered data mode [ 50.430020][ T5116] reiserfs: using flush barriers [ 50.435559][ T5116] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.452041][ T5116] REISERFS (device loop0): checking transaction log (loop0) [ 50.480978][ T5116] REISERFS (device loop0): Using r5 hash to sort names [pid 5116] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5116] chdir("./file0") = 0 [pid 5116] ioctl(4, LOOP_CLR_FD) = 0 [pid 5116] close(4) = 0 [pid 5116] creat("./bus", 000) = 4 [pid 5116] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5116] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5116] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5116] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5116] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5116] exit_group(0) = ? [pid 5116] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./25/binderfs") = 0 [ 50.488396][ T5116] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./25/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./25") = 0 mkdir("./26", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5118 ./strace-static-x86_64: Process 5118 attached [pid 5118] chdir("./26") = 0 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5118] setpgid(0, 0) = 0 [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5118] write(3, "1000", 4) = 4 [pid 5118] close(3) = 0 [pid 5118] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5118] memfd_create("syzkaller", 0) = 3 [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5118] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5118] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5118] close(3) = 0 [pid 5118] mkdir("./file0", 0777) = 0 [ 50.590230][ T5118] loop0: detected capacity change from 0 to 8192 [ 50.600335][ T5118] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 50.613336][ T5118] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 50.622551][ T5118] REISERFS (device loop0): using ordered data mode [ 50.629096][ T5118] reiserfs: using flush barriers [ 50.634737][ T5118] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.651094][ T5118] REISERFS (device loop0): checking transaction log (loop0) [pid 5118] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5118] chdir("./file0") = 0 [pid 5118] ioctl(4, LOOP_CLR_FD) = 0 [pid 5118] close(4) = 0 [pid 5118] creat("./bus", 000) = 4 [pid 5118] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5118] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5118] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5118] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5118] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5118] exit_group(0) = ? [pid 5118] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./26/binderfs") = 0 [ 50.684479][ T5118] REISERFS (device loop0): Using r5 hash to sort names [ 50.691698][ T5118] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./26/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./26") = 0 mkdir("./27", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5120 attached , child_tidptr=0x555556cf25d0) = 5120 [pid 5120] chdir("./27") = 0 [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5120] setpgid(0, 0) = 0 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5120] write(3, "1000", 4) = 4 [pid 5120] close(3) = 0 [pid 5120] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5120] memfd_create("syzkaller", 0) = 3 [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5120] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5120] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5120] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5120] close(3) = 0 [pid 5120] mkdir("./file0", 0777) = 0 [ 50.796740][ T5120] loop0: detected capacity change from 0 to 8192 [ 50.805854][ T5120] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 50.819151][ T5120] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 50.828612][ T5120] REISERFS (device loop0): using ordered data mode [ 50.835153][ T5120] reiserfs: using flush barriers [ 50.840742][ T5120] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.857133][ T5120] REISERFS (device loop0): checking transaction log (loop0) [pid 5120] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5120] chdir("./file0") = 0 [pid 5120] ioctl(4, LOOP_CLR_FD) = 0 [pid 5120] close(4) = 0 [pid 5120] creat("./bus", 000) = 4 [pid 5120] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5120] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5120] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5120] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5120] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5120] exit_group(0) = ? [pid 5120] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./27/binderfs") = 0 umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 50.889927][ T5120] REISERFS (device loop0): Using r5 hash to sort names [ 50.896926][ T5120] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. lstat("./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./27/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./27") = 0 mkdir("./28", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5122 ./strace-static-x86_64: Process 5122 attached [pid 5122] chdir("./28") = 0 [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5122] setpgid(0, 0) = 0 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5122] write(3, "1000", 4) = 4 [pid 5122] close(3) = 0 [pid 5122] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5122] memfd_create("syzkaller", 0) = 3 [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5122] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5122] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5122] close(3) = 0 [pid 5122] mkdir("./file0", 0777) = 0 [ 51.011987][ T5122] loop0: detected capacity change from 0 to 8192 [ 51.021735][ T5122] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 51.034846][ T5122] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 51.044193][ T5122] REISERFS (device loop0): using ordered data mode [ 51.050733][ T5122] reiserfs: using flush barriers [ 51.056298][ T5122] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 51.072691][ T5122] REISERFS (device loop0): checking transaction log (loop0) [ 51.101840][ T5122] REISERFS (device loop0): Using r5 hash to sort names [pid 5122] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5122] chdir("./file0") = 0 [pid 5122] ioctl(4, LOOP_CLR_FD) = 0 [pid 5122] close(4) = 0 [pid 5122] creat("./bus", 000) = 4 [pid 5122] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5122] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5122] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5122] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5122] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5122] exit_group(0) = ? [pid 5122] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./28/binderfs") = 0 umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 51.109077][ T5122] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./28/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./28") = 0 mkdir("./29", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5124 ./strace-static-x86_64: Process 5124 attached [pid 5124] chdir("./29") = 0 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5124] setpgid(0, 0) = 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5124] write(3, "1000", 4) = 4 [pid 5124] close(3) = 0 [pid 5124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5124] memfd_create("syzkaller", 0) = 3 [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5124] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5124] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5124] close(3) = 0 [pid 5124] mkdir("./file0", 0777) = 0 [ 51.223085][ T5124] loop0: detected capacity change from 0 to 8192 [ 51.232420][ T5124] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 51.245544][ T5124] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 51.254871][ T5124] REISERFS (device loop0): using ordered data mode [ 51.261473][ T5124] reiserfs: using flush barriers [ 51.267079][ T5124] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 51.283543][ T5124] REISERFS (device loop0): checking transaction log (loop0) [pid 5124] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5124] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5124] chdir("./file0") = 0 [pid 5124] ioctl(4, LOOP_CLR_FD) = 0 [pid 5124] close(4) = 0 [pid 5124] creat("./bus", 000) = 4 [pid 5124] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5124] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5124] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5124] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5124] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5124] exit_group(0) = ? [pid 5124] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./29/binderfs") = 0 umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 [ 51.317646][ T5124] REISERFS (device loop0): Using r5 hash to sort names [ 51.324959][ T5124] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(4) = 0 rmdir("./29/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./29") = 0 mkdir("./30", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5126 ./strace-static-x86_64: Process 5126 attached [pid 5126] chdir("./30") = 0 [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5126] setpgid(0, 0) = 0 [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5126] write(3, "1000", 4) = 4 [pid 5126] close(3) = 0 [pid 5126] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5126] memfd_create("syzkaller", 0) = 3 [pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5126] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5126] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5126] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5126] close(3) = 0 [pid 5126] mkdir("./file0", 0777) = 0 [ 51.425748][ T5126] loop0: detected capacity change from 0 to 8192 [ 51.434939][ T5126] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 51.448043][ T5126] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 51.457249][ T5126] REISERFS (device loop0): using ordered data mode [ 51.463842][ T5126] reiserfs: using flush barriers [ 51.469647][ T5126] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 51.486488][ T5126] REISERFS (device loop0): checking transaction log (loop0) [pid 5126] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5126] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5126] chdir("./file0") = 0 [pid 5126] ioctl(4, LOOP_CLR_FD) = 0 [pid 5126] close(4) = 0 [pid 5126] creat("./bus", 000) = 4 [pid 5126] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5126] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5126] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5126] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5126] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5126] exit_group(0) = ? [pid 5126] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./30/binderfs") = 0 [ 51.521131][ T5126] REISERFS (device loop0): Using r5 hash to sort names [ 51.528323][ T5126] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./30/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./30") = 0 mkdir("./31", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5128 attached , child_tidptr=0x555556cf25d0) = 5128 [pid 5128] chdir("./31") = 0 [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5128] setpgid(0, 0) = 0 [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5128] write(3, "1000", 4) = 4 [pid 5128] close(3) = 0 [pid 5128] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5128] memfd_create("syzkaller", 0) = 3 [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5128] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5128] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5128] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5128] close(3) = 0 [pid 5128] mkdir("./file0", 0777) = 0 [ 51.640727][ T5128] loop0: detected capacity change from 0 to 8192 [ 51.649891][ T5128] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 51.663277][ T5128] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 51.672527][ T5128] REISERFS (device loop0): using ordered data mode [ 51.679062][ T5128] reiserfs: using flush barriers [ 51.684751][ T5128] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 51.701332][ T5128] REISERFS (device loop0): checking transaction log (loop0) [ 51.729733][ T5128] REISERFS (device loop0): Using r5 hash to sort names [pid 5128] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5128] chdir("./file0") = 0 [pid 5128] ioctl(4, LOOP_CLR_FD) = 0 [pid 5128] close(4) = 0 [pid 5128] creat("./bus", 000) = 4 [pid 5128] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5128] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5128] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5128] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5128] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5128] exit_group(0) = ? [pid 5128] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./31/binderfs") = 0 [ 51.736743][ T5128] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./31/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./31") = 0 mkdir("./32", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5130 ./strace-static-x86_64: Process 5130 attached [pid 5130] chdir("./32") = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5130] setpgid(0, 0) = 0 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5130] write(3, "1000", 4) = 4 [pid 5130] close(3) = 0 [pid 5130] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5130] memfd_create("syzkaller", 0) = 3 [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5130] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5130] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5130] close(3) = 0 [pid 5130] mkdir("./file0", 0777) = 0 [ 51.848407][ T5130] loop0: detected capacity change from 0 to 8192 [ 51.857700][ T5130] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 51.870791][ T5130] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 51.880138][ T5130] REISERFS (device loop0): using ordered data mode [ 51.886637][ T5130] reiserfs: using flush barriers [ 51.892520][ T5130] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 51.908949][ T5130] REISERFS (device loop0): checking transaction log (loop0) [pid 5130] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5130] chdir("./file0") = 0 [pid 5130] ioctl(4, LOOP_CLR_FD) = 0 [pid 5130] close(4) = 0 [pid 5130] creat("./bus", 000) = 4 [pid 5130] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5130] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5130] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5130] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5130] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5130] exit_group(0) = ? [pid 5130] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./32/binderfs") = 0 [ 51.943143][ T5130] REISERFS (device loop0): Using r5 hash to sort names [ 51.950476][ T5130] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./32/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./32") = 0 mkdir("./33", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5132 ./strace-static-x86_64: Process 5132 attached [pid 5132] chdir("./33") = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5132] write(3, "1000", 4) = 4 [pid 5132] close(3) = 0 [pid 5132] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5132] memfd_create("syzkaller", 0) = 3 [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5132] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5132] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5132] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5132] close(3) = 0 [pid 5132] mkdir("./file0", 0777) = 0 [ 52.069146][ T5132] loop0: detected capacity change from 0 to 8192 [ 52.078153][ T5132] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 52.091306][ T5132] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 52.100609][ T5132] REISERFS (device loop0): using ordered data mode [ 52.107121][ T5132] reiserfs: using flush barriers [ 52.112982][ T5132] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 52.129244][ T5132] REISERFS (device loop0): checking transaction log (loop0) [ 52.158961][ T5132] REISERFS (device loop0): Using r5 hash to sort names [pid 5132] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5132] chdir("./file0") = 0 [pid 5132] ioctl(4, LOOP_CLR_FD) = 0 [pid 5132] close(4) = 0 [pid 5132] creat("./bus", 000) = 4 [pid 5132] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5132] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5132] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5132] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5132] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5132] exit_group(0) = ? [pid 5132] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./33/binderfs") = 0 umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./33/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./33") = 0 mkdir("./34", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 52.166013][ T5132] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5134 ./strace-static-x86_64: Process 5134 attached [pid 5134] chdir("./34") = 0 [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5134] setpgid(0, 0) = 0 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5134] write(3, "1000", 4) = 4 [pid 5134] close(3) = 0 [pid 5134] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5134] memfd_create("syzkaller", 0) = 3 [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5134] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5134] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5134] close(3) = 0 [pid 5134] mkdir("./file0", 0777) = 0 [ 52.271960][ T5134] loop0: detected capacity change from 0 to 8192 [ 52.281491][ T5134] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 52.294601][ T5134] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 52.303916][ T5134] REISERFS (device loop0): using ordered data mode [ 52.310469][ T5134] reiserfs: using flush barriers [ 52.316139][ T5134] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 52.332613][ T5134] REISERFS (device loop0): checking transaction log (loop0) [pid 5134] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5134] chdir("./file0") = 0 [pid 5134] ioctl(4, LOOP_CLR_FD) = 0 [pid 5134] close(4) = 0 [pid 5134] creat("./bus", 000) = 4 [pid 5134] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5134] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5134] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5134] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5134] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5134] exit_group(0) = ? [pid 5134] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./34/binderfs") = 0 [ 52.366546][ T5134] REISERFS (device loop0): Using r5 hash to sort names [ 52.373747][ T5134] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./34/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./34") = 0 mkdir("./35", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5136 attached , child_tidptr=0x555556cf25d0) = 5136 [pid 5136] chdir("./35") = 0 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [pid 5136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5136] memfd_create("syzkaller", 0) = 3 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5136] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5136] close(3) = 0 [pid 5136] mkdir("./file0", 0777) = 0 [ 52.481438][ T5136] loop0: detected capacity change from 0 to 8192 [ 52.490520][ T5136] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 52.503945][ T5136] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 52.513277][ T5136] REISERFS (device loop0): using ordered data mode [ 52.519818][ T5136] reiserfs: using flush barriers [ 52.525386][ T5136] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 52.541824][ T5136] REISERFS (device loop0): checking transaction log (loop0) [pid 5136] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5136] chdir("./file0") = 0 [pid 5136] ioctl(4, LOOP_CLR_FD) = 0 [pid 5136] close(4) = 0 [pid 5136] creat("./bus", 000) = 4 [pid 5136] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5136] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5136] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5136] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5136] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5136] exit_group(0) = ? [pid 5136] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./35/binderfs") = 0 [ 52.575480][ T5136] REISERFS (device loop0): Using r5 hash to sort names [ 52.582751][ T5136] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./35/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./35") = 0 mkdir("./36", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5138 attached , child_tidptr=0x555556cf25d0) = 5138 [pid 5138] chdir("./36") = 0 [pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5138] setpgid(0, 0) = 0 [pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5138] write(3, "1000", 4) = 4 [pid 5138] close(3) = 0 [pid 5138] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5138] memfd_create("syzkaller", 0) = 3 [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5138] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5138] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5138] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5138] close(3) = 0 [pid 5138] mkdir("./file0", 0777) = 0 [ 52.693636][ T5138] loop0: detected capacity change from 0 to 8192 [ 52.703049][ T5138] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 52.716106][ T5138] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 52.725530][ T5138] REISERFS (device loop0): using ordered data mode [ 52.732087][ T5138] reiserfs: using flush barriers [ 52.737895][ T5138] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 52.754327][ T5138] REISERFS (device loop0): checking transaction log (loop0) [pid 5138] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5138] chdir("./file0") = 0 [pid 5138] ioctl(4, LOOP_CLR_FD) = 0 [pid 5138] close(4) = 0 [pid 5138] creat("./bus", 000) = 4 [pid 5138] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5138] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5138] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5138] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5138] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5138] exit_group(0) = ? [pid 5138] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./36/binderfs") = 0 [ 52.789063][ T5138] REISERFS (device loop0): Using r5 hash to sort names [ 52.796347][ T5138] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./36/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./36") = 0 mkdir("./37", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5140 ./strace-static-x86_64: Process 5140 attached [pid 5140] chdir("./37") = 0 [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5140] setpgid(0, 0) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5140] write(3, "1000", 4) = 4 [pid 5140] close(3) = 0 [pid 5140] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5140] memfd_create("syzkaller", 0) = 3 [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5140] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5140] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5140] close(3) = 0 [pid 5140] mkdir("./file0", 0777) = 0 [ 52.906086][ T5140] loop0: detected capacity change from 0 to 8192 [ 52.915368][ T5140] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 52.928470][ T5140] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 52.937722][ T5140] REISERFS (device loop0): using ordered data mode [ 52.944286][ T5140] reiserfs: using flush barriers [ 52.950065][ T5140] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 52.966772][ T5140] REISERFS (device loop0): checking transaction log (loop0) [pid 5140] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5140] chdir("./file0") = 0 [pid 5140] ioctl(4, LOOP_CLR_FD) = 0 [pid 5140] close(4) = 0 [pid 5140] creat("./bus", 000) = 4 [pid 5140] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5140] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5140] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5140] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5140] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5140] exit_group(0) = ? [pid 5140] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./37/binderfs") = 0 umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./37/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./37") = 0 mkdir("./38", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 53.001805][ T5140] REISERFS (device loop0): Using r5 hash to sort names [ 53.009035][ T5140] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5142 ./strace-static-x86_64: Process 5142 attached [pid 5142] chdir("./38") = 0 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5142] setpgid(0, 0) = 0 [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5142] write(3, "1000", 4) = 4 [pid 5142] close(3) = 0 [pid 5142] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5142] memfd_create("syzkaller", 0) = 3 [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5142] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5142] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5142] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5142] close(3) = 0 [pid 5142] mkdir("./file0", 0777) = 0 [ 53.107133][ T5142] loop0: detected capacity change from 0 to 8192 [ 53.116082][ T5142] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 53.129210][ T5142] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 53.138441][ T5142] REISERFS (device loop0): using ordered data mode [ 53.145019][ T5142] reiserfs: using flush barriers [ 53.150579][ T5142] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 53.167064][ T5142] REISERFS (device loop0): checking transaction log (loop0) [ 53.196355][ T5142] REISERFS (device loop0): Using r5 hash to sort names [pid 5142] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5142] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5142] chdir("./file0") = 0 [pid 5142] ioctl(4, LOOP_CLR_FD) = 0 [pid 5142] close(4) = 0 [pid 5142] creat("./bus", 000) = 4 [pid 5142] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5142] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5142] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5142] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5142] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5142] exit_group(0) = ? [pid 5142] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./38/binderfs") = 0 [ 53.203646][ T5142] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./38/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./38") = 0 mkdir("./39", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5144 attached , child_tidptr=0x555556cf25d0) = 5144 [pid 5144] chdir("./39") = 0 [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5144] setpgid(0, 0) = 0 [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5144] write(3, "1000", 4) = 4 [pid 5144] close(3) = 0 [pid 5144] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5144] memfd_create("syzkaller", 0) = 3 [pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5144] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5144] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5144] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5144] close(3) = 0 [pid 5144] mkdir("./file0", 0777) = 0 [ 53.308718][ T5144] loop0: detected capacity change from 0 to 8192 [ 53.318014][ T5144] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 53.331083][ T5144] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 53.340353][ T5144] REISERFS (device loop0): using ordered data mode [ 53.346868][ T5144] reiserfs: using flush barriers [ 53.352592][ T5144] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 53.369074][ T5144] REISERFS (device loop0): checking transaction log (loop0) [pid 5144] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5144] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5144] chdir("./file0") = 0 [pid 5144] ioctl(4, LOOP_CLR_FD) = 0 [pid 5144] close(4) = 0 [pid 5144] creat("./bus", 000) = 4 [pid 5144] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5144] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5144] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5144] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5144] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5144] exit_group(0) = ? [pid 5144] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./39/binderfs") = 0 umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 53.399711][ T5144] REISERFS (device loop0): Using r5 hash to sort names [ 53.406942][ T5144] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./39/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./39") = 0 mkdir("./40", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5146 attached , child_tidptr=0x555556cf25d0) = 5146 [pid 5146] chdir("./40") = 0 [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5146] setpgid(0, 0) = 0 [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5146] write(3, "1000", 4) = 4 [pid 5146] close(3) = 0 [pid 5146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5146] memfd_create("syzkaller", 0) = 3 [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5146] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5146] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5146] close(3) = 0 [pid 5146] mkdir("./file0", 0777) = 0 [ 53.506723][ T5146] loop0: detected capacity change from 0 to 8192 [ 53.517250][ T5146] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 53.530529][ T5146] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 53.540114][ T5146] REISERFS (device loop0): using ordered data mode [ 53.546637][ T5146] reiserfs: using flush barriers [ 53.552589][ T5146] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 53.569019][ T5146] REISERFS (device loop0): checking transaction log (loop0) [pid 5146] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5146] chdir("./file0") = 0 [pid 5146] ioctl(4, LOOP_CLR_FD) = 0 [pid 5146] close(4) = 0 [pid 5146] creat("./bus", 000) = 4 [pid 5146] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5146] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5146] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5146] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5146] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5146] exit_group(0) = ? [pid 5146] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./40/binderfs") = 0 umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 53.598184][ T5146] REISERFS (device loop0): Using r5 hash to sort names [ 53.605284][ T5146] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./40/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./40") = 0 mkdir("./41", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5148 ./strace-static-x86_64: Process 5148 attached [pid 5148] chdir("./41") = 0 [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5148] setpgid(0, 0) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5148] write(3, "1000", 4) = 4 [pid 5148] close(3) = 0 [pid 5148] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5148] memfd_create("syzkaller", 0) = 3 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5148] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5148] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5148] close(3) = 0 [pid 5148] mkdir("./file0", 0777) = 0 [ 53.707926][ T5148] loop0: detected capacity change from 0 to 8192 [ 53.717651][ T5148] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 53.731020][ T5148] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 53.740272][ T5148] REISERFS (device loop0): using ordered data mode [ 53.746788][ T5148] reiserfs: using flush barriers [ 53.752737][ T5148] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 53.769312][ T5148] REISERFS (device loop0): checking transaction log (loop0) [pid 5148] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5148] chdir("./file0") = 0 [pid 5148] ioctl(4, LOOP_CLR_FD) = 0 [pid 5148] close(4) = 0 [pid 5148] creat("./bus", 000) = 4 [pid 5148] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5148] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5148] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5148] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5148] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5148] exit_group(0) = ? [pid 5148] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./41/binderfs") = 0 [ 53.805785][ T5148] REISERFS (device loop0): Using r5 hash to sort names [ 53.812987][ T5148] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./41/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./41") = 0 mkdir("./42", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5150 ./strace-static-x86_64: Process 5150 attached [pid 5150] chdir("./42") = 0 [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5150] setpgid(0, 0) = 0 [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5150] write(3, "1000", 4) = 4 [pid 5150] close(3) = 0 [pid 5150] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5150] memfd_create("syzkaller", 0) = 3 [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5150] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5150] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5150] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5150] close(3) = 0 [pid 5150] mkdir("./file0", 0777) = 0 [ 53.929282][ T5150] loop0: detected capacity change from 0 to 8192 [ 53.938592][ T5150] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 53.951649][ T5150] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 53.961147][ T5150] REISERFS (device loop0): using ordered data mode [ 53.967761][ T5150] reiserfs: using flush barriers [ 53.973600][ T5150] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 53.990094][ T5150] REISERFS (device loop0): checking transaction log (loop0) [pid 5150] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5150] chdir("./file0") = 0 [pid 5150] ioctl(4, LOOP_CLR_FD) = 0 [pid 5150] close(4) = 0 [pid 5150] creat("./bus", 000) = 4 [pid 5150] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5150] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5150] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5150] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5150] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5150] exit_group(0) = ? [pid 5150] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./42/binderfs") = 0 [ 54.041403][ T5150] REISERFS (device loop0): Using r5 hash to sort names [ 54.048914][ T5150] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./42/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./42") = 0 mkdir("./43", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5152 ./strace-static-x86_64: Process 5152 attached [pid 5152] chdir("./43") = 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5152] setpgid(0, 0) = 0 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5152] write(3, "1000", 4) = 4 [pid 5152] close(3) = 0 [pid 5152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5152] memfd_create("syzkaller", 0) = 3 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5152] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5152] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5152] close(3) = 0 [pid 5152] mkdir("./file0", 0777) = 0 [ 54.223056][ T5152] loop0: detected capacity change from 0 to 8192 [ 54.232504][ T5152] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 54.246289][ T5152] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 54.255619][ T5152] REISERFS (device loop0): using ordered data mode [ 54.262195][ T5152] reiserfs: using flush barriers [ 54.268010][ T5152] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 54.284491][ T5152] REISERFS (device loop0): checking transaction log (loop0) [pid 5152] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5152] chdir("./file0") = 0 [pid 5152] ioctl(4, LOOP_CLR_FD) = 0 [pid 5152] close(4) = 0 [pid 5152] creat("./bus", 000) = 4 [pid 5152] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5152] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5152] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5152] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5152] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5152] exit_group(0) = ? [pid 5152] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./43/binderfs") = 0 [ 54.320997][ T5152] REISERFS (device loop0): Using r5 hash to sort names [ 54.328184][ T5152] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./43/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./43") = 0 mkdir("./44", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5154 ./strace-static-x86_64: Process 5154 attached [pid 5154] chdir("./44") = 0 [pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5154] setpgid(0, 0) = 0 [pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5154] write(3, "1000", 4) = 4 [pid 5154] close(3) = 0 [pid 5154] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5154] memfd_create("syzkaller", 0) = 3 [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5154] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5154] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5154] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5154] close(3) = 0 [pid 5154] mkdir("./file0", 0777) = 0 [ 54.434651][ T5154] loop0: detected capacity change from 0 to 8192 [ 54.444697][ T5154] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 54.457828][ T5154] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 54.467189][ T5154] REISERFS (device loop0): using ordered data mode [ 54.473755][ T5154] reiserfs: using flush barriers [ 54.479855][ T5154] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 54.496139][ T5154] REISERFS (device loop0): checking transaction log (loop0) [pid 5154] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5154] chdir("./file0") = 0 [pid 5154] ioctl(4, LOOP_CLR_FD) = 0 [pid 5154] close(4) = 0 [pid 5154] creat("./bus", 000) = 4 [pid 5154] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5154] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5154] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5154] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5154] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5154] exit_group(0) = ? [pid 5154] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./44/binderfs") = 0 [ 54.533309][ T5154] REISERFS (device loop0): Using r5 hash to sort names [ 54.540461][ T5154] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./44/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./44") = 0 mkdir("./45", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5156 attached , child_tidptr=0x555556cf25d0) = 5156 [pid 5156] chdir("./45") = 0 [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5156] setpgid(0, 0) = 0 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5156] write(3, "1000", 4) = 4 [pid 5156] close(3) = 0 [pid 5156] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5156] memfd_create("syzkaller", 0) = 3 [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5156] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5156] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5156] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5156] close(3) = 0 [pid 5156] mkdir("./file0", 0777) = 0 [ 54.654967][ T5156] loop0: detected capacity change from 0 to 8192 [ 54.664761][ T5156] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 54.677849][ T5156] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 54.687075][ T5156] REISERFS (device loop0): using ordered data mode [ 54.693727][ T5156] reiserfs: using flush barriers [ 54.699685][ T5156] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 54.716131][ T5156] REISERFS (device loop0): checking transaction log (loop0) [pid 5156] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5156] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5156] chdir("./file0") = 0 [pid 5156] ioctl(4, LOOP_CLR_FD) = 0 [pid 5156] close(4) = 0 [pid 5156] creat("./bus", 000) = 4 [pid 5156] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5156] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5156] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5156] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5156] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5156] exit_group(0) = ? [pid 5156] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./45/binderfs") = 0 [ 54.752146][ T5156] REISERFS (device loop0): Using r5 hash to sort names [ 54.759326][ T5156] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./45/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./45") = 0 mkdir("./46", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5158 attached [pid 5158] chdir("./46") = 0 [pid 5158] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5158] setpgid(0, 0) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5158 [pid 5158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5158] write(3, "1000", 4) = 4 [pid 5158] close(3) = 0 [pid 5158] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5158] memfd_create("syzkaller", 0) = 3 [pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5158] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5158] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5158] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5158] close(3) = 0 [pid 5158] mkdir("./file0", 0777) = 0 [ 54.866829][ T5158] loop0: detected capacity change from 0 to 8192 [ 54.875879][ T5158] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 54.889007][ T5158] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 54.898187][ T5158] REISERFS (device loop0): using ordered data mode [ 54.904783][ T5158] reiserfs: using flush barriers [ 54.910694][ T5158] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 54.927296][ T5158] REISERFS (device loop0): checking transaction log (loop0) [pid 5158] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5158] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5158] chdir("./file0") = 0 [pid 5158] ioctl(4, LOOP_CLR_FD) = 0 [pid 5158] close(4) = 0 [pid 5158] creat("./bus", 000) = 4 [pid 5158] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5158] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5158] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5158] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5158] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5158] exit_group(0) = ? [pid 5158] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5158, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./46/binderfs") = 0 [ 54.963766][ T5158] REISERFS (device loop0): Using r5 hash to sort names [ 54.970913][ T5158] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./46/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./46") = 0 mkdir("./47", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5160 ./strace-static-x86_64: Process 5160 attached [pid 5160] chdir("./47") = 0 [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5160] setpgid(0, 0) = 0 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5160] write(3, "1000", 4) = 4 [pid 5160] close(3) = 0 [pid 5160] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5160] memfd_create("syzkaller", 0) = 3 [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5160] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5160] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5160] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5160] close(3) = 0 [pid 5160] mkdir("./file0", 0777) = 0 [ 55.081821][ T5160] loop0: detected capacity change from 0 to 8192 [ 55.091963][ T5160] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.105029][ T5160] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.114279][ T5160] REISERFS (device loop0): using ordered data mode [ 55.120892][ T5160] reiserfs: using flush barriers [ 55.126498][ T5160] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.143115][ T5160] REISERFS (device loop0): checking transaction log (loop0) [pid 5160] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5160] chdir("./file0") = 0 [pid 5160] ioctl(4, LOOP_CLR_FD) = 0 [pid 5160] close(4) = 0 [pid 5160] creat("./bus", 000) = 4 [pid 5160] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5160] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5160] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5160] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5160] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5160] exit_group(0) = ? [pid 5160] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./47/binderfs") = 0 umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 55.173325][ T5160] REISERFS (device loop0): Using r5 hash to sort names [ 55.180431][ T5160] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./47/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./47") = 0 mkdir("./48", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5162 attached [pid 5162] chdir("./48") = 0 [pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5162] setpgid(0, 0) = 0 [pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5162] write(3, "1000", 4) = 4 [pid 5162] close(3) = 0 [pid 5162] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5162] memfd_create("syzkaller", 0) = 3 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5162 [pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5162] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5162] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5162] close(3) = 0 [pid 5162] mkdir("./file0", 0777) = 0 [ 55.280231][ T5162] loop0: detected capacity change from 0 to 8192 [ 55.289767][ T5162] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.302855][ T5162] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.312088][ T5162] REISERFS (device loop0): using ordered data mode [ 55.318679][ T5162] reiserfs: using flush barriers [ 55.324513][ T5162] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.340767][ T5162] REISERFS (device loop0): checking transaction log (loop0) [pid 5162] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5162] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5162] chdir("./file0") = 0 [pid 5162] ioctl(4, LOOP_CLR_FD) = 0 [pid 5162] close(4) = 0 [pid 5162] creat("./bus", 000) = 4 [pid 5162] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5162] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5162] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5162] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5162] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5162] exit_group(0) = ? [pid 5162] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./48/binderfs") = 0 [ 55.376813][ T5162] REISERFS (device loop0): Using r5 hash to sort names [ 55.383945][ T5162] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./48/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./48") = 0 mkdir("./49", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5164 ./strace-static-x86_64: Process 5164 attached [pid 5164] chdir("./49") = 0 [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5164] setpgid(0, 0) = 0 [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5164] write(3, "1000", 4) = 4 [pid 5164] close(3) = 0 [pid 5164] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5164] memfd_create("syzkaller", 0) = 3 [pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5164] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5164] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5164] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5164] close(3) = 0 [pid 5164] mkdir("./file0", 0777) = 0 [ 55.499940][ T5164] loop0: detected capacity change from 0 to 8192 [ 55.509383][ T5164] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.522405][ T5164] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.531714][ T5164] REISERFS (device loop0): using ordered data mode [ 55.538218][ T5164] reiserfs: using flush barriers [ 55.544169][ T5164] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.560451][ T5164] REISERFS (device loop0): checking transaction log (loop0) [pid 5164] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5164] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5164] chdir("./file0") = 0 [pid 5164] ioctl(4, LOOP_CLR_FD) = 0 [pid 5164] close(4) = 0 [pid 5164] creat("./bus", 000) = 4 [pid 5164] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5164] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5164] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5164] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5164] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5164] exit_group(0) = ? [pid 5164] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./49/binderfs") = 0 [ 55.596163][ T5164] REISERFS (device loop0): Using r5 hash to sort names [ 55.603299][ T5164] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./49/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./49") = 0 mkdir("./50", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5166 attached , child_tidptr=0x555556cf25d0) = 5166 [pid 5166] chdir("./50") = 0 [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5166] setpgid(0, 0) = 0 [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5166] write(3, "1000", 4) = 4 [pid 5166] close(3) = 0 [pid 5166] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5166] memfd_create("syzkaller", 0) = 3 [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5166] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5166] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5166] close(3) = 0 [pid 5166] mkdir("./file0", 0777) = 0 [ 55.709043][ T5166] loop0: detected capacity change from 0 to 8192 [ 55.718504][ T5166] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.731784][ T5166] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.741143][ T5166] REISERFS (device loop0): using ordered data mode [ 55.747723][ T5166] reiserfs: using flush barriers [ 55.753650][ T5166] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.769974][ T5166] REISERFS (device loop0): checking transaction log (loop0) [pid 5166] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5166] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5166] chdir("./file0") = 0 [pid 5166] ioctl(4, LOOP_CLR_FD) = 0 [pid 5166] close(4) = 0 [pid 5166] creat("./bus", 000) = 4 [pid 5166] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5166] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5166] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5166] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5166] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5166] exit_group(0) = ? [pid 5166] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./50/binderfs") = 0 [ 55.805824][ T5166] REISERFS (device loop0): Using r5 hash to sort names [ 55.812971][ T5166] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./50/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./50") = 0 mkdir("./51", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5168 attached , child_tidptr=0x555556cf25d0) = 5168 [pid 5168] chdir("./51") = 0 [pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5168] setpgid(0, 0) = 0 [pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5168] write(3, "1000", 4) = 4 [pid 5168] close(3) = 0 [pid 5168] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5168] memfd_create("syzkaller", 0) = 3 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5168] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5168] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5168] close(3) = 0 [pid 5168] mkdir("./file0", 0777) = 0 [ 55.937049][ T5168] loop0: detected capacity change from 0 to 8192 [ 55.946957][ T5168] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.960092][ T5168] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.969418][ T5168] REISERFS (device loop0): using ordered data mode [ 55.975918][ T5168] reiserfs: using flush barriers [ 55.982064][ T5168] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.998347][ T5168] REISERFS (device loop0): checking transaction log (loop0) [pid 5168] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5168] chdir("./file0") = 0 [pid 5168] ioctl(4, LOOP_CLR_FD) = 0 [pid 5168] close(4) = 0 [pid 5168] creat("./bus", 000) = 4 [pid 5168] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5168] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5168] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5168] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5168] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5168] exit_group(0) = ? [pid 5168] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./51/binderfs") = 0 [ 56.034171][ T5168] REISERFS (device loop0): Using r5 hash to sort names [ 56.041589][ T5168] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./51/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./51") = 0 mkdir("./52", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5170 ./strace-static-x86_64: Process 5170 attached [pid 5170] chdir("./52") = 0 [pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5170] setpgid(0, 0) = 0 [pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5170] write(3, "1000", 4) = 4 [pid 5170] close(3) = 0 [pid 5170] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5170] memfd_create("syzkaller", 0) = 3 [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5170] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5170] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5170] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5170] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5170] close(3) = 0 [pid 5170] mkdir("./file0", 0777) = 0 [ 56.157498][ T5170] loop0: detected capacity change from 0 to 8192 [ 56.166816][ T5170] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 56.179910][ T5170] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 56.189127][ T5170] REISERFS (device loop0): using ordered data mode [ 56.195626][ T5170] reiserfs: using flush barriers [ 56.201625][ T5170] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 56.218009][ T5170] REISERFS (device loop0): checking transaction log (loop0) [pid 5170] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5170] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5170] chdir("./file0") = 0 [pid 5170] ioctl(4, LOOP_CLR_FD) = 0 [pid 5170] close(4) = 0 [pid 5170] creat("./bus", 000) = 4 [pid 5170] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5170] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5170] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5170] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5170] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5170] exit_group(0) = ? [pid 5170] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./52/binderfs") = 0 [ 56.249194][ T5170] REISERFS (device loop0): Using r5 hash to sort names [ 56.256434][ T5170] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./52/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./52") = 0 mkdir("./53", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5172 ./strace-static-x86_64: Process 5172 attached [pid 5172] chdir("./53") = 0 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5172] setpgid(0, 0) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5172] write(3, "1000", 4) = 4 [pid 5172] close(3) = 0 [pid 5172] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5172] memfd_create("syzkaller", 0) = 3 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5172] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5172] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5172] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5172] close(3) = 0 [pid 5172] mkdir("./file0", 0777) = 0 [ 56.360437][ T5172] loop0: detected capacity change from 0 to 8192 [ 56.370211][ T5172] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 56.383203][ T5172] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 56.392470][ T5172] REISERFS (device loop0): using ordered data mode [ 56.399086][ T5172] reiserfs: using flush barriers [ 56.404824][ T5172] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 56.421294][ T5172] REISERFS (device loop0): checking transaction log (loop0) [pid 5172] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5172] chdir("./file0") = 0 [pid 5172] ioctl(4, LOOP_CLR_FD) = 0 [pid 5172] close(4) = 0 [pid 5172] creat("./bus", 000) = 4 [pid 5172] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5172] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5172] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5172] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5172] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5172] exit_group(0) = ? [pid 5172] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./53/binderfs") = 0 [ 56.457769][ T5172] REISERFS (device loop0): Using r5 hash to sort names [ 56.464974][ T5172] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./53/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./53") = 0 mkdir("./54", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5174 ./strace-static-x86_64: Process 5174 attached [pid 5174] chdir("./54") = 0 [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5174] setpgid(0, 0) = 0 [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5174] write(3, "1000", 4) = 4 [pid 5174] close(3) = 0 [pid 5174] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5174] memfd_create("syzkaller", 0) = 3 [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5174] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5174] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5174] close(3) = 0 [pid 5174] mkdir("./file0", 0777) = 0 [ 56.577233][ T5174] loop0: detected capacity change from 0 to 8192 [ 56.586866][ T5174] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 56.600134][ T5174] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 56.609401][ T5174] REISERFS (device loop0): using ordered data mode [ 56.615934][ T5174] reiserfs: using flush barriers [ 56.621746][ T5174] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 56.638077][ T5174] REISERFS (device loop0): checking transaction log (loop0) [pid 5174] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5174] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5174] chdir("./file0") = 0 [pid 5174] ioctl(4, LOOP_CLR_FD) = 0 [pid 5174] close(4) = 0 [pid 5174] creat("./bus", 000) = 4 [pid 5174] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5174] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5174] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5174] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5174] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5174] exit_group(0) = ? [pid 5174] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./54/binderfs") = 0 [ 56.669656][ T5174] REISERFS (device loop0): Using r5 hash to sort names [ 56.676699][ T5174] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./54/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./54") = 0 mkdir("./55", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5176 ./strace-static-x86_64: Process 5176 attached [pid 5176] chdir("./55") = 0 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5176] setpgid(0, 0) = 0 [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5176] write(3, "1000", 4) = 4 [pid 5176] close(3) = 0 [pid 5176] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5176] memfd_create("syzkaller", 0) = 3 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5176] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5176] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5176] close(3) = 0 [pid 5176] mkdir("./file0", 0777) = 0 [ 56.779987][ T5176] loop0: detected capacity change from 0 to 8192 [ 56.789482][ T5176] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 56.802591][ T5176] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 56.811848][ T5176] REISERFS (device loop0): using ordered data mode [ 56.818377][ T5176] reiserfs: using flush barriers [ 56.824177][ T5176] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 56.840513][ T5176] REISERFS (device loop0): checking transaction log (loop0) [pid 5176] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5176] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5176] chdir("./file0") = 0 [pid 5176] ioctl(4, LOOP_CLR_FD) = 0 [pid 5176] close(4) = 0 [pid 5176] creat("./bus", 000) = 4 [pid 5176] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5176] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5176] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5176] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5176] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5176] exit_group(0) = ? [pid 5176] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./55/binderfs") = 0 umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 56.871666][ T5176] REISERFS (device loop0): Using r5 hash to sort names [ 56.878697][ T5176] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./55/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./55") = 0 mkdir("./56", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5178 ./strace-static-x86_64: Process 5178 attached [pid 5178] chdir("./56") = 0 [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5178] setpgid(0, 0) = 0 [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5178] write(3, "1000", 4) = 4 [pid 5178] close(3) = 0 [pid 5178] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5178] memfd_create("syzkaller", 0) = 3 [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5178] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5178] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5178] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5178] close(3) = 0 [pid 5178] mkdir("./file0", 0777) = 0 [ 56.981317][ T5178] loop0: detected capacity change from 0 to 8192 [ 56.990722][ T5178] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.003766][ T5178] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 57.013108][ T5178] REISERFS (device loop0): using ordered data mode [ 57.019709][ T5178] reiserfs: using flush barriers [ 57.025567][ T5178] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 57.042101][ T5178] REISERFS (device loop0): checking transaction log (loop0) [pid 5178] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5178] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5178] chdir("./file0") = 0 [pid 5178] ioctl(4, LOOP_CLR_FD) = 0 [pid 5178] close(4) = 0 [pid 5178] creat("./bus", 000) = 4 [pid 5178] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5178] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5178] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5178] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5178] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5178] exit_group(0) = ? [pid 5178] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./56/binderfs") = 0 [ 57.078580][ T5178] REISERFS (device loop0): Using r5 hash to sort names [ 57.085827][ T5178] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./56/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./56") = 0 mkdir("./57", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5180 ./strace-static-x86_64: Process 5180 attached [pid 5180] chdir("./57") = 0 [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5180] setpgid(0, 0) = 0 [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5180] write(3, "1000", 4) = 4 [pid 5180] close(3) = 0 [pid 5180] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5180] memfd_create("syzkaller", 0) = 3 [pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5180] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5180] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5180] close(3) = 0 [pid 5180] mkdir("./file0", 0777) = 0 [ 57.204718][ T5180] loop0: detected capacity change from 0 to 8192 [ 57.213840][ T5180] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.226926][ T5180] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 57.236174][ T5180] REISERFS (device loop0): using ordered data mode [ 57.242731][ T5180] reiserfs: using flush barriers [ 57.248618][ T5180] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 57.265084][ T5180] REISERFS (device loop0): checking transaction log (loop0) [pid 5180] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5180] chdir("./file0") = 0 [pid 5180] ioctl(4, LOOP_CLR_FD) = 0 [pid 5180] close(4) = 0 [pid 5180] creat("./bus", 000) = 4 [pid 5180] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5180] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5180] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5180] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5180] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5180] exit_group(0) = ? [pid 5180] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5180, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./57/binderfs") = 0 [ 57.300949][ T5180] REISERFS (device loop0): Using r5 hash to sort names [ 57.308135][ T5180] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./57/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./57") = 0 mkdir("./58", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5182 ./strace-static-x86_64: Process 5182 attached [pid 5182] chdir("./58") = 0 [pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5182] setpgid(0, 0) = 0 [pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5182] write(3, "1000", 4) = 4 [pid 5182] close(3) = 0 [pid 5182] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5182] memfd_create("syzkaller", 0) = 3 [pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5182] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5182] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5182] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5182] close(3) = 0 [pid 5182] mkdir("./file0", 0777) = 0 [ 57.420283][ T5182] loop0: detected capacity change from 0 to 8192 [ 57.429760][ T5182] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.442848][ T5182] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 57.452266][ T5182] REISERFS (device loop0): using ordered data mode [ 57.458918][ T5182] reiserfs: using flush barriers [ 57.464656][ T5182] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 57.481300][ T5182] REISERFS (device loop0): checking transaction log (loop0) [pid 5182] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5182] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5182] chdir("./file0") = 0 [pid 5182] ioctl(4, LOOP_CLR_FD) = 0 [pid 5182] close(4) = 0 [pid 5182] creat("./bus", 000) = 4 [pid 5182] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5182] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5182] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5182] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5182] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5182] exit_group(0) = ? [pid 5182] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./58/binderfs") = 0 umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 57.512122][ T5182] REISERFS (device loop0): Using r5 hash to sort names [ 57.519200][ T5182] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./58/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./58") = 0 mkdir("./59", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5184 attached , child_tidptr=0x555556cf25d0) = 5184 [pid 5184] chdir("./59") = 0 [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5184] setpgid(0, 0) = 0 [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5184] write(3, "1000", 4) = 4 [pid 5184] close(3) = 0 [pid 5184] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5184] memfd_create("syzkaller", 0) = 3 [pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5184] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5184] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5184] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5184] close(3) = 0 [pid 5184] mkdir("./file0", 0777) = 0 [ 57.623042][ T5184] loop0: detected capacity change from 0 to 8192 [ 57.633142][ T5184] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.646343][ T5184] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 57.655584][ T5184] REISERFS (device loop0): using ordered data mode [ 57.662171][ T5184] reiserfs: using flush barriers [ 57.667813][ T5184] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 57.684446][ T5184] REISERFS (device loop0): checking transaction log (loop0) [pid 5184] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5184] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5184] chdir("./file0") = 0 [pid 5184] ioctl(4, LOOP_CLR_FD) = 0 [pid 5184] close(4) = 0 [pid 5184] creat("./bus", 000) = 4 [pid 5184] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5184] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5184] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5184] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5184] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5184] exit_group(0) = ? [pid 5184] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5184, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./59/binderfs") = 0 [ 57.714096][ T5184] REISERFS (device loop0): Using r5 hash to sort names [ 57.721310][ T5184] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./59/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./59") = 0 mkdir("./60", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5186 ./strace-static-x86_64: Process 5186 attached [pid 5186] chdir("./60") = 0 [pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5186] setpgid(0, 0) = 0 [pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5186] write(3, "1000", 4) = 4 [pid 5186] close(3) = 0 [pid 5186] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5186] memfd_create("syzkaller", 0) = 3 [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5186] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5186] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5186] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5186] close(3) = 0 [pid 5186] mkdir("./file0", 0777) = 0 [ 57.827771][ T5186] loop0: detected capacity change from 0 to 8192 [ 57.837313][ T5186] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.850354][ T5186] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 57.859605][ T5186] REISERFS (device loop0): using ordered data mode [ 57.866124][ T5186] reiserfs: using flush barriers [ 57.871928][ T5186] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 57.888382][ T5186] REISERFS (device loop0): checking transaction log (loop0) [pid 5186] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5186] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5186] chdir("./file0") = 0 [pid 5186] ioctl(4, LOOP_CLR_FD) = 0 [pid 5186] close(4) = 0 [pid 5186] creat("./bus", 000) = 4 [pid 5186] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5186] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5186] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5186] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5186] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5186] exit_group(0) = ? [pid 5186] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5186, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./60/binderfs") = 0 [ 57.919591][ T5186] REISERFS (device loop0): Using r5 hash to sort names [ 57.926808][ T5186] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./60/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./60") = 0 mkdir("./61", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5188 ./strace-static-x86_64: Process 5188 attached [pid 5188] chdir("./61") = 0 [pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5188] setpgid(0, 0) = 0 [pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5188] write(3, "1000", 4) = 4 [pid 5188] close(3) = 0 [pid 5188] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5188] memfd_create("syzkaller", 0) = 3 [pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5188] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5188] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5188] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5188] close(3) = 0 [pid 5188] mkdir("./file0", 0777) = 0 [ 58.034093][ T5188] loop0: detected capacity change from 0 to 8192 [ 58.043235][ T5188] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 58.056374][ T5188] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 58.065721][ T5188] REISERFS (device loop0): using ordered data mode [ 58.072341][ T5188] reiserfs: using flush barriers [ 58.078024][ T5188] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 58.094561][ T5188] REISERFS (device loop0): checking transaction log (loop0) [pid 5188] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5188] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5188] chdir("./file0") = 0 [pid 5188] ioctl(4, LOOP_CLR_FD) = 0 [pid 5188] close(4) = 0 [pid 5188] creat("./bus", 000) = 4 [pid 5188] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5188] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5188] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5188] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5188] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5188] exit_group(0) = ? [pid 5188] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./61/binderfs") = 0 [ 58.130451][ T5188] REISERFS (device loop0): Using r5 hash to sort names [ 58.137500][ T5188] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./61/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./61") = 0 mkdir("./62", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5190 ./strace-static-x86_64: Process 5190 attached [pid 5190] chdir("./62") = 0 [pid 5190] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5190] setpgid(0, 0) = 0 [pid 5190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5190] write(3, "1000", 4) = 4 [pid 5190] close(3) = 0 [pid 5190] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5190] memfd_create("syzkaller", 0) = 3 [pid 5190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5190] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5190] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5190] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5190] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5190] close(3) = 0 [pid 5190] mkdir("./file0", 0777) = 0 [ 58.243468][ T5190] loop0: detected capacity change from 0 to 8192 [ 58.253220][ T5190] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 58.266847][ T5190] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 58.276381][ T5190] REISERFS (device loop0): using ordered data mode [ 58.282958][ T5190] reiserfs: using flush barriers [ 58.288603][ T5190] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 58.305093][ T5190] REISERFS (device loop0): checking transaction log (loop0) [pid 5190] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5190] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5190] chdir("./file0") = 0 [pid 5190] ioctl(4, LOOP_CLR_FD) = 0 [pid 5190] close(4) = 0 [pid 5190] creat("./bus", 000) = 4 [pid 5190] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5190] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5190] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5190] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5190] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5190] exit_group(0) = ? [pid 5190] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5190, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./62/binderfs") = 0 [ 58.340604][ T5190] REISERFS (device loop0): Using r5 hash to sort names [ 58.347711][ T5190] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./62/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./62") = 0 mkdir("./63", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5192 attached [pid 5192] chdir("./63") = 0 [pid 5192] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5192] setpgid(0, 0) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5192 [pid 5192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5192] write(3, "1000", 4) = 4 [pid 5192] close(3) = 0 [pid 5192] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5192] memfd_create("syzkaller", 0) = 3 [pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5192] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5192] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5192] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5192] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5192] close(3) = 0 [pid 5192] mkdir("./file0", 0777) = 0 [ 58.450326][ T5192] loop0: detected capacity change from 0 to 8192 [ 58.460121][ T5192] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 58.473260][ T5192] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 58.482552][ T5192] REISERFS (device loop0): using ordered data mode [ 58.489122][ T5192] reiserfs: using flush barriers [ 58.494718][ T5192] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 58.511141][ T5192] REISERFS (device loop0): checking transaction log (loop0) [pid 5192] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5192] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5192] chdir("./file0") = 0 [pid 5192] ioctl(4, LOOP_CLR_FD) = 0 [pid 5192] close(4) = 0 [pid 5192] creat("./bus", 000) = 4 [pid 5192] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5192] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5192] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5192] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5192] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5192] exit_group(0) = ? [pid 5192] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5192, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./63/binderfs") = 0 [ 58.541599][ T5192] REISERFS (device loop0): Using r5 hash to sort names [ 58.548582][ T5192] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./63/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./63") = 0 mkdir("./64", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5194 attached , child_tidptr=0x555556cf25d0) = 5194 [pid 5194] chdir("./64") = 0 [pid 5194] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5194] setpgid(0, 0) = 0 [pid 5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5194] write(3, "1000", 4) = 4 [pid 5194] close(3) = 0 [pid 5194] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5194] memfd_create("syzkaller", 0) = 3 [pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5194] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5194] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5194] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5194] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5194] close(3) = 0 [pid 5194] mkdir("./file0", 0777) = 0 [ 58.653366][ T5194] loop0: detected capacity change from 0 to 8192 [ 58.662862][ T5194] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 58.675922][ T5194] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 58.685159][ T5194] REISERFS (device loop0): using ordered data mode [ 58.691715][ T5194] reiserfs: using flush barriers [ 58.697337][ T5194] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 58.713796][ T5194] REISERFS (device loop0): checking transaction log (loop0) [ 58.742654][ T5194] REISERFS (device loop0): Using r5 hash to sort names [pid 5194] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5194] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5194] chdir("./file0") = 0 [pid 5194] ioctl(4, LOOP_CLR_FD) = 0 [pid 5194] close(4) = 0 [pid 5194] creat("./bus", 000) = 4 [pid 5194] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5194] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5194] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5194] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5194] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5194] exit_group(0) = ? [pid 5194] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./64/binderfs") = 0 [ 58.749769][ T5194] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./64/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./64") = 0 mkdir("./65", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5196 attached , child_tidptr=0x555556cf25d0) = 5196 [pid 5196] chdir("./65") = 0 [pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5196] setpgid(0, 0) = 0 [pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5196] write(3, "1000", 4) = 4 [pid 5196] close(3) = 0 [pid 5196] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5196] memfd_create("syzkaller", 0) = 3 [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5196] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5196] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5196] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5196] close(3) = 0 [pid 5196] mkdir("./file0", 0777) = 0 [ 58.854550][ T5196] loop0: detected capacity change from 0 to 8192 [ 58.864092][ T5196] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 58.877238][ T5196] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 58.886590][ T5196] REISERFS (device loop0): using ordered data mode [ 58.893147][ T5196] reiserfs: using flush barriers [ 58.899147][ T5196] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 58.915703][ T5196] REISERFS (device loop0): checking transaction log (loop0) [ 58.944798][ T5196] REISERFS (device loop0): Using r5 hash to sort names [pid 5196] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5196] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5196] chdir("./file0") = 0 [pid 5196] ioctl(4, LOOP_CLR_FD) = 0 [pid 5196] close(4) = 0 [pid 5196] creat("./bus", 000) = 4 [pid 5196] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5196] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5196] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5196] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5196] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5196] exit_group(0) = ? [pid 5196] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5196, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./65/binderfs") = 0 umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./65/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./65") = 0 mkdir("./66", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 58.951914][ T5196] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5198 ./strace-static-x86_64: Process 5198 attached [pid 5198] chdir("./66") = 0 [pid 5198] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5198] setpgid(0, 0) = 0 [pid 5198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5198] write(3, "1000", 4) = 4 [pid 5198] close(3) = 0 [pid 5198] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5198] memfd_create("syzkaller", 0) = 3 [pid 5198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5198] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5198] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5198] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5198] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5198] close(3) = 0 [pid 5198] mkdir("./file0", 0777) = 0 [ 59.051653][ T5198] loop0: detected capacity change from 0 to 8192 [ 59.061356][ T5198] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 59.074540][ T5198] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 59.083802][ T5198] REISERFS (device loop0): using ordered data mode [ 59.090358][ T5198] reiserfs: using flush barriers [ 59.096002][ T5198] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 59.112480][ T5198] REISERFS (device loop0): checking transaction log (loop0) [pid 5198] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5198] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5198] chdir("./file0") = 0 [pid 5198] ioctl(4, LOOP_CLR_FD) = 0 [pid 5198] close(4) = 0 [pid 5198] creat("./bus", 000) = 4 [pid 5198] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5198] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5198] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5198] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5198] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5198] exit_group(0) = ? [pid 5198] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5198, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./66/binderfs") = 0 [ 59.144992][ T5198] REISERFS (device loop0): Using r5 hash to sort names [ 59.152144][ T5198] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./66/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./66") = 0 mkdir("./67", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5200 ./strace-static-x86_64: Process 5200 attached [pid 5200] chdir("./67") = 0 [pid 5200] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5200] setpgid(0, 0) = 0 [pid 5200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5200] write(3, "1000", 4) = 4 [pid 5200] close(3) = 0 [pid 5200] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5200] memfd_create("syzkaller", 0) = 3 [pid 5200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5200] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5200] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5200] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5200] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5200] close(3) = 0 [pid 5200] mkdir("./file0", 0777) = 0 [ 59.272035][ T5200] loop0: detected capacity change from 0 to 8192 [ 59.281532][ T5200] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 59.294532][ T5200] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 59.303768][ T5200] REISERFS (device loop0): using ordered data mode [ 59.310312][ T5200] reiserfs: using flush barriers [ 59.315953][ T5200] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 59.332482][ T5200] REISERFS (device loop0): checking transaction log (loop0) [pid 5200] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5200] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5200] chdir("./file0") = 0 [pid 5200] ioctl(4, LOOP_CLR_FD) = 0 [pid 5200] close(4) = 0 [pid 5200] creat("./bus", 000) = 4 [pid 5200] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5200] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5200] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5200] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5200] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5200] exit_group(0) = ? [pid 5200] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5200, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./67/binderfs") = 0 [ 59.367005][ T5200] REISERFS (device loop0): Using r5 hash to sort names [ 59.374271][ T5200] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./67/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./67") = 0 mkdir("./68", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5202 ./strace-static-x86_64: Process 5202 attached [pid 5202] chdir("./68") = 0 [pid 5202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5202] setpgid(0, 0) = 0 [pid 5202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5202] write(3, "1000", 4) = 4 [pid 5202] close(3) = 0 [pid 5202] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5202] memfd_create("syzkaller", 0) = 3 [pid 5202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5202] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5202] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5202] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5202] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5202] close(3) = 0 [pid 5202] mkdir("./file0", 0777) = 0 [ 59.476394][ T5202] loop0: detected capacity change from 0 to 8192 [ 59.486196][ T5202] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 59.499209][ T5202] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 59.508366][ T5202] REISERFS (device loop0): using ordered data mode [ 59.514956][ T5202] reiserfs: using flush barriers [ 59.520655][ T5202] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 59.537080][ T5202] REISERFS (device loop0): checking transaction log (loop0) [pid 5202] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5202] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5202] chdir("./file0") = 0 [pid 5202] ioctl(4, LOOP_CLR_FD) = 0 [pid 5202] close(4) = 0 [pid 5202] creat("./bus", 000) = 4 [pid 5202] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5202] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5202] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5202] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5202] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5202] exit_group(0) = ? [pid 5202] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5202, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./68/binderfs") = 0 umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./68/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./68") = 0 [ 59.569531][ T5202] REISERFS (device loop0): Using r5 hash to sort names [ 59.576582][ T5202] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. mkdir("./69", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5204 ./strace-static-x86_64: Process 5204 attached [pid 5204] chdir("./69") = 0 [pid 5204] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5204] setpgid(0, 0) = 0 [pid 5204] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5204] write(3, "1000", 4) = 4 [pid 5204] close(3) = 0 [pid 5204] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5204] memfd_create("syzkaller", 0) = 3 [pid 5204] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5204] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5204] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5204] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5204] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5204] close(3) = 0 [pid 5204] mkdir("./file0", 0777) = 0 [ 59.672994][ T5204] loop0: detected capacity change from 0 to 8192 [ 59.682433][ T5204] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 59.695580][ T5204] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 59.705119][ T5204] REISERFS (device loop0): using ordered data mode [ 59.711728][ T5204] reiserfs: using flush barriers [ 59.717658][ T5204] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 59.734082][ T5204] REISERFS (device loop0): checking transaction log (loop0) [pid 5204] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5204] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5204] chdir("./file0") = 0 [pid 5204] ioctl(4, LOOP_CLR_FD) = 0 [pid 5204] close(4) = 0 [pid 5204] creat("./bus", 000) = 4 [pid 5204] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5204] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5204] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5204] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5204] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5204] exit_group(0) = ? [pid 5204] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5204, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./69/binderfs") = 0 [ 59.766858][ T5204] REISERFS (device loop0): Using r5 hash to sort names [ 59.773951][ T5204] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./69/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./69") = 0 mkdir("./70", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5206 ./strace-static-x86_64: Process 5206 attached [pid 5206] chdir("./70") = 0 [pid 5206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5206] setpgid(0, 0) = 0 [pid 5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5206] write(3, "1000", 4) = 4 [pid 5206] close(3) = 0 [pid 5206] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5206] memfd_create("syzkaller", 0) = 3 [pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5206] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5206] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5206] close(3) = 0 [pid 5206] mkdir("./file0", 0777) = 0 [ 59.877924][ T5206] loop0: detected capacity change from 0 to 8192 [ 59.887585][ T5206] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 59.900631][ T5206] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 59.909896][ T5206] REISERFS (device loop0): using ordered data mode [ 59.916439][ T5206] reiserfs: using flush barriers [ 59.922435][ T5206] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 59.938870][ T5206] REISERFS (device loop0): checking transaction log (loop0) [pid 5206] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5206] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5206] chdir("./file0") = 0 [pid 5206] ioctl(4, LOOP_CLR_FD) = 0 [pid 5206] close(4) = 0 [pid 5206] creat("./bus", 000) = 4 [pid 5206] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5206] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5206] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5206] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5206] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5206] exit_group(0) = ? [pid 5206] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./70/binderfs") = 0 umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 59.971678][ T5206] REISERFS (device loop0): Using r5 hash to sort names [ 59.979063][ T5206] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./70/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./70") = 0 mkdir("./71", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5208 ./strace-static-x86_64: Process 5208 attached [pid 5208] chdir("./71") = 0 [pid 5208] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5208] setpgid(0, 0) = 0 [pid 5208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5208] write(3, "1000", 4) = 4 [pid 5208] close(3) = 0 [pid 5208] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5208] memfd_create("syzkaller", 0) = 3 [pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5208] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5208] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5208] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5208] close(3) = 0 [pid 5208] mkdir("./file0", 0777) = 0 [ 60.080459][ T5208] loop0: detected capacity change from 0 to 8192 [ 60.089527][ T5208] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 60.103150][ T5208] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 60.112423][ T5208] REISERFS (device loop0): using ordered data mode [ 60.118964][ T5208] reiserfs: using flush barriers [ 60.124513][ T5208] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 60.140967][ T5208] REISERFS (device loop0): checking transaction log (loop0) [ 60.170154][ T5208] REISERFS (device loop0): Using r5 hash to sort names [pid 5208] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5208] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5208] chdir("./file0") = 0 [pid 5208] ioctl(4, LOOP_CLR_FD) = 0 [pid 5208] close(4) = 0 [pid 5208] creat("./bus", 000) = 4 [pid 5208] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5208] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5208] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5208] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5208] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5208] exit_group(0) = ? [pid 5208] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5208, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./71/binderfs") = 0 umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./71/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./71") = 0 mkdir("./72", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5210 ./strace-static-x86_64: Process 5210 attached [pid 5210] chdir("./72") = 0 [pid 5210] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5210] setpgid(0, 0) = 0 [ 60.177320][ T5208] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5210] write(3, "1000", 4) = 4 [pid 5210] close(3) = 0 [pid 5210] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5210] memfd_create("syzkaller", 0) = 3 [pid 5210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5210] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5210] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5210] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5210] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5210] close(3) = 0 [pid 5210] mkdir("./file0", 0777) = 0 [ 60.274683][ T5210] loop0: detected capacity change from 0 to 8192 [ 60.283846][ T5210] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 60.297694][ T5210] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 60.306989][ T5210] REISERFS (device loop0): using ordered data mode [ 60.313530][ T5210] reiserfs: using flush barriers [ 60.319269][ T5210] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 60.335572][ T5210] REISERFS (device loop0): checking transaction log (loop0) [pid 5210] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5210] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5210] chdir("./file0") = 0 [pid 5210] ioctl(4, LOOP_CLR_FD) = 0 [pid 5210] close(4) = 0 [pid 5210] creat("./bus", 000) = 4 [pid 5210] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5210] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5210] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5210] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5210] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5210] exit_group(0) = ? [pid 5210] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5210, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./72/binderfs") = 0 [ 60.369141][ T5210] REISERFS (device loop0): Using r5 hash to sort names [ 60.376231][ T5210] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./72/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./72") = 0 mkdir("./73", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5212 ./strace-static-x86_64: Process 5212 attached [pid 5212] chdir("./73") = 0 [pid 5212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5212] setpgid(0, 0) = 0 [pid 5212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5212] write(3, "1000", 4) = 4 [pid 5212] close(3) = 0 [pid 5212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5212] memfd_create("syzkaller", 0) = 3 [pid 5212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5212] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5212] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5212] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5212] close(3) = 0 [pid 5212] mkdir("./file0", 0777) = 0 [ 60.475868][ T5212] loop0: detected capacity change from 0 to 8192 [ 60.485163][ T5212] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 60.498512][ T5212] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 60.508099][ T5212] REISERFS (device loop0): using ordered data mode [ 60.514652][ T5212] reiserfs: using flush barriers [ 60.520477][ T5212] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 60.536933][ T5212] REISERFS (device loop0): checking transaction log (loop0) [pid 5212] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5212] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5212] chdir("./file0") = 0 [pid 5212] ioctl(4, LOOP_CLR_FD) = 0 [pid 5212] close(4) = 0 [pid 5212] creat("./bus", 000) = 4 [pid 5212] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5212] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5212] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5212] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5212] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5212] exit_group(0) = ? [pid 5212] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5212, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./73/binderfs") = 0 umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 60.571453][ T5212] REISERFS (device loop0): Using r5 hash to sort names [ 60.578586][ T5212] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./73/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./73") = 0 mkdir("./74", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5214 ./strace-static-x86_64: Process 5214 attached [pid 5214] chdir("./74") = 0 [pid 5214] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5214] setpgid(0, 0) = 0 [pid 5214] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5214] write(3, "1000", 4) = 4 [pid 5214] close(3) = 0 [pid 5214] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5214] memfd_create("syzkaller", 0) = 3 [pid 5214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5214] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5214] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5214] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5214] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5214] close(3) = 0 [pid 5214] mkdir("./file0", 0777) = 0 [ 60.679281][ T5214] loop0: detected capacity change from 0 to 8192 [ 60.689055][ T5214] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 60.702416][ T5214] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 60.711866][ T5214] REISERFS (device loop0): using ordered data mode [ 60.718455][ T5214] reiserfs: using flush barriers [ 60.724176][ T5214] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 60.740528][ T5214] REISERFS (device loop0): checking transaction log (loop0) [pid 5214] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5214] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5214] chdir("./file0") = 0 [pid 5214] ioctl(4, LOOP_CLR_FD) = 0 [pid 5214] close(4) = 0 [pid 5214] creat("./bus", 000) = 4 [pid 5214] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5214] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5214] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5214] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5214] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5214] exit_group(0) = ? [pid 5214] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5214, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./74/binderfs") = 0 umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 60.769744][ T5214] REISERFS (device loop0): Using r5 hash to sort names [ 60.776923][ T5214] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./74/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./74") = 0 mkdir("./75", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5216 ./strace-static-x86_64: Process 5216 attached [pid 5216] chdir("./75") = 0 [pid 5216] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5216] setpgid(0, 0) = 0 [pid 5216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5216] write(3, "1000", 4) = 4 [pid 5216] close(3) = 0 [pid 5216] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5216] memfd_create("syzkaller", 0) = 3 [pid 5216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5216] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5216] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5216] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5216] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5216] close(3) = 0 [pid 5216] mkdir("./file0", 0777) = 0 [ 60.877751][ T5216] loop0: detected capacity change from 0 to 8192 [ 60.886873][ T5216] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 60.900315][ T5216] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 60.909622][ T5216] REISERFS (device loop0): using ordered data mode [ 60.916262][ T5216] reiserfs: using flush barriers [ 60.922042][ T5216] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 60.938417][ T5216] REISERFS (device loop0): checking transaction log (loop0) [ 60.967445][ T5216] REISERFS (device loop0): Using r5 hash to sort names [pid 5216] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5216] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5216] chdir("./file0") = 0 [pid 5216] ioctl(4, LOOP_CLR_FD) = 0 [pid 5216] close(4) = 0 [pid 5216] creat("./bus", 000) = 4 [pid 5216] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5216] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5216] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5216] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5216] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5216] exit_group(0) = ? [pid 5216] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5216, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./75/binderfs") = 0 umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./75/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./75") = 0 mkdir("./76", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5218 ./strace-static-x86_64: Process 5218 attached [pid 5218] chdir("./76") = 0 [pid 5218] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5218] setpgid(0, 0) = 0 [pid 5218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5218] write(3, "1000", 4) = 4 [pid 5218] close(3) = 0 [pid 5218] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5218] memfd_create("syzkaller", 0) = 3 [pid 5218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [ 60.975019][ T5216] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5218] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5218] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5218] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5218] close(3) = 0 [pid 5218] mkdir("./file0", 0777) = 0 [ 61.065919][ T5218] loop0: detected capacity change from 0 to 8192 [ 61.075129][ T5218] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 61.088232][ T5218] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 61.097564][ T5218] REISERFS (device loop0): using ordered data mode [ 61.104130][ T5218] reiserfs: using flush barriers [ 61.110087][ T5218] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 61.126363][ T5218] REISERFS (device loop0): checking transaction log (loop0) [pid 5218] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5218] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5218] chdir("./file0") = 0 [pid 5218] ioctl(4, LOOP_CLR_FD) = 0 [pid 5218] close(4) = 0 [pid 5218] creat("./bus", 000) = 4 [pid 5218] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5218] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5218] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5218] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5218] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5218] exit_group(0) = ? [pid 5218] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5218, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./76/binderfs") = 0 umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./76/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 61.161219][ T5218] REISERFS (device loop0): Using r5 hash to sort names [ 61.168415][ T5218] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./76") = 0 mkdir("./77", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5220 ./strace-static-x86_64: Process 5220 attached [pid 5220] chdir("./77") = 0 [pid 5220] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5220] setpgid(0, 0) = 0 [pid 5220] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "1000", 4) = 4 [pid 5220] close(3) = 0 [pid 5220] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5220] memfd_create("syzkaller", 0) = 3 [pid 5220] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5220] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5220] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5220] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5220] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5220] close(3) = 0 [pid 5220] mkdir("./file0", 0777) = 0 [ 61.266123][ T5220] loop0: detected capacity change from 0 to 8192 [ 61.275610][ T5220] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 61.289169][ T5220] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 61.298547][ T5220] REISERFS (device loop0): using ordered data mode [ 61.305126][ T5220] reiserfs: using flush barriers [ 61.310789][ T5220] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 61.327101][ T5220] REISERFS (device loop0): checking transaction log (loop0) [ 61.356222][ T5220] REISERFS (device loop0): Using r5 hash to sort names [pid 5220] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5220] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5220] chdir("./file0") = 0 [pid 5220] ioctl(4, LOOP_CLR_FD) = 0 [pid 5220] close(4) = 0 [pid 5220] creat("./bus", 000) = 4 [pid 5220] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5220] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5220] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5220] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5220] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5220] exit_group(0) = ? [pid 5220] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5220, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./77/binderfs") = 0 umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./77/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./77") = 0 mkdir("./78", 0777) = 0 [ 61.363534][ T5220] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5222 ./strace-static-x86_64: Process 5222 attached [pid 5222] chdir("./78") = 0 [pid 5222] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5222] setpgid(0, 0) = 0 [pid 5222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "1000", 4) = 4 [pid 5222] close(3) = 0 [pid 5222] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5222] memfd_create("syzkaller", 0) = 3 [pid 5222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5222] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5222] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5222] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5222] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5222] close(3) = 0 [pid 5222] mkdir("./file0", 0777) = 0 [ 61.465668][ T5222] loop0: detected capacity change from 0 to 8192 [ 61.474843][ T5222] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 61.488013][ T5222] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 61.497285][ T5222] REISERFS (device loop0): using ordered data mode [ 61.503830][ T5222] reiserfs: using flush barriers [ 61.509481][ T5222] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 61.525773][ T5222] REISERFS (device loop0): checking transaction log (loop0) [pid 5222] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5222] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5222] chdir("./file0") = 0 [pid 5222] ioctl(4, LOOP_CLR_FD) = 0 [pid 5222] close(4) = 0 [pid 5222] creat("./bus", 000) = 4 [pid 5222] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5222] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5222] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5222] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5222] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5222] exit_group(0) = ? [pid 5222] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5222, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./78/binderfs") = 0 umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./78/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 61.560224][ T5222] REISERFS (device loop0): Using r5 hash to sort names [ 61.567689][ T5222] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./78/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./78") = 0 mkdir("./79", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5224 attached , child_tidptr=0x555556cf25d0) = 5224 [pid 5224] chdir("./79") = 0 [pid 5224] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5224] setpgid(0, 0) = 0 [pid 5224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5224] write(3, "1000", 4) = 4 [pid 5224] close(3) = 0 [pid 5224] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5224] memfd_create("syzkaller", 0) = 3 [pid 5224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5224] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5224] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5224] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5224] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5224] close(3) = 0 [pid 5224] mkdir("./file0", 0777) = 0 [ 61.663602][ T5224] loop0: detected capacity change from 0 to 8192 [ 61.673083][ T5224] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 61.686878][ T5224] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 61.696445][ T5224] REISERFS (device loop0): using ordered data mode [ 61.703026][ T5224] reiserfs: using flush barriers [ 61.708647][ T5224] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 61.725080][ T5224] REISERFS (device loop0): checking transaction log (loop0) [pid 5224] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5224] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5224] chdir("./file0") = 0 [pid 5224] ioctl(4, LOOP_CLR_FD) = 0 [pid 5224] close(4) = 0 [pid 5224] creat("./bus", 000) = 4 [pid 5224] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5224] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5224] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5224] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5224] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5224] exit_group(0) = ? [pid 5224] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5224, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./79/binderfs") = 0 umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 61.754018][ T5224] REISERFS (device loop0): Using r5 hash to sort names [ 61.761178][ T5224] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. lstat("./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./79/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./79") = 0 mkdir("./80", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5226 ./strace-static-x86_64: Process 5226 attached [pid 5226] chdir("./80") = 0 [pid 5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5226] setpgid(0, 0) = 0 [pid 5226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "1000", 4) = 4 [pid 5226] close(3) = 0 [pid 5226] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5226] memfd_create("syzkaller", 0) = 3 [pid 5226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5226] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5226] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5226] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5226] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5226] close(3) = 0 [pid 5226] mkdir("./file0", 0777) = 0 [ 61.862692][ T5226] loop0: detected capacity change from 0 to 8192 [ 61.871820][ T5226] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 61.884885][ T5226] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 61.894214][ T5226] REISERFS (device loop0): using ordered data mode [ 61.900766][ T5226] reiserfs: using flush barriers [ 61.906392][ T5226] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 61.922909][ T5226] REISERFS (device loop0): checking transaction log (loop0) [pid 5226] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5226] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5226] chdir("./file0") = 0 [pid 5226] ioctl(4, LOOP_CLR_FD) = 0 [pid 5226] close(4) = 0 [pid 5226] creat("./bus", 000) = 4 [pid 5226] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5226] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5226] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5226] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5226] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5226] exit_group(0) = ? [pid 5226] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5226, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./80/binderfs") = 0 [ 61.957112][ T5226] REISERFS (device loop0): Using r5 hash to sort names [ 61.964371][ T5226] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./80/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./80") = 0 mkdir("./81", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5228 attached [pid 5228] chdir("./81") = 0 [pid 5228] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5228] setpgid(0, 0) = 0 [pid 5228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5228] write(3, "1000", 4) = 4 [pid 5228] close(3) = 0 [pid 5228] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5228] memfd_create("syzkaller", 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5228 [pid 5228] <... memfd_create resumed>) = 3 [pid 5228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5228] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5228] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5228] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5228] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5228] close(3) = 0 [pid 5228] mkdir("./file0", 0777) = 0 [ 62.068092][ T5228] loop0: detected capacity change from 0 to 8192 [ 62.077509][ T5228] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.090682][ T5228] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 62.099928][ T5228] REISERFS (device loop0): using ordered data mode [ 62.106512][ T5228] reiserfs: using flush barriers [ 62.112253][ T5228] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 62.128547][ T5228] REISERFS (device loop0): checking transaction log (loop0) [pid 5228] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5228] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5228] chdir("./file0") = 0 [pid 5228] ioctl(4, LOOP_CLR_FD) = 0 [pid 5228] close(4) = 0 [pid 5228] creat("./bus", 000) = 4 [pid 5228] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5228] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5228] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5228] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5228] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5228] exit_group(0) = ? [pid 5228] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5228, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./81/binderfs") = 0 [ 62.162589][ T5228] REISERFS (device loop0): Using r5 hash to sort names [ 62.169689][ T5228] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./81/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./81") = 0 mkdir("./82", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5230 ./strace-static-x86_64: Process 5230 attached [pid 5230] chdir("./82") = 0 [pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5230] setpgid(0, 0) = 0 [pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5230] write(3, "1000", 4) = 4 [pid 5230] close(3) = 0 [pid 5230] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5230] memfd_create("syzkaller", 0) = 3 [pid 5230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5230] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5230] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5230] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5230] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5230] close(3) = 0 [pid 5230] mkdir("./file0", 0777) = 0 [ 62.277357][ T5230] loop0: detected capacity change from 0 to 8192 [ 62.286612][ T5230] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.299714][ T5230] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 62.308957][ T5230] REISERFS (device loop0): using ordered data mode [ 62.315468][ T5230] reiserfs: using flush barriers [ 62.321115][ T5230] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 62.337628][ T5230] REISERFS (device loop0): checking transaction log (loop0) [pid 5230] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5230] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5230] chdir("./file0") = 0 [pid 5230] ioctl(4, LOOP_CLR_FD) = 0 [pid 5230] close(4) = 0 [pid 5230] creat("./bus", 000) = 4 [pid 5230] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5230] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5230] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5230] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5230] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5230] exit_group(0) = ? [pid 5230] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./82/binderfs") = 0 umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 62.371860][ T5230] REISERFS (device loop0): Using r5 hash to sort names [ 62.379098][ T5230] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./82/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./82") = 0 mkdir("./83", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5232 ./strace-static-x86_64: Process 5232 attached [pid 5232] chdir("./83") = 0 [pid 5232] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5232] setpgid(0, 0) = 0 [pid 5232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5232] write(3, "1000", 4) = 4 [pid 5232] close(3) = 0 [pid 5232] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5232] memfd_create("syzkaller", 0) = 3 [pid 5232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5232] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5232] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5232] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5232] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5232] close(3) = 0 [pid 5232] mkdir("./file0", 0777) = 0 [ 62.479820][ T5232] loop0: detected capacity change from 0 to 8192 [ 62.489217][ T5232] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.502437][ T5232] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 62.511780][ T5232] REISERFS (device loop0): using ordered data mode [ 62.518645][ T5232] reiserfs: using flush barriers [ 62.524473][ T5232] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 62.540782][ T5232] REISERFS (device loop0): checking transaction log (loop0) [ 62.569552][ T5232] REISERFS (device loop0): Using r5 hash to sort names [pid 5232] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5232] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5232] chdir("./file0") = 0 [pid 5232] ioctl(4, LOOP_CLR_FD) = 0 [pid 5232] close(4) = 0 [pid 5232] creat("./bus", 000) = 4 [pid 5232] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5232] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5232] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5232] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5232] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5232] exit_group(0) = ? [pid 5232] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5232, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./83/binderfs") = 0 [ 62.576601][ T5232] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./83/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./83") = 0 mkdir("./84", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5234 ./strace-static-x86_64: Process 5234 attached [pid 5234] chdir("./84") = 0 [pid 5234] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5234] setpgid(0, 0) = 0 [pid 5234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5234] write(3, "1000", 4) = 4 [pid 5234] close(3) = 0 [pid 5234] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5234] memfd_create("syzkaller", 0) = 3 [pid 5234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5234] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5234] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5234] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5234] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5234] close(3) = 0 [pid 5234] mkdir("./file0", 0777) = 0 [ 62.681517][ T5234] loop0: detected capacity change from 0 to 8192 [ 62.690454][ T5234] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.703646][ T5234] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 62.712953][ T5234] REISERFS (device loop0): using ordered data mode [ 62.719671][ T5234] reiserfs: using flush barriers [ 62.725341][ T5234] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 62.741872][ T5234] REISERFS (device loop0): checking transaction log (loop0) [pid 5234] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5234] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5234] chdir("./file0") = 0 [pid 5234] ioctl(4, LOOP_CLR_FD) = 0 [pid 5234] close(4) = 0 [pid 5234] creat("./bus", 000) = 4 [pid 5234] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5234] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5234] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5234] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5234] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5234] exit_group(0) = ? [pid 5234] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5234, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./84/binderfs") = 0 umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 62.776417][ T5234] REISERFS (device loop0): Using r5 hash to sort names [ 62.783594][ T5234] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./84/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./84") = 0 mkdir("./85", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5236 ./strace-static-x86_64: Process 5236 attached [pid 5236] chdir("./85") = 0 [pid 5236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5236] setpgid(0, 0) = 0 [pid 5236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5236] write(3, "1000", 4) = 4 [pid 5236] close(3) = 0 [pid 5236] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5236] memfd_create("syzkaller", 0) = 3 [pid 5236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5236] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5236] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5236] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5236] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5236] close(3) = 0 [pid 5236] mkdir("./file0", 0777) = 0 [ 62.891312][ T5236] loop0: detected capacity change from 0 to 8192 [ 62.900528][ T5236] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 62.913577][ T5236] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 62.922904][ T5236] REISERFS (device loop0): using ordered data mode [ 62.929452][ T5236] reiserfs: using flush barriers [ 62.935165][ T5236] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 62.951612][ T5236] REISERFS (device loop0): checking transaction log (loop0) [pid 5236] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5236] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5236] chdir("./file0") = 0 [pid 5236] ioctl(4, LOOP_CLR_FD) = 0 [pid 5236] close(4) = 0 [pid 5236] creat("./bus", 000) = 4 [pid 5236] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5236] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5236] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5236] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5236] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5236] exit_group(0) = ? [pid 5236] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5236, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./85/binderfs") = 0 [ 62.982160][ T5236] REISERFS (device loop0): Using r5 hash to sort names [ 62.989246][ T5236] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./85/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./85") = 0 mkdir("./86", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5238 ./strace-static-x86_64: Process 5238 attached [pid 5238] chdir("./86") = 0 [pid 5238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5238] setpgid(0, 0) = 0 [pid 5238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5238] write(3, "1000", 4) = 4 [pid 5238] close(3) = 0 [pid 5238] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5238] memfd_create("syzkaller", 0) = 3 [pid 5238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5238] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5238] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5238] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5238] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5238] close(3) = 0 [pid 5238] mkdir("./file0", 0777) = 0 [ 63.099448][ T5238] loop0: detected capacity change from 0 to 8192 [ 63.109443][ T5238] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 63.122469][ T5238] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 63.131725][ T5238] REISERFS (device loop0): using ordered data mode [ 63.138245][ T5238] reiserfs: using flush barriers [ 63.144175][ T5238] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 63.160601][ T5238] REISERFS (device loop0): checking transaction log (loop0) [pid 5238] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5238] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5238] chdir("./file0") = 0 [pid 5238] ioctl(4, LOOP_CLR_FD) = 0 [pid 5238] close(4) = 0 [pid 5238] creat("./bus", 000) = 4 [pid 5238] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5238] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5238] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5238] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5238] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5238] exit_group(0) = ? [pid 5238] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5238, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./86/binderfs") = 0 umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./86/file0") = 0 [ 63.196741][ T5238] REISERFS (device loop0): Using r5 hash to sort names [ 63.204060][ T5238] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./86") = 0 mkdir("./87", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5240 ./strace-static-x86_64: Process 5240 attached [pid 5240] chdir("./87") = 0 [pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5240] setpgid(0, 0) = 0 [pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5240] write(3, "1000", 4) = 4 [pid 5240] close(3) = 0 [pid 5240] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5240] memfd_create("syzkaller", 0) = 3 [pid 5240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5240] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5240] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5240] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5240] close(3) = 0 [pid 5240] mkdir("./file0", 0777) = 0 [ 63.304023][ T5240] loop0: detected capacity change from 0 to 8192 [ 63.312984][ T5240] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 63.325995][ T5240] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 63.335272][ T5240] REISERFS (device loop0): using ordered data mode [ 63.341836][ T5240] reiserfs: using flush barriers [ 63.347467][ T5240] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 63.363930][ T5240] REISERFS (device loop0): checking transaction log (loop0) [pid 5240] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5240] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5240] chdir("./file0") = 0 [pid 5240] ioctl(4, LOOP_CLR_FD) = 0 [pid 5240] close(4) = 0 [pid 5240] creat("./bus", 000) = 4 [pid 5240] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5240] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5240] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5240] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5240] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5240] exit_group(0) = ? [pid 5240] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5240, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./87/binderfs") = 0 [ 63.399892][ T5240] REISERFS (device loop0): Using r5 hash to sort names [ 63.407080][ T5240] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./87/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./87") = 0 mkdir("./88", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5242 ./strace-static-x86_64: Process 5242 attached [pid 5242] chdir("./88") = 0 [pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5242] setpgid(0, 0) = 0 [pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5242] write(3, "1000", 4) = 4 [pid 5242] close(3) = 0 [pid 5242] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5242] memfd_create("syzkaller", 0) = 3 [pid 5242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5242] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5242] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5242] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5242] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5242] close(3) = 0 [pid 5242] mkdir("./file0", 0777) = 0 [ 63.517297][ T5242] loop0: detected capacity change from 0 to 8192 [ 63.526942][ T5242] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 63.540025][ T5242] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 63.549391][ T5242] REISERFS (device loop0): using ordered data mode [ 63.555893][ T5242] reiserfs: using flush barriers [ 63.561857][ T5242] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 63.578250][ T5242] REISERFS (device loop0): checking transaction log (loop0) [pid 5242] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5242] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5242] chdir("./file0") = 0 [pid 5242] ioctl(4, LOOP_CLR_FD) = 0 [pid 5242] close(4) = 0 [pid 5242] creat("./bus", 000) = 4 [pid 5242] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5242] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5242] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5242] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5242] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5242] exit_group(0) = ? [pid 5242] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5242, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./88/binderfs") = 0 [ 63.614844][ T5242] REISERFS (device loop0): Using r5 hash to sort names [ 63.621975][ T5242] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./88/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./88") = 0 mkdir("./89", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5244 ./strace-static-x86_64: Process 5244 attached [pid 5244] chdir("./89") = 0 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5244] setpgid(0, 0) = 0 [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5244] write(3, "1000", 4) = 4 [pid 5244] close(3) = 0 [pid 5244] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5244] memfd_create("syzkaller", 0) = 3 [pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5244] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5244] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5244] close(3) = 0 [pid 5244] mkdir("./file0", 0777) = 0 [ 63.734819][ T5244] loop0: detected capacity change from 0 to 8192 [ 63.744838][ T5244] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 63.757986][ T5244] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 63.767310][ T5244] REISERFS (device loop0): using ordered data mode [ 63.773895][ T5244] reiserfs: using flush barriers [ 63.779992][ T5244] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 63.796353][ T5244] REISERFS (device loop0): checking transaction log (loop0) [pid 5244] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5244] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5244] chdir("./file0") = 0 [pid 5244] ioctl(4, LOOP_CLR_FD) = 0 [pid 5244] close(4) = 0 [pid 5244] creat("./bus", 000) = 4 [pid 5244] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5244] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5244] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5244] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5244] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5244] exit_group(0) = ? [pid 5244] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5244, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./89/binderfs") = 0 [ 63.831418][ T5244] REISERFS (device loop0): Using r5 hash to sort names [ 63.838654][ T5244] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./89/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./89") = 0 mkdir("./90", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5246 ./strace-static-x86_64: Process 5246 attached [pid 5246] chdir("./90") = 0 [pid 5246] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5246] setpgid(0, 0) = 0 [pid 5246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5246] write(3, "1000", 4) = 4 [pid 5246] close(3) = 0 [pid 5246] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5246] memfd_create("syzkaller", 0) = 3 [pid 5246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5246] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5246] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5246] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5246] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5246] close(3) = 0 [pid 5246] mkdir("./file0", 0777) = 0 [ 63.950706][ T5246] loop0: detected capacity change from 0 to 8192 [ 63.960914][ T5246] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 63.974220][ T5246] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 63.983618][ T5246] REISERFS (device loop0): using ordered data mode [ 63.990169][ T5246] reiserfs: using flush barriers [ 63.995838][ T5246] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 64.012430][ T5246] REISERFS (device loop0): checking transaction log (loop0) [pid 5246] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5246] chdir("./file0") = 0 [pid 5246] ioctl(4, LOOP_CLR_FD) = 0 [pid 5246] close(4) = 0 [pid 5246] creat("./bus", 000) = 4 [pid 5246] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5246] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5246] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5246] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5246] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5246] exit_group(0) = ? [pid 5246] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5246, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./90/binderfs") = 0 [ 64.047320][ T5246] REISERFS (device loop0): Using r5 hash to sort names [ 64.054458][ T5246] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./90/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./90") = 0 mkdir("./91", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5248 ./strace-static-x86_64: Process 5248 attached [pid 5248] chdir("./91") = 0 [pid 5248] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5248] setpgid(0, 0) = 0 [pid 5248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5248] write(3, "1000", 4) = 4 [pid 5248] close(3) = 0 [pid 5248] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5248] memfd_create("syzkaller", 0) = 3 [pid 5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5248] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5248] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5248] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5248] close(3) = 0 [pid 5248] mkdir("./file0", 0777) = 0 [ 64.169483][ T5248] loop0: detected capacity change from 0 to 8192 [ 64.179308][ T5248] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 64.192303][ T5248] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 64.201570][ T5248] REISERFS (device loop0): using ordered data mode [ 64.208104][ T5248] reiserfs: using flush barriers [ 64.213960][ T5248] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 64.230449][ T5248] REISERFS (device loop0): checking transaction log (loop0) [pid 5248] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5248] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5248] chdir("./file0") = 0 [pid 5248] ioctl(4, LOOP_CLR_FD) = 0 [pid 5248] close(4) = 0 [pid 5248] creat("./bus", 000) = 4 [pid 5248] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5248] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5248] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5248] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5248] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5248] exit_group(0) = ? [pid 5248] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5248, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./91/binderfs") = 0 [ 64.266151][ T5248] REISERFS (device loop0): Using r5 hash to sort names [ 64.273313][ T5248] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./91/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./91") = 0 mkdir("./92", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5250 ./strace-static-x86_64: Process 5250 attached [pid 5250] chdir("./92") = 0 [pid 5250] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5250] setpgid(0, 0) = 0 [pid 5250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5250] write(3, "1000", 4) = 4 [pid 5250] close(3) = 0 [pid 5250] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5250] memfd_create("syzkaller", 0) = 3 [pid 5250] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5250] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5250] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5250] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5250] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5250] close(3) = 0 [pid 5250] mkdir("./file0", 0777) = 0 [ 64.393299][ T5250] loop0: detected capacity change from 0 to 8192 [ 64.403245][ T5250] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 64.416486][ T5250] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 64.425834][ T5250] REISERFS (device loop0): using ordered data mode [ 64.432406][ T5250] reiserfs: using flush barriers [ 64.438148][ T5250] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 64.454686][ T5250] REISERFS (device loop0): checking transaction log (loop0) [pid 5250] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5250] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5250] chdir("./file0") = 0 [pid 5250] ioctl(4, LOOP_CLR_FD) = 0 [pid 5250] close(4) = 0 [pid 5250] creat("./bus", 000) = 4 [pid 5250] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5250] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5250] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5250] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5250] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5250] exit_group(0) = ? [pid 5250] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5250, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./92/binderfs") = 0 [ 64.485318][ T5250] REISERFS (device loop0): Using r5 hash to sort names [ 64.492501][ T5250] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./92/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./92") = 0 mkdir("./93", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5252 ./strace-static-x86_64: Process 5252 attached [pid 5252] chdir("./93") = 0 [pid 5252] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5252] setpgid(0, 0) = 0 [pid 5252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5252] write(3, "1000", 4) = 4 [pid 5252] close(3) = 0 [pid 5252] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5252] memfd_create("syzkaller", 0) = 3 [pid 5252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5252] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5252] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5252] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5252] close(3) = 0 [pid 5252] mkdir("./file0", 0777) = 0 [ 64.601642][ T5252] loop0: detected capacity change from 0 to 8192 [ 64.610584][ T5252] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 64.623610][ T5252] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 64.632905][ T5252] REISERFS (device loop0): using ordered data mode [ 64.639452][ T5252] reiserfs: using flush barriers [ 64.645152][ T5252] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 64.661602][ T5252] REISERFS (device loop0): checking transaction log (loop0) [ 64.691921][ T5252] REISERFS (device loop0): Using r5 hash to sort names [pid 5252] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5252] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5252] chdir("./file0") = 0 [pid 5252] ioctl(4, LOOP_CLR_FD) = 0 [pid 5252] close(4) = 0 [pid 5252] creat("./bus", 000) = 4 [pid 5252] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5252] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5252] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5252] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5252] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5252] exit_group(0) = ? [pid 5252] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5252, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./93/binderfs") = 0 umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./93/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./93") = 0 mkdir("./94", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 64.699118][ T5252] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5254 ./strace-static-x86_64: Process 5254 attached [pid 5254] chdir("./94") = 0 [pid 5254] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5254] setpgid(0, 0) = 0 [pid 5254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5254] write(3, "1000", 4) = 4 [pid 5254] close(3) = 0 [pid 5254] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5254] memfd_create("syzkaller", 0) = 3 [pid 5254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5254] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5254] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5254] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5254] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5254] close(3) = 0 [pid 5254] mkdir("./file0", 0777) = 0 [ 64.800946][ T5254] loop0: detected capacity change from 0 to 8192 [ 64.810459][ T5254] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 64.823609][ T5254] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 64.832856][ T5254] REISERFS (device loop0): using ordered data mode [ 64.839398][ T5254] reiserfs: using flush barriers [ 64.845016][ T5254] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 64.861485][ T5254] REISERFS (device loop0): checking transaction log (loop0) [pid 5254] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5254] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5254] chdir("./file0") = 0 [pid 5254] ioctl(4, LOOP_CLR_FD) = 0 [pid 5254] close(4) = 0 [pid 5254] creat("./bus", 000) = 4 [pid 5254] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5254] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5254] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5254] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5254] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5254] exit_group(0) = ? [pid 5254] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5254, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./94/binderfs") = 0 [ 64.895710][ T5254] REISERFS (device loop0): Using r5 hash to sort names [ 64.902799][ T5254] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./94/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./94") = 0 mkdir("./95", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5256 ./strace-static-x86_64: Process 5256 attached [pid 5256] chdir("./95") = 0 [pid 5256] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5256] setpgid(0, 0) = 0 [pid 5256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5256] write(3, "1000", 4) = 4 [pid 5256] close(3) = 0 [pid 5256] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5256] memfd_create("syzkaller", 0) = 3 [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5256] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5256] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5256] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5256] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5256] close(3) = 0 [pid 5256] mkdir("./file0", 0777) = 0 [ 65.019447][ T5256] loop0: detected capacity change from 0 to 8192 [ 65.028991][ T5256] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 65.042326][ T5256] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 65.051701][ T5256] REISERFS (device loop0): using ordered data mode [ 65.058320][ T5256] reiserfs: using flush barriers [ 65.064346][ T5256] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 65.080683][ T5256] REISERFS (device loop0): checking transaction log (loop0) [pid 5256] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5256] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5256] chdir("./file0") = 0 [pid 5256] ioctl(4, LOOP_CLR_FD) = 0 [pid 5256] close(4) = 0 [pid 5256] creat("./bus", 000) = 4 [pid 5256] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5256] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5256] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5256] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5256] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5256] exit_group(0) = ? [pid 5256] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5256, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./95/binderfs") = 0 [ 65.115657][ T5256] REISERFS (device loop0): Using r5 hash to sort names [ 65.122961][ T5256] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./95/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./95") = 0 mkdir("./96", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5258 ./strace-static-x86_64: Process 5258 attached [pid 5258] chdir("./96") = 0 [pid 5258] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5258] setpgid(0, 0) = 0 [pid 5258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5258] write(3, "1000", 4) = 4 [pid 5258] close(3) = 0 [pid 5258] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5258] memfd_create("syzkaller", 0) = 3 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5258] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5258] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5258] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5258] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5258] close(3) = 0 [pid 5258] mkdir("./file0", 0777) = 0 [ 65.230280][ T5258] loop0: detected capacity change from 0 to 8192 [ 65.239614][ T5258] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 65.252744][ T5258] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 65.262024][ T5258] REISERFS (device loop0): using ordered data mode [ 65.268534][ T5258] reiserfs: using flush barriers [ 65.274606][ T5258] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 65.290990][ T5258] REISERFS (device loop0): checking transaction log (loop0) [pid 5258] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5258] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5258] chdir("./file0") = 0 [pid 5258] ioctl(4, LOOP_CLR_FD) = 0 [pid 5258] close(4) = 0 [pid 5258] creat("./bus", 000) = 4 [pid 5258] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5258] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5258] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5258] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5258] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5258] exit_group(0) = ? [pid 5258] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5258, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./96/binderfs") = 0 [ 65.324985][ T5258] REISERFS (device loop0): Using r5 hash to sort names [ 65.332195][ T5258] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./96/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./96") = 0 mkdir("./97", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5260 ./strace-static-x86_64: Process 5260 attached [pid 5260] chdir("./97") = 0 [pid 5260] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5260] setpgid(0, 0) = 0 [pid 5260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5260] write(3, "1000", 4) = 4 [pid 5260] close(3) = 0 [pid 5260] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5260] memfd_create("syzkaller", 0) = 3 [pid 5260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5260] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5260] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5260] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5260] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5260] close(3) = 0 [pid 5260] mkdir("./file0", 0777) = 0 [ 65.439704][ T5260] loop0: detected capacity change from 0 to 8192 [ 65.449566][ T5260] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 65.462603][ T5260] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 65.471890][ T5260] REISERFS (device loop0): using ordered data mode [ 65.478409][ T5260] reiserfs: using flush barriers [ 65.484147][ T5260] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 65.500655][ T5260] REISERFS (device loop0): checking transaction log (loop0) [pid 5260] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5260] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5260] chdir("./file0") = 0 [pid 5260] ioctl(4, LOOP_CLR_FD) = 0 [pid 5260] close(4) = 0 [pid 5260] creat("./bus", 000) = 4 [pid 5260] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5260] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5260] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5260] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5260] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5260] exit_group(0) = ? [pid 5260] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5260, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./97/binderfs") = 0 umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 65.536161][ T5260] REISERFS (device loop0): Using r5 hash to sort names [ 65.543503][ T5260] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. lstat("./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./97/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./97") = 0 mkdir("./98", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5262 ./strace-static-x86_64: Process 5262 attached [pid 5262] chdir("./98") = 0 [pid 5262] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5262] setpgid(0, 0) = 0 [pid 5262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5262] write(3, "1000", 4) = 4 [pid 5262] close(3) = 0 [pid 5262] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5262] memfd_create("syzkaller", 0) = 3 [pid 5262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5262] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5262] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5262] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5262] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5262] close(3) = 0 [pid 5262] mkdir("./file0", 0777) = 0 [ 65.644273][ T5262] loop0: detected capacity change from 0 to 8192 [ 65.653672][ T5262] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 65.666722][ T5262] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 65.675991][ T5262] REISERFS (device loop0): using ordered data mode [ 65.682559][ T5262] reiserfs: using flush barriers [ 65.688168][ T5262] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 65.704562][ T5262] REISERFS (device loop0): checking transaction log (loop0) [pid 5262] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5262] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5262] chdir("./file0") = 0 [pid 5262] ioctl(4, LOOP_CLR_FD) = 0 [pid 5262] close(4) = 0 [pid 5262] creat("./bus", 000) = 4 [pid 5262] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5262] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5262] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5262] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5262] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5262] exit_group(0) = ? [pid 5262] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5262, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./98/binderfs") = 0 [ 65.739205][ T5262] REISERFS (device loop0): Using r5 hash to sort names [ 65.746357][ T5262] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./98/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./98") = 0 mkdir("./99", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5264 ./strace-static-x86_64: Process 5264 attached [pid 5264] chdir("./99") = 0 [pid 5264] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5264] setpgid(0, 0) = 0 [pid 5264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5264] write(3, "1000", 4) = 4 [pid 5264] close(3) = 0 [pid 5264] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5264] memfd_create("syzkaller", 0) = 3 [pid 5264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5264] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5264] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5264] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5264] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5264] close(3) = 0 [pid 5264] mkdir("./file0", 0777) = 0 [ 65.861015][ T5264] loop0: detected capacity change from 0 to 8192 [ 65.870545][ T5264] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 65.883608][ T5264] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 65.892866][ T5264] REISERFS (device loop0): using ordered data mode [ 65.899411][ T5264] reiserfs: using flush barriers [ 65.905022][ T5264] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 65.921693][ T5264] REISERFS (device loop0): checking transaction log (loop0) [pid 5264] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5264] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5264] chdir("./file0") = 0 [pid 5264] ioctl(4, LOOP_CLR_FD) = 0 [pid 5264] close(4) = 0 [pid 5264] creat("./bus", 000) = 4 [pid 5264] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5264] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5264] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5264] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5264] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5264] exit_group(0) = ? [pid 5264] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5264, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./99/binderfs") = 0 umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 65.955886][ T5264] REISERFS (device loop0): Using r5 hash to sort names [ 65.962944][ T5264] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./99/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./99") = 0 mkdir("./100", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5266 attached [pid 5266] chdir("./100") = 0 [pid 5266] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5266 [pid 5266] setpgid(0, 0) = 0 [pid 5266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5266] write(3, "1000", 4) = 4 [pid 5266] close(3) = 0 [pid 5266] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5266] memfd_create("syzkaller", 0) = 3 [pid 5266] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5266] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5266] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5266] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5266] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5266] close(3) = 0 [pid 5266] mkdir("./file0", 0777) = 0 [ 66.065051][ T5266] loop0: detected capacity change from 0 to 8192 [ 66.074522][ T5266] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 66.087822][ T5266] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 66.097091][ T5266] REISERFS (device loop0): using ordered data mode [ 66.103642][ T5266] reiserfs: using flush barriers [ 66.109381][ T5266] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 66.125706][ T5266] REISERFS (device loop0): checking transaction log (loop0) [ 66.154534][ T5266] REISERFS (device loop0): Using r5 hash to sort names [pid 5266] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5266] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5266] chdir("./file0") = 0 [pid 5266] ioctl(4, LOOP_CLR_FD) = 0 [pid 5266] close(4) = 0 [pid 5266] creat("./bus", 000) = 4 [pid 5266] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5266] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5266] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5266] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5266] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5266] exit_group(0) = ? [pid 5266] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5266, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./100/binderfs") = 0 [ 66.161629][ T5266] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./100/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./100") = 0 mkdir("./101", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5268 attached , child_tidptr=0x555556cf25d0) = 5268 [pid 5268] chdir("./101") = 0 [pid 5268] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5268] setpgid(0, 0) = 0 [pid 5268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5268] write(3, "1000", 4) = 4 [pid 5268] close(3) = 0 [pid 5268] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5268] memfd_create("syzkaller", 0) = 3 [pid 5268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5268] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5268] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5268] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5268] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5268] close(3) = 0 [pid 5268] mkdir("./file0", 0777) = 0 [ 66.263292][ T5268] loop0: detected capacity change from 0 to 8192 [ 66.272168][ T5268] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 66.285256][ T5268] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 66.294794][ T5268] REISERFS (device loop0): using ordered data mode [ 66.301333][ T5268] reiserfs: using flush barriers [ 66.307125][ T5268] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 66.323538][ T5268] REISERFS (device loop0): checking transaction log (loop0) [pid 5268] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5268] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5268] chdir("./file0") = 0 [pid 5268] ioctl(4, LOOP_CLR_FD) = 0 [pid 5268] close(4) = 0 [pid 5268] creat("./bus", 000) = 4 [pid 5268] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5268] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5268] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5268] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5268] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5268] exit_group(0) = ? [pid 5268] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5268, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./101/binderfs") = 0 umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./101/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./101") = 0 mkdir("./102", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 66.357915][ T5268] REISERFS (device loop0): Using r5 hash to sort names [ 66.364973][ T5268] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5270 ./strace-static-x86_64: Process 5270 attached [pid 5270] chdir("./102") = 0 [pid 5270] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5270] setpgid(0, 0) = 0 [pid 5270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5270] write(3, "1000", 4) = 4 [pid 5270] close(3) = 0 [pid 5270] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5270] memfd_create("syzkaller", 0) = 3 [pid 5270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5270] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5270] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5270] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5270] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5270] close(3) = 0 [pid 5270] mkdir("./file0", 0777) = 0 [ 66.466496][ T5270] loop0: detected capacity change from 0 to 8192 [ 66.475733][ T5270] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 66.488863][ T5270] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 66.498053][ T5270] REISERFS (device loop0): using ordered data mode [ 66.504602][ T5270] reiserfs: using flush barriers [ 66.510154][ T5270] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 66.526586][ T5270] REISERFS (device loop0): checking transaction log (loop0) [pid 5270] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5270] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5270] chdir("./file0") = 0 [pid 5270] ioctl(4, LOOP_CLR_FD) = 0 [pid 5270] close(4) = 0 [pid 5270] creat("./bus", 000) = 4 [pid 5270] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5270] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5270] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5270] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5270] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5270] exit_group(0) = ? [pid 5270] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5270, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./102/binderfs") = 0 [ 66.561534][ T5270] REISERFS (device loop0): Using r5 hash to sort names [ 66.568575][ T5270] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./102/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./102") = 0 mkdir("./103", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5272 attached , child_tidptr=0x555556cf25d0) = 5272 [pid 5272] chdir("./103") = 0 [pid 5272] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5272] setpgid(0, 0) = 0 [pid 5272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5272] write(3, "1000", 4) = 4 [pid 5272] close(3) = 0 [pid 5272] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5272] memfd_create("syzkaller", 0) = 3 [pid 5272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5272] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5272] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5272] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5272] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5272] close(3) = 0 [pid 5272] mkdir("./file0", 0777) = 0 [ 66.669008][ T5272] loop0: detected capacity change from 0 to 8192 [ 66.678182][ T5272] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 66.691321][ T5272] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 66.700678][ T5272] REISERFS (device loop0): using ordered data mode [ 66.707188][ T5272] reiserfs: using flush barriers [ 66.712944][ T5272] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 66.729253][ T5272] REISERFS (device loop0): checking transaction log (loop0) [ 66.758456][ T5272] REISERFS (device loop0): Using r5 hash to sort names [pid 5272] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5272] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5272] chdir("./file0") = 0 [pid 5272] ioctl(4, LOOP_CLR_FD) = 0 [pid 5272] close(4) = 0 [pid 5272] creat("./bus", 000) = 4 [pid 5272] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5272] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5272] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5272] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5272] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5272] exit_group(0) = ? [pid 5272] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5272, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./103/binderfs") = 0 umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./103/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./103") = 0 [ 66.765804][ T5272] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. mkdir("./104", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5274 attached , child_tidptr=0x555556cf25d0) = 5274 [pid 5274] chdir("./104") = 0 [pid 5274] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5274] setpgid(0, 0) = 0 [pid 5274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5274] write(3, "1000", 4) = 4 [pid 5274] close(3) = 0 [pid 5274] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5274] memfd_create("syzkaller", 0) = 3 [pid 5274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5274] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5274] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5274] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5274] close(3) = 0 [pid 5274] mkdir("./file0", 0777) = 0 [ 66.870701][ T5274] loop0: detected capacity change from 0 to 8192 [ 66.879469][ T5274] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 66.892822][ T5274] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 66.902315][ T5274] REISERFS (device loop0): using ordered data mode [ 66.908896][ T5274] reiserfs: using flush barriers [ 66.914459][ T5274] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 66.930847][ T5274] REISERFS (device loop0): checking transaction log (loop0) [pid 5274] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5274] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5274] chdir("./file0") = 0 [pid 5274] ioctl(4, LOOP_CLR_FD) = 0 [pid 5274] close(4) = 0 [pid 5274] creat("./bus", 000) = 4 [pid 5274] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5274] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5274] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5274] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5274] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5274] exit_group(0) = ? [pid 5274] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5274, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./104/binderfs") = 0 [ 66.966097][ T5274] REISERFS (device loop0): Using r5 hash to sort names [ 66.973172][ T5274] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./104/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./104") = 0 mkdir("./105", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5276 ./strace-static-x86_64: Process 5276 attached [pid 5276] chdir("./105") = 0 [pid 5276] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5276] setpgid(0, 0) = 0 [pid 5276] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5276] write(3, "1000", 4) = 4 [pid 5276] close(3) = 0 [pid 5276] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5276] memfd_create("syzkaller", 0) = 3 [pid 5276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5276] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5276] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5276] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5276] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5276] close(3) = 0 [pid 5276] mkdir("./file0", 0777) = 0 [ 67.077011][ T5276] loop0: detected capacity change from 0 to 8192 [ 67.086342][ T5276] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.099483][ T5276] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 67.108658][ T5276] REISERFS (device loop0): using ordered data mode [ 67.115222][ T5276] reiserfs: using flush barriers [ 67.120973][ T5276] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.137369][ T5276] REISERFS (device loop0): checking transaction log (loop0) [pid 5276] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5276] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5276] chdir("./file0") = 0 [pid 5276] ioctl(4, LOOP_CLR_FD) = 0 [pid 5276] close(4) = 0 [pid 5276] creat("./bus", 000) = 4 [pid 5276] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5276] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5276] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5276] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5276] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5276] exit_group(0) = ? [pid 5276] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5276, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./105/binderfs") = 0 umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./105/file0") = 0 [ 67.172010][ T5276] REISERFS (device loop0): Using r5 hash to sort names [ 67.179341][ T5276] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./105") = 0 mkdir("./106", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5278 ./strace-static-x86_64: Process 5278 attached [pid 5278] chdir("./106") = 0 [pid 5278] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5278] setpgid(0, 0) = 0 [pid 5278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5278] write(3, "1000", 4) = 4 [pid 5278] close(3) = 0 [pid 5278] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5278] memfd_create("syzkaller", 0) = 3 [pid 5278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5278] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5278] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5278] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5278] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5278] close(3) = 0 [pid 5278] mkdir("./file0", 0777) = 0 [ 67.274851][ T5278] loop0: detected capacity change from 0 to 8192 [ 67.284230][ T5278] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.297351][ T5278] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 67.306569][ T5278] REISERFS (device loop0): using ordered data mode [ 67.313221][ T5278] reiserfs: using flush barriers [ 67.318851][ T5278] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.335168][ T5278] REISERFS (device loop0): checking transaction log (loop0) [pid 5278] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5278] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5278] chdir("./file0") = 0 [pid 5278] ioctl(4, LOOP_CLR_FD) = 0 [pid 5278] close(4) = 0 [pid 5278] creat("./bus", 000) = 4 [pid 5278] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5278] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5278] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5278] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5278] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5278] exit_group(0) = ? [pid 5278] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5278, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./106/binderfs") = 0 [ 67.369188][ T5278] REISERFS (device loop0): Using r5 hash to sort names [ 67.376319][ T5278] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./106/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./106") = 0 mkdir("./107", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5280 attached , child_tidptr=0x555556cf25d0) = 5280 [pid 5280] chdir("./107") = 0 [pid 5280] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5280] setpgid(0, 0) = 0 [pid 5280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5280] write(3, "1000", 4) = 4 [pid 5280] close(3) = 0 [pid 5280] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5280] memfd_create("syzkaller", 0) = 3 [pid 5280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5280] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5280] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5280] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5280] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5280] close(3) = 0 [pid 5280] mkdir("./file0", 0777) = 0 [ 67.484133][ T5280] loop0: detected capacity change from 0 to 8192 [ 67.494188][ T5280] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.507403][ T5280] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 67.516678][ T5280] REISERFS (device loop0): using ordered data mode [ 67.523431][ T5280] reiserfs: using flush barriers [ 67.529006][ T5280] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.545463][ T5280] REISERFS (device loop0): checking transaction log (loop0) [pid 5280] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5280] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5280] chdir("./file0") = 0 [pid 5280] ioctl(4, LOOP_CLR_FD) = 0 [pid 5280] close(4) = 0 [pid 5280] creat("./bus", 000) = 4 [pid 5280] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5280] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5280] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5280] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5280] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5280] exit_group(0) = ? [pid 5280] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5280, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./107/binderfs") = 0 [ 67.578588][ T5280] REISERFS (device loop0): Using r5 hash to sort names [ 67.585672][ T5280] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./107/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./107") = 0 mkdir("./108", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5282 ./strace-static-x86_64: Process 5282 attached [pid 5282] chdir("./108") = 0 [pid 5282] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5282] setpgid(0, 0) = 0 [pid 5282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5282] write(3, "1000", 4) = 4 [pid 5282] close(3) = 0 [pid 5282] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5282] memfd_create("syzkaller", 0) = 3 [pid 5282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5282] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5282] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5282] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5282] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5282] close(3) = 0 [pid 5282] mkdir("./file0", 0777) = 0 [ 67.689421][ T5282] loop0: detected capacity change from 0 to 8192 [ 67.698663][ T5282] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.711732][ T5282] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 67.720907][ T5282] REISERFS (device loop0): using ordered data mode [ 67.727393][ T5282] reiserfs: using flush barriers [ 67.733075][ T5282] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.749328][ T5282] REISERFS (device loop0): checking transaction log (loop0) [pid 5282] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5282] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5282] chdir("./file0") = 0 [pid 5282] ioctl(4, LOOP_CLR_FD) = 0 [pid 5282] close(4) = 0 [pid 5282] creat("./bus", 000) = 4 [pid 5282] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5282] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5282] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5282] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5282] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5282] exit_group(0) = ? [pid 5282] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5282, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./108/binderfs") = 0 [ 67.783528][ T5282] REISERFS (device loop0): Using r5 hash to sort names [ 67.790829][ T5282] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./108/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./108") = 0 mkdir("./109", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5284 ./strace-static-x86_64: Process 5284 attached [pid 5284] chdir("./109") = 0 [pid 5284] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5284] setpgid(0, 0) = 0 [pid 5284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5284] write(3, "1000", 4) = 4 [pid 5284] close(3) = 0 [pid 5284] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5284] memfd_create("syzkaller", 0) = 3 [pid 5284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5284] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5284] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5284] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5284] close(3) = 0 [pid 5284] mkdir("./file0", 0777) = 0 [ 67.908215][ T5284] loop0: detected capacity change from 0 to 8192 [ 67.918364][ T5284] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.931466][ T5284] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 67.940753][ T5284] REISERFS (device loop0): using ordered data mode [ 67.947353][ T5284] reiserfs: using flush barriers [ 67.953050][ T5284] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.969483][ T5284] REISERFS (device loop0): checking transaction log (loop0) [pid 5284] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5284] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5284] chdir("./file0") = 0 [pid 5284] ioctl(4, LOOP_CLR_FD) = 0 [pid 5284] close(4) = 0 [pid 5284] creat("./bus", 000) = 4 [pid 5284] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5284] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5284] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5284] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5284] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5284] exit_group(0) = ? [pid 5284] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5284, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./109/binderfs") = 0 umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 68.004414][ T5284] REISERFS (device loop0): Using r5 hash to sort names [ 68.011634][ T5284] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./109/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./109") = 0 mkdir("./110", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5286 attached [pid 5286] chdir("./110") = 0 [pid 5286] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5286] setpgid(0, 0) = 0 [pid 5286] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5286] write(3, "1000", 4) = 4 [pid 5286] close(3) = 0 [pid 5286] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5286 [pid 5286] memfd_create("syzkaller", 0) = 3 [pid 5286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5286] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5286] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5286] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5286] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5286] close(3) = 0 [pid 5286] mkdir("./file0", 0777) = 0 [ 68.106737][ T5286] loop0: detected capacity change from 0 to 8192 [ 68.116060][ T5286] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.129271][ T5286] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 68.138720][ T5286] REISERFS (device loop0): using ordered data mode [ 68.145287][ T5286] reiserfs: using flush barriers [ 68.150934][ T5286] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.167339][ T5286] REISERFS (device loop0): checking transaction log (loop0) [pid 5286] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5286] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5286] chdir("./file0") = 0 [pid 5286] ioctl(4, LOOP_CLR_FD) = 0 [pid 5286] close(4) = 0 [pid 5286] creat("./bus", 000) = 4 [pid 5286] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5286] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5286] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5286] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5286] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5286] exit_group(0) = ? [pid 5286] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5286, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./110/binderfs") = 0 umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 [ 68.201755][ T5286] REISERFS (device loop0): Using r5 hash to sort names [ 68.208956][ T5286] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(4) = 0 rmdir("./110/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./110") = 0 mkdir("./111", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5288 ./strace-static-x86_64: Process 5288 attached [pid 5288] chdir("./111") = 0 [pid 5288] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5288] setpgid(0, 0) = 0 [pid 5288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5288] write(3, "1000", 4) = 4 [pid 5288] close(3) = 0 [pid 5288] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5288] memfd_create("syzkaller", 0) = 3 [pid 5288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5288] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5288] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5288] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5288] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5288] close(3) = 0 [pid 5288] mkdir("./file0", 0777) = 0 [ 68.307646][ T5288] loop0: detected capacity change from 0 to 8192 [ 68.317272][ T5288] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.330314][ T5288] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 68.339524][ T5288] REISERFS (device loop0): using ordered data mode [ 68.346016][ T5288] reiserfs: using flush barriers [ 68.351963][ T5288] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.368406][ T5288] REISERFS (device loop0): checking transaction log (loop0) [ 68.397179][ T5288] REISERFS (device loop0): Using r5 hash to sort names [pid 5288] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5288] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5288] chdir("./file0") = 0 [pid 5288] ioctl(4, LOOP_CLR_FD) = 0 [pid 5288] close(4) = 0 [pid 5288] creat("./bus", 000) = 4 [pid 5288] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5288] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5288] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5288] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5288] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5288] exit_group(0) = ? [pid 5288] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5288, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./111/binderfs") = 0 umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 [ 68.404539][ T5288] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./111/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./111") = 0 mkdir("./112", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5290 ./strace-static-x86_64: Process 5290 attached [pid 5290] chdir("./112") = 0 [pid 5290] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5290] setpgid(0, 0) = 0 [pid 5290] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5290] write(3, "1000", 4) = 4 [pid 5290] close(3) = 0 [pid 5290] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5290] memfd_create("syzkaller", 0) = 3 [pid 5290] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5290] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5290] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5290] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5290] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5290] close(3) = 0 [pid 5290] mkdir("./file0", 0777) = 0 [ 68.514058][ T5290] loop0: detected capacity change from 0 to 8192 [ 68.523026][ T5290] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.536189][ T5290] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 68.545779][ T5290] REISERFS (device loop0): using ordered data mode [ 68.552354][ T5290] reiserfs: using flush barriers [ 68.558028][ T5290] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.574516][ T5290] REISERFS (device loop0): checking transaction log (loop0) [pid 5290] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5290] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5290] chdir("./file0") = 0 [pid 5290] ioctl(4, LOOP_CLR_FD) = 0 [pid 5290] close(4) = 0 [pid 5290] creat("./bus", 000) = 4 [pid 5290] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5290] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5290] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5290] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5290] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5290] exit_group(0) = ? [pid 5290] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5290, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./112/binderfs") = 0 umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 68.608525][ T5290] REISERFS (device loop0): Using r5 hash to sort names [ 68.615597][ T5290] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./112/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./112") = 0 mkdir("./113", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5292 ./strace-static-x86_64: Process 5292 attached [pid 5292] chdir("./113") = 0 [pid 5292] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5292] setpgid(0, 0) = 0 [pid 5292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5292] write(3, "1000", 4) = 4 [pid 5292] close(3) = 0 [pid 5292] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5292] memfd_create("syzkaller", 0) = 3 [pid 5292] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5292] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5292] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5292] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5292] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5292] close(3) = 0 [pid 5292] mkdir("./file0", 0777) = 0 [ 68.705884][ T5292] loop0: detected capacity change from 0 to 8192 [ 68.715972][ T5292] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.729081][ T5292] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 68.738257][ T5292] REISERFS (device loop0): using ordered data mode [ 68.744827][ T5292] reiserfs: using flush barriers [ 68.750425][ T5292] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.766802][ T5292] REISERFS (device loop0): checking transaction log (loop0) [ 68.795664][ T5292] REISERFS (device loop0): Using r5 hash to sort names [pid 5292] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5292] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5292] chdir("./file0") = 0 [pid 5292] ioctl(4, LOOP_CLR_FD) = 0 [pid 5292] close(4) = 0 [pid 5292] creat("./bus", 000) = 4 [pid 5292] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5292] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5292] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5292] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5292] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5292] exit_group(0) = ? [pid 5292] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5292, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./113/binderfs") = 0 umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./113/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./113") = 0 mkdir("./114", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 68.802725][ T5292] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5294 ./strace-static-x86_64: Process 5294 attached [pid 5294] chdir("./114") = 0 [pid 5294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5294] setpgid(0, 0) = 0 [pid 5294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5294] write(3, "1000", 4) = 4 [pid 5294] close(3) = 0 [pid 5294] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5294] memfd_create("syzkaller", 0) = 3 [pid 5294] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5294] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5294] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5294] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5294] close(3) = 0 [pid 5294] mkdir("./file0", 0777) = 0 [ 68.900902][ T5294] loop0: detected capacity change from 0 to 8192 [ 68.909770][ T5294] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.922857][ T5294] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 68.932267][ T5294] REISERFS (device loop0): using ordered data mode [ 68.939158][ T5294] reiserfs: using flush barriers [ 68.945089][ T5294] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.961571][ T5294] REISERFS (device loop0): checking transaction log (loop0) [pid 5294] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5294] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5294] chdir("./file0") = 0 [pid 5294] ioctl(4, LOOP_CLR_FD) = 0 [pid 5294] close(4) = 0 [pid 5294] creat("./bus", 000) = 4 [pid 5294] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5294] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5294] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5294] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5294] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5294] exit_group(0) = ? [pid 5294] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5294, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./114/binderfs") = 0 [ 68.996109][ T5294] REISERFS (device loop0): Using r5 hash to sort names [ 69.003312][ T5294] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./114/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./114") = 0 mkdir("./115", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5296 ./strace-static-x86_64: Process 5296 attached [pid 5296] chdir("./115") = 0 [pid 5296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5296] setpgid(0, 0) = 0 [pid 5296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5296] write(3, "1000", 4) = 4 [pid 5296] close(3) = 0 [pid 5296] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5296] memfd_create("syzkaller", 0) = 3 [pid 5296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5296] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5296] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5296] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5296] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5296] close(3) = 0 [pid 5296] mkdir("./file0", 0777) = 0 [ 69.112787][ T5296] loop0: detected capacity change from 0 to 8192 [ 69.121844][ T5296] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.135144][ T5296] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 69.144423][ T5296] REISERFS (device loop0): using ordered data mode [ 69.150985][ T5296] reiserfs: using flush barriers [ 69.156549][ T5296] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.173112][ T5296] REISERFS (device loop0): checking transaction log (loop0) [pid 5296] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5296] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5296] chdir("./file0") = 0 [pid 5296] ioctl(4, LOOP_CLR_FD) = 0 [pid 5296] close(4) = 0 [pid 5296] creat("./bus", 000) = 4 [pid 5296] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5296] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5296] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5296] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5296] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5296] exit_group(0) = ? [pid 5296] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5296, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./115/binderfs") = 0 umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 69.207174][ T5296] REISERFS (device loop0): Using r5 hash to sort names [ 69.214321][ T5296] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./115/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./115") = 0 mkdir("./116", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5298 ./strace-static-x86_64: Process 5298 attached [pid 5298] chdir("./116") = 0 [pid 5298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5298] setpgid(0, 0) = 0 [pid 5298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5298] write(3, "1000", 4) = 4 [pid 5298] close(3) = 0 [pid 5298] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5298] memfd_create("syzkaller", 0) = 3 [pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5298] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5298] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5298] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5298] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5298] close(3) = 0 [pid 5298] mkdir("./file0", 0777) = 0 [ 69.316149][ T5298] loop0: detected capacity change from 0 to 8192 [ 69.325162][ T5298] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.338275][ T5298] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 69.347611][ T5298] REISERFS (device loop0): using ordered data mode [ 69.354163][ T5298] reiserfs: using flush barriers [ 69.359806][ T5298] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.376295][ T5298] REISERFS (device loop0): checking transaction log (loop0) [pid 5298] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5298] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5298] chdir("./file0") = 0 [pid 5298] ioctl(4, LOOP_CLR_FD) = 0 [pid 5298] close(4) = 0 [pid 5298] creat("./bus", 000) = 4 [pid 5298] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5298] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5298] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5298] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5298] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5298] exit_group(0) = ? [pid 5298] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5298, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./116/binderfs") = 0 [ 69.410082][ T5298] REISERFS (device loop0): Using r5 hash to sort names [ 69.417209][ T5298] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./116/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./116") = 0 mkdir("./117", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5300 attached , child_tidptr=0x555556cf25d0) = 5300 [pid 5300] chdir("./117") = 0 [pid 5300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5300] setpgid(0, 0) = 0 [pid 5300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5300] write(3, "1000", 4) = 4 [pid 5300] close(3) = 0 [pid 5300] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5300] memfd_create("syzkaller", 0) = 3 [pid 5300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5300] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5300] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5300] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5300] close(3) = 0 [pid 5300] mkdir("./file0", 0777) = 0 [ 69.520338][ T5300] loop0: detected capacity change from 0 to 8192 [ 69.529532][ T5300] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.542620][ T5300] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 69.551963][ T5300] REISERFS (device loop0): using ordered data mode [ 69.558535][ T5300] reiserfs: using flush barriers [ 69.564309][ T5300] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.580796][ T5300] REISERFS (device loop0): checking transaction log (loop0) [ 69.609584][ T5300] REISERFS (device loop0): Using r5 hash to sort names [pid 5300] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5300] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5300] chdir("./file0") = 0 [pid 5300] ioctl(4, LOOP_CLR_FD) = 0 [pid 5300] close(4) = 0 [pid 5300] creat("./bus", 000) = 4 [pid 5300] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5300] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5300] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5300] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5300] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5300] exit_group(0) = ? [pid 5300] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5300, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./117/binderfs") = 0 [ 69.616778][ T5300] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./117/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./117") = 0 mkdir("./118", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5302 ./strace-static-x86_64: Process 5302 attached [pid 5302] chdir("./118") = 0 [pid 5302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5302] setpgid(0, 0) = 0 [pid 5302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5302] write(3, "1000", 4) = 4 [pid 5302] close(3) = 0 [pid 5302] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5302] memfd_create("syzkaller", 0) = 3 [pid 5302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5302] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5302] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5302] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5302] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5302] close(3) = 0 [pid 5302] mkdir("./file0", 0777) = 0 [ 69.719580][ T5302] loop0: detected capacity change from 0 to 8192 [ 69.731914][ T5302] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.744953][ T5302] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 69.754445][ T5302] REISERFS (device loop0): using ordered data mode [ 69.761125][ T5302] reiserfs: using flush barriers [ 69.767019][ T5302] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.783648][ T5302] REISERFS (device loop0): checking transaction log (loop0) [pid 5302] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5302] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5302] chdir("./file0") = 0 [pid 5302] ioctl(4, LOOP_CLR_FD) = 0 [pid 5302] close(4) = 0 [pid 5302] creat("./bus", 000) = 4 [pid 5302] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5302] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5302] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5302] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5302] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5302] exit_group(0) = ? [pid 5302] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5302, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./118/binderfs") = 0 umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./118/file0") = 0 [ 69.818396][ T5302] REISERFS (device loop0): Using r5 hash to sort names [ 69.825513][ T5302] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./118") = 0 mkdir("./119", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5304 ./strace-static-x86_64: Process 5304 attached [pid 5304] chdir("./119") = 0 [pid 5304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5304] setpgid(0, 0) = 0 [pid 5304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5304] write(3, "1000", 4) = 4 [pid 5304] close(3) = 0 [pid 5304] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5304] memfd_create("syzkaller", 0) = 3 [pid 5304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5304] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5304] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5304] close(3) = 0 [pid 5304] mkdir("./file0", 0777) = 0 [ 69.927367][ T5304] loop0: detected capacity change from 0 to 8192 [ 69.936148][ T5304] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.949157][ T5304] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 69.958470][ T5304] REISERFS (device loop0): using ordered data mode [ 69.965044][ T5304] reiserfs: using flush barriers [ 69.970728][ T5304] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.987171][ T5304] REISERFS (device loop0): checking transaction log (loop0) [ 70.016654][ T5304] REISERFS (device loop0): Using r5 hash to sort names [pid 5304] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5304] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5304] chdir("./file0") = 0 [pid 5304] ioctl(4, LOOP_CLR_FD) = 0 [pid 5304] close(4) = 0 [pid 5304] creat("./bus", 000) = 4 [pid 5304] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5304] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5304] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5304] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5304] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5304] exit_group(0) = ? [pid 5304] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5304, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./119/binderfs") = 0 [ 70.023844][ T5304] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./119/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./119") = 0 mkdir("./120", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5306 ./strace-static-x86_64: Process 5306 attached [pid 5306] chdir("./120") = 0 [pid 5306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5306] setpgid(0, 0) = 0 [pid 5306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5306] write(3, "1000", 4) = 4 [pid 5306] close(3) = 0 [pid 5306] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5306] memfd_create("syzkaller", 0) = 3 [pid 5306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5306] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5306] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5306] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5306] close(3) = 0 [pid 5306] mkdir("./file0", 0777) = 0 [ 70.121560][ T5306] loop0: detected capacity change from 0 to 8192 [ 70.130561][ T5306] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.143619][ T5306] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 70.152884][ T5306] REISERFS (device loop0): using ordered data mode [ 70.159505][ T5306] reiserfs: using flush barriers [ 70.165092][ T5306] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.181586][ T5306] REISERFS (device loop0): checking transaction log (loop0) [pid 5306] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5306] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5306] chdir("./file0") = 0 [pid 5306] ioctl(4, LOOP_CLR_FD) = 0 [pid 5306] close(4) = 0 [pid 5306] creat("./bus", 000) = 4 [pid 5306] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5306] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5306] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5306] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5306] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5306] exit_group(0) = ? [pid 5306] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5306, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./120/binderfs") = 0 [ 70.215100][ T5306] REISERFS (device loop0): Using r5 hash to sort names [ 70.222165][ T5306] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./120/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./120") = 0 mkdir("./121", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5308 attached , child_tidptr=0x555556cf25d0) = 5308 [pid 5308] chdir("./121") = 0 [pid 5308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5308] setpgid(0, 0) = 0 [pid 5308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5308] write(3, "1000", 4) = 4 [pid 5308] close(3) = 0 [pid 5308] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5308] memfd_create("syzkaller", 0) = 3 [pid 5308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5308] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5308] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5308] close(3) = 0 [pid 5308] mkdir("./file0", 0777) = 0 [ 70.326175][ T5308] loop0: detected capacity change from 0 to 8192 [ 70.336205][ T5308] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.349406][ T5308] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 70.358616][ T5308] REISERFS (device loop0): using ordered data mode [ 70.365174][ T5308] reiserfs: using flush barriers [ 70.370807][ T5308] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.387251][ T5308] REISERFS (device loop0): checking transaction log (loop0) [pid 5308] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5308] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5308] chdir("./file0") = 0 [pid 5308] ioctl(4, LOOP_CLR_FD) = 0 [pid 5308] close(4) = 0 [pid 5308] creat("./bus", 000) = 4 [pid 5308] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5308] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5308] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5308] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5308] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5308] exit_group(0) = ? [pid 5308] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5308, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./121/binderfs") = 0 umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 70.421045][ T5308] REISERFS (device loop0): Using r5 hash to sort names [ 70.428420][ T5308] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./121/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./121") = 0 mkdir("./122", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5310 ./strace-static-x86_64: Process 5310 attached [pid 5310] chdir("./122") = 0 [pid 5310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5310] setpgid(0, 0) = 0 [pid 5310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5310] write(3, "1000", 4) = 4 [pid 5310] close(3) = 0 [pid 5310] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5310] memfd_create("syzkaller", 0) = 3 [pid 5310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [ 70.480646][ T893] cfg80211: failed to load regulatory.db [pid 5310] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5310] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5310] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5310] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5310] close(3) = 0 [pid 5310] mkdir("./file0", 0777) = 0 [ 70.560398][ T5310] loop0: detected capacity change from 0 to 8192 [ 70.570162][ T5310] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.583520][ T5310] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 70.593034][ T5310] REISERFS (device loop0): using ordered data mode [ 70.599910][ T5310] reiserfs: using flush barriers [ 70.605941][ T5310] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.622600][ T5310] REISERFS (device loop0): checking transaction log (loop0) [pid 5310] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5310] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5310] chdir("./file0") = 0 [pid 5310] ioctl(4, LOOP_CLR_FD) = 0 [pid 5310] close(4) = 0 [pid 5310] creat("./bus", 000) = 4 [pid 5310] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5310] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5310] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5310] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5310] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5310] exit_group(0) = ? [pid 5310] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5310, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./122/binderfs") = 0 [ 70.667058][ T5310] REISERFS (device loop0): Using r5 hash to sort names [ 70.674521][ T5310] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./122/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./122") = 0 mkdir("./123", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5313 ./strace-static-x86_64: Process 5313 attached [pid 5313] chdir("./123") = 0 [pid 5313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5313] setpgid(0, 0) = 0 [pid 5313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5313] write(3, "1000", 4) = 4 [pid 5313] close(3) = 0 [pid 5313] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5313] memfd_create("syzkaller", 0) = 3 [pid 5313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5313] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5313] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5313] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5313] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5313] close(3) = 0 [pid 5313] mkdir("./file0", 0777) = 0 [ 70.809447][ T5313] loop0: detected capacity change from 0 to 8192 [ 70.819321][ T5313] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.832680][ T5313] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 70.842182][ T5313] REISERFS (device loop0): using ordered data mode [ 70.849046][ T5313] reiserfs: using flush barriers [ 70.855126][ T5313] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.871892][ T5313] REISERFS (device loop0): checking transaction log (loop0) [pid 5313] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5313] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5313] chdir("./file0") = 0 [pid 5313] ioctl(4, LOOP_CLR_FD) = 0 [pid 5313] close(4) = 0 [pid 5313] creat("./bus", 000) = 4 [pid 5313] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5313] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5313] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5313] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5313] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5313] exit_group(0) = ? [pid 5313] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5313, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./123/binderfs") = 0 [ 70.909754][ T5313] REISERFS (device loop0): Using r5 hash to sort names [ 70.916940][ T5313] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./123/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./123") = 0 mkdir("./124", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5315 ./strace-static-x86_64: Process 5315 attached [pid 5315] chdir("./124") = 0 [pid 5315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5315] setpgid(0, 0) = 0 [pid 5315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5315] write(3, "1000", 4) = 4 [pid 5315] close(3) = 0 [pid 5315] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5315] memfd_create("syzkaller", 0) = 3 [pid 5315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5315] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5315] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5315] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5315] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5315] close(3) = 0 [pid 5315] mkdir("./file0", 0777) = 0 [ 71.015857][ T5315] loop0: detected capacity change from 0 to 8192 [ 71.025099][ T5315] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.038189][ T5315] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 71.047444][ T5315] REISERFS (device loop0): using ordered data mode [ 71.054024][ T5315] reiserfs: using flush barriers [ 71.059747][ T5315] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.076173][ T5315] REISERFS (device loop0): checking transaction log (loop0) [pid 5315] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5315] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5315] chdir("./file0") = 0 [pid 5315] ioctl(4, LOOP_CLR_FD) = 0 [pid 5315] close(4) = 0 [pid 5315] creat("./bus", 000) = 4 [pid 5315] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5315] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5315] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5315] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5315] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5315] exit_group(0) = ? [pid 5315] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5315, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./124/binderfs") = 0 umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./124/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 71.109797][ T5315] REISERFS (device loop0): Using r5 hash to sort names [ 71.116833][ T5315] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./124/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./124") = 0 mkdir("./125", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5317 ./strace-static-x86_64: Process 5317 attached [pid 5317] chdir("./125") = 0 [pid 5317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5317] setpgid(0, 0) = 0 [pid 5317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5317] write(3, "1000", 4) = 4 [pid 5317] close(3) = 0 [pid 5317] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5317] memfd_create("syzkaller", 0) = 3 [pid 5317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5317] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5317] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5317] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5317] close(3) = 0 [pid 5317] mkdir("./file0", 0777) = 0 [ 71.213600][ T5317] loop0: detected capacity change from 0 to 8192 [ 71.223769][ T5317] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.236876][ T5317] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 71.246129][ T5317] REISERFS (device loop0): using ordered data mode [ 71.252659][ T5317] reiserfs: using flush barriers [ 71.258251][ T5317] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.274649][ T5317] REISERFS (device loop0): checking transaction log (loop0) [pid 5317] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5317] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5317] chdir("./file0") = 0 [pid 5317] ioctl(4, LOOP_CLR_FD) = 0 [pid 5317] close(4) = 0 [pid 5317] creat("./bus", 000) = 4 [pid 5317] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5317] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5317] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5317] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5317] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5317] exit_group(0) = ? [pid 5317] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5317, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./125/binderfs") = 0 [ 71.308976][ T5317] REISERFS (device loop0): Using r5 hash to sort names [ 71.316096][ T5317] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./125/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./125/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./125") = 0 mkdir("./126", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5319 ./strace-static-x86_64: Process 5319 attached [pid 5319] chdir("./126") = 0 [pid 5319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5319] setpgid(0, 0) = 0 [pid 5319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5319] write(3, "1000", 4) = 4 [pid 5319] close(3) = 0 [pid 5319] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5319] memfd_create("syzkaller", 0) = 3 [pid 5319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5319] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5319] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5319] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5319] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5319] close(3) = 0 [pid 5319] mkdir("./file0", 0777) = 0 [ 71.429263][ T5319] loop0: detected capacity change from 0 to 8192 [ 71.438207][ T5319] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.451703][ T5319] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 71.461032][ T5319] REISERFS (device loop0): using ordered data mode [ 71.467558][ T5319] reiserfs: using flush barriers [ 71.473552][ T5319] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.489873][ T5319] REISERFS (device loop0): checking transaction log (loop0) [pid 5319] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5319] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5319] chdir("./file0") = 0 [pid 5319] ioctl(4, LOOP_CLR_FD) = 0 [pid 5319] close(4) = 0 [pid 5319] creat("./bus", 000) = 4 [pid 5319] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5319] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5319] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5319] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5319] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5319] exit_group(0) = ? [pid 5319] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5319, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./126/binderfs") = 0 [ 71.524772][ T5319] REISERFS (device loop0): Using r5 hash to sort names [ 71.531974][ T5319] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./126/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./126/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./126") = 0 mkdir("./127", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5321 ./strace-static-x86_64: Process 5321 attached [pid 5321] chdir("./127") = 0 [pid 5321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5321] setpgid(0, 0) = 0 [pid 5321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5321] write(3, "1000", 4) = 4 [pid 5321] close(3) = 0 [pid 5321] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5321] memfd_create("syzkaller", 0) = 3 [pid 5321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5321] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5321] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5321] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5321] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5321] close(3) = 0 [pid 5321] mkdir("./file0", 0777) = 0 [ 71.637220][ T5321] loop0: detected capacity change from 0 to 8192 [ 71.647092][ T5321] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.660307][ T5321] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 71.669593][ T5321] REISERFS (device loop0): using ordered data mode [ 71.676115][ T5321] reiserfs: using flush barriers [ 71.681818][ T5321] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.698339][ T5321] REISERFS (device loop0): checking transaction log (loop0) [pid 5321] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5321] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5321] chdir("./file0") = 0 [pid 5321] ioctl(4, LOOP_CLR_FD) = 0 [pid 5321] close(4) = 0 [pid 5321] creat("./bus", 000) = 4 [pid 5321] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5321] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5321] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5321] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5321] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5321] exit_group(0) = ? [pid 5321] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5321, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./127/binderfs") = 0 [ 71.733080][ T5321] REISERFS (device loop0): Using r5 hash to sort names [ 71.740241][ T5321] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./127/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./127") = 0 mkdir("./128", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5323 attached , child_tidptr=0x555556cf25d0) = 5323 [pid 5323] chdir("./128") = 0 [pid 5323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5323] setpgid(0, 0) = 0 [pid 5323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5323] write(3, "1000", 4) = 4 [pid 5323] close(3) = 0 [pid 5323] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5323] memfd_create("syzkaller", 0) = 3 [pid 5323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5323] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5323] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5323] close(3) = 0 [pid 5323] mkdir("./file0", 0777) = 0 [ 71.854353][ T5323] loop0: detected capacity change from 0 to 8192 [ 71.863584][ T5323] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.876670][ T5323] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 71.885949][ T5323] REISERFS (device loop0): using ordered data mode [ 71.892514][ T5323] reiserfs: using flush barriers [ 71.898096][ T5323] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.914589][ T5323] REISERFS (device loop0): checking transaction log (loop0) [pid 5323] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5323] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5323] chdir("./file0") = 0 [pid 5323] ioctl(4, LOOP_CLR_FD) = 0 [pid 5323] close(4) = 0 [pid 5323] creat("./bus", 000) = 4 [pid 5323] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5323] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5323] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5323] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5323] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5323] exit_group(0) = ? [pid 5323] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5323, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./128/binderfs") = 0 [ 71.948370][ T5323] REISERFS (device loop0): Using r5 hash to sort names [ 71.955477][ T5323] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./128/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./128") = 0 mkdir("./129", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5325 ./strace-static-x86_64: Process 5325 attached [pid 5325] chdir("./129") = 0 [pid 5325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5325] setpgid(0, 0) = 0 [pid 5325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5325] write(3, "1000", 4) = 4 [pid 5325] close(3) = 0 [pid 5325] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5325] memfd_create("syzkaller", 0) = 3 [pid 5325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5325] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5325] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5325] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5325] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5325] close(3) = 0 [pid 5325] mkdir("./file0", 0777) = 0 [ 72.064305][ T5325] loop0: detected capacity change from 0 to 8192 [ 72.074104][ T5325] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.087380][ T5325] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 72.096656][ T5325] REISERFS (device loop0): using ordered data mode [ 72.103199][ T5325] reiserfs: using flush barriers [ 72.108816][ T5325] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.125245][ T5325] REISERFS (device loop0): checking transaction log (loop0) [pid 5325] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5325] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5325] chdir("./file0") = 0 [pid 5325] ioctl(4, LOOP_CLR_FD) = 0 [pid 5325] close(4) = 0 [pid 5325] creat("./bus", 000) = 4 [pid 5325] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5325] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5325] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5325] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5325] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5325] exit_group(0) = ? [pid 5325] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5325, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./129/binderfs") = 0 umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 72.159675][ T5325] REISERFS (device loop0): Using r5 hash to sort names [ 72.166716][ T5325] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./129/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./129") = 0 mkdir("./130", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5327 ./strace-static-x86_64: Process 5327 attached [pid 5327] chdir("./130") = 0 [pid 5327] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5327] setpgid(0, 0) = 0 [pid 5327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5327] write(3, "1000", 4) = 4 [pid 5327] close(3) = 0 [pid 5327] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5327] memfd_create("syzkaller", 0) = 3 [pid 5327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5327] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5327] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5327] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5327] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5327] close(3) = 0 [pid 5327] mkdir("./file0", 0777) = 0 [ 72.272094][ T5327] loop0: detected capacity change from 0 to 8192 [ 72.281175][ T5327] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.294211][ T5327] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 72.303460][ T5327] REISERFS (device loop0): using ordered data mode [ 72.310007][ T5327] reiserfs: using flush barriers [ 72.315551][ T5327] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.331971][ T5327] REISERFS (device loop0): checking transaction log (loop0) [pid 5327] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5327] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5327] chdir("./file0") = 0 [pid 5327] ioctl(4, LOOP_CLR_FD) = 0 [pid 5327] close(4) = 0 [pid 5327] creat("./bus", 000) = 4 [pid 5327] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5327] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5327] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5327] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5327] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5327] exit_group(0) = ? [pid 5327] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5327, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./130/binderfs") = 0 umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 72.366605][ T5327] REISERFS (device loop0): Using r5 hash to sort names [ 72.373807][ T5327] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./130/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./130") = 0 mkdir("./131", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5329 ./strace-static-x86_64: Process 5329 attached [pid 5329] chdir("./131") = 0 [pid 5329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5329] setpgid(0, 0) = 0 [pid 5329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5329] write(3, "1000", 4) = 4 [pid 5329] close(3) = 0 [pid 5329] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5329] memfd_create("syzkaller", 0) = 3 [pid 5329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5329] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5329] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5329] close(3) = 0 [pid 5329] mkdir("./file0", 0777) = 0 [ 72.474387][ T5329] loop0: detected capacity change from 0 to 8192 [ 72.483470][ T5329] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.496541][ T5329] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 72.505846][ T5329] REISERFS (device loop0): using ordered data mode [ 72.512398][ T5329] reiserfs: using flush barriers [ 72.518278][ T5329] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.534669][ T5329] REISERFS (device loop0): checking transaction log (loop0) [pid 5329] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5329] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5329] chdir("./file0") = 0 [pid 5329] ioctl(4, LOOP_CLR_FD) = 0 [pid 5329] close(4) = 0 [pid 5329] creat("./bus", 000) = 4 [pid 5329] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5329] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5329] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5329] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5329] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5329] exit_group(0) = ? [pid 5329] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5329, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./131/binderfs") = 0 [ 72.569526][ T5329] REISERFS (device loop0): Using r5 hash to sort names [ 72.576573][ T5329] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./131/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./131/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./131") = 0 mkdir("./132", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5331 attached [pid 5331] chdir("./132") = 0 [pid 5331] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5331 [pid 5331] <... prctl resumed>) = 0 [pid 5331] setpgid(0, 0) = 0 [pid 5331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5331] write(3, "1000", 4) = 4 [pid 5331] close(3) = 0 [pid 5331] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5331] memfd_create("syzkaller", 0) = 3 [pid 5331] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5331] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5331] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5331] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5331] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5331] close(3) = 0 [pid 5331] mkdir("./file0", 0777) = 0 [ 72.690605][ T5331] loop0: detected capacity change from 0 to 8192 [ 72.700077][ T5331] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.713087][ T5331] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 72.722387][ T5331] REISERFS (device loop0): using ordered data mode [ 72.728967][ T5331] reiserfs: using flush barriers [ 72.734865][ T5331] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.751165][ T5331] REISERFS (device loop0): checking transaction log (loop0) [pid 5331] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5331] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5331] chdir("./file0") = 0 [pid 5331] ioctl(4, LOOP_CLR_FD) = 0 [pid 5331] close(4) = 0 [pid 5331] creat("./bus", 000) = 4 [pid 5331] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5331] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5331] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5331] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5331] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5331] exit_group(0) = ? [pid 5331] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5331, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./132/binderfs") = 0 [ 72.782886][ T5331] REISERFS (device loop0): Using r5 hash to sort names [ 72.790184][ T5331] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./132/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./132/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./132") = 0 mkdir("./133", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5333 ./strace-static-x86_64: Process 5333 attached [pid 5333] chdir("./133") = 0 [pid 5333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5333] setpgid(0, 0) = 0 [pid 5333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5333] write(3, "1000", 4) = 4 [pid 5333] close(3) = 0 [pid 5333] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5333] memfd_create("syzkaller", 0) = 3 [pid 5333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5333] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5333] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5333] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5333] close(3) = 0 [pid 5333] mkdir("./file0", 0777) = 0 [ 72.894817][ T5333] loop0: detected capacity change from 0 to 8192 [ 72.904272][ T5333] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.917430][ T5333] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 72.926835][ T5333] REISERFS (device loop0): using ordered data mode [ 72.933434][ T5333] reiserfs: using flush barriers [ 72.939196][ T5333] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.955840][ T5333] REISERFS (device loop0): checking transaction log (loop0) [pid 5333] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5333] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5333] chdir("./file0") = 0 [pid 5333] ioctl(4, LOOP_CLR_FD) = 0 [pid 5333] close(4) = 0 [pid 5333] creat("./bus", 000) = 4 [pid 5333] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5333] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5333] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5333] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5333] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5333] exit_group(0) = ? [pid 5333] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5333, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./133/binderfs") = 0 [ 72.991985][ T5333] REISERFS (device loop0): Using r5 hash to sort names [ 72.999223][ T5333] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./133/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./133/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./133") = 0 mkdir("./134", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5335 ./strace-static-x86_64: Process 5335 attached [pid 5335] chdir("./134") = 0 [pid 5335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5335] setpgid(0, 0) = 0 [pid 5335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5335] write(3, "1000", 4) = 4 [pid 5335] close(3) = 0 [pid 5335] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5335] memfd_create("syzkaller", 0) = 3 [pid 5335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5335] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5335] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5335] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5335] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5335] close(3) = 0 [pid 5335] mkdir("./file0", 0777) = 0 [ 73.116412][ T5335] loop0: detected capacity change from 0 to 8192 [ 73.125802][ T5335] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.138871][ T5335] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 73.148026][ T5335] REISERFS (device loop0): using ordered data mode [ 73.154577][ T5335] reiserfs: using flush barriers [ 73.160214][ T5335] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.176696][ T5335] REISERFS (device loop0): checking transaction log (loop0) [pid 5335] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5335] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5335] chdir("./file0") = 0 [pid 5335] ioctl(4, LOOP_CLR_FD) = 0 [pid 5335] close(4) = 0 [pid 5335] creat("./bus", 000) = 4 [pid 5335] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5335] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5335] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5335] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5335] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5335] exit_group(0) = ? [pid 5335] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5335, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./134/binderfs") = 0 umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 [ 73.207711][ T5335] REISERFS (device loop0): Using r5 hash to sort names [ 73.214945][ T5335] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(4) = 0 rmdir("./134/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./134") = 0 mkdir("./135", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5337 ./strace-static-x86_64: Process 5337 attached [pid 5337] chdir("./135") = 0 [pid 5337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5337] setpgid(0, 0) = 0 [pid 5337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5337] write(3, "1000", 4) = 4 [pid 5337] close(3) = 0 [pid 5337] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5337] memfd_create("syzkaller", 0) = 3 [pid 5337] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5337] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5337] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5337] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5337] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5337] close(3) = 0 [pid 5337] mkdir("./file0", 0777) = 0 [ 73.316274][ T5337] loop0: detected capacity change from 0 to 8192 [ 73.326178][ T5337] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.339245][ T5337] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 73.348442][ T5337] REISERFS (device loop0): using ordered data mode [ 73.355027][ T5337] reiserfs: using flush barriers [ 73.360740][ T5337] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.377195][ T5337] REISERFS (device loop0): checking transaction log (loop0) [pid 5337] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5337] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5337] chdir("./file0") = 0 [pid 5337] ioctl(4, LOOP_CLR_FD) = 0 [pid 5337] close(4) = 0 [pid 5337] creat("./bus", 000) = 4 [pid 5337] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5337] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5337] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5337] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5337] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5337] exit_group(0) = ? [pid 5337] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5337, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./135/binderfs") = 0 umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 73.407907][ T5337] REISERFS (device loop0): Using r5 hash to sort names [ 73.415192][ T5337] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./135/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./135") = 0 mkdir("./136", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5339 ./strace-static-x86_64: Process 5339 attached [pid 5339] chdir("./136") = 0 [pid 5339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5339] setpgid(0, 0) = 0 [pid 5339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5339] write(3, "1000", 4) = 4 [pid 5339] close(3) = 0 [pid 5339] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5339] memfd_create("syzkaller", 0) = 3 [pid 5339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5339] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5339] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5339] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5339] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5339] close(3) = 0 [pid 5339] mkdir("./file0", 0777) = 0 [ 73.519347][ T5339] loop0: detected capacity change from 0 to 8192 [ 73.528583][ T5339] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.541615][ T5339] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 73.550974][ T5339] REISERFS (device loop0): using ordered data mode [ 73.557484][ T5339] reiserfs: using flush barriers [ 73.563481][ T5339] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.579898][ T5339] REISERFS (device loop0): checking transaction log (loop0) [pid 5339] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5339] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5339] chdir("./file0") = 0 [pid 5339] ioctl(4, LOOP_CLR_FD) = 0 [pid 5339] close(4) = 0 [pid 5339] creat("./bus", 000) = 4 [pid 5339] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5339] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5339] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5339] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5339] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5339] exit_group(0) = ? [pid 5339] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5339, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./136/binderfs") = 0 [ 73.615321][ T5339] REISERFS (device loop0): Using r5 hash to sort names [ 73.622398][ T5339] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./136/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./136") = 0 mkdir("./137", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5341 ./strace-static-x86_64: Process 5341 attached [pid 5341] chdir("./137") = 0 [pid 5341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5341] setpgid(0, 0) = 0 [pid 5341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5341] write(3, "1000", 4) = 4 [pid 5341] close(3) = 0 [pid 5341] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5341] memfd_create("syzkaller", 0) = 3 [pid 5341] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5341] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5341] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5341] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5341] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5341] close(3) = 0 [pid 5341] mkdir("./file0", 0777) = 0 [ 73.753790][ T5341] loop0: detected capacity change from 0 to 8192 [ 73.762937][ T5341] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.776035][ T5341] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 73.785265][ T5341] REISERFS (device loop0): using ordered data mode [ 73.791814][ T5341] reiserfs: using flush barriers [ 73.797400][ T5341] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.813832][ T5341] REISERFS (device loop0): checking transaction log (loop0) [pid 5341] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5341] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5341] chdir("./file0") = 0 [pid 5341] ioctl(4, LOOP_CLR_FD) = 0 [pid 5341] close(4) = 0 [pid 5341] creat("./bus", 000) = 4 [pid 5341] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5341] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5341] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5341] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5341] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5341] exit_group(0) = ? [pid 5341] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5341, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./137/binderfs") = 0 [ 73.845474][ T5341] REISERFS (device loop0): Using r5 hash to sort names [ 73.852784][ T5341] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./137/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./137") = 0 mkdir("./138", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5343 ./strace-static-x86_64: Process 5343 attached [pid 5343] chdir("./138") = 0 [pid 5343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5343] setpgid(0, 0) = 0 [pid 5343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5343] write(3, "1000", 4) = 4 [pid 5343] close(3) = 0 [pid 5343] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5343] memfd_create("syzkaller", 0) = 3 [pid 5343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5343] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5343] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5343] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5343] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5343] close(3) = 0 [pid 5343] mkdir("./file0", 0777) = 0 [ 73.962861][ T5343] loop0: detected capacity change from 0 to 8192 [ 73.972322][ T5343] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.985693][ T5343] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 73.995061][ T5343] REISERFS (device loop0): using ordered data mode [ 74.001735][ T5343] reiserfs: using flush barriers [ 74.007822][ T5343] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.024187][ T5343] REISERFS (device loop0): checking transaction log (loop0) [pid 5343] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5343] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5343] chdir("./file0") = 0 [pid 5343] ioctl(4, LOOP_CLR_FD) = 0 [pid 5343] close(4) = 0 [pid 5343] creat("./bus", 000) = 4 [pid 5343] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5343] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5343] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5343] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5343] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5343] exit_group(0) = ? [pid 5343] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5343, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./138/binderfs") = 0 [ 74.054931][ T5343] REISERFS (device loop0): Using r5 hash to sort names [ 74.062125][ T5343] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./138/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./138/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./138") = 0 mkdir("./139", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5345 ./strace-static-x86_64: Process 5345 attached [pid 5345] chdir("./139") = 0 [pid 5345] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5345] setpgid(0, 0) = 0 [pid 5345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5345] write(3, "1000", 4) = 4 [pid 5345] close(3) = 0 [pid 5345] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5345] memfd_create("syzkaller", 0) = 3 [pid 5345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5345] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5345] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5345] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5345] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5345] close(3) = 0 [pid 5345] mkdir("./file0", 0777) = 0 [ 74.171729][ T5345] loop0: detected capacity change from 0 to 8192 [ 74.181254][ T5345] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.194416][ T5345] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 74.204132][ T5345] REISERFS (device loop0): using ordered data mode [ 74.210731][ T5345] reiserfs: using flush barriers [ 74.216393][ T5345] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.233014][ T5345] REISERFS (device loop0): checking transaction log (loop0) [pid 5345] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5345] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5345] chdir("./file0") = 0 [pid 5345] ioctl(4, LOOP_CLR_FD) = 0 [pid 5345] close(4) = 0 [pid 5345] creat("./bus", 000) = 4 [pid 5345] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5345] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5345] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5345] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5345] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5345] exit_group(0) = ? [pid 5345] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5345, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./139/binderfs") = 0 [ 74.269813][ T5345] REISERFS (device loop0): Using r5 hash to sort names [ 74.276879][ T5345] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./139/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./139/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./139") = 0 mkdir("./140", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5347 ./strace-static-x86_64: Process 5347 attached [pid 5347] chdir("./140") = 0 [pid 5347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5347] setpgid(0, 0) = 0 [pid 5347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5347] write(3, "1000", 4) = 4 [pid 5347] close(3) = 0 [pid 5347] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5347] memfd_create("syzkaller", 0) = 3 [pid 5347] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5347] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5347] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5347] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5347] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5347] close(3) = 0 [pid 5347] mkdir("./file0", 0777) = 0 [ 74.391220][ T5347] loop0: detected capacity change from 0 to 8192 [ 74.401399][ T5347] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.414710][ T5347] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 74.423995][ T5347] REISERFS (device loop0): using ordered data mode [ 74.430624][ T5347] reiserfs: using flush barriers [ 74.436492][ T5347] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.453144][ T5347] REISERFS (device loop0): checking transaction log (loop0) [pid 5347] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5347] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5347] chdir("./file0") = 0 [pid 5347] ioctl(4, LOOP_CLR_FD) = 0 [pid 5347] close(4) = 0 [pid 5347] creat("./bus", 000) = 4 [pid 5347] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5347] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5347] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5347] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5347] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5347] exit_group(0) = ? [pid 5347] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5347, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./140/binderfs") = 0 [ 74.490417][ T5347] REISERFS (device loop0): Using r5 hash to sort names [ 74.497478][ T5347] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./140/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./140/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./140") = 0 mkdir("./141", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5349 attached , child_tidptr=0x555556cf25d0) = 5349 [pid 5349] chdir("./141") = 0 [pid 5349] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5349] setpgid(0, 0) = 0 [pid 5349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5349] write(3, "1000", 4) = 4 [pid 5349] close(3) = 0 [pid 5349] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5349] memfd_create("syzkaller", 0) = 3 [pid 5349] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5349] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5349] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5349] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5349] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5349] close(3) = 0 [pid 5349] mkdir("./file0", 0777) = 0 [ 74.614446][ T5349] loop0: detected capacity change from 0 to 8192 [ 74.624155][ T5349] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.637336][ T5349] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 74.646779][ T5349] REISERFS (device loop0): using ordered data mode [ 74.653434][ T5349] reiserfs: using flush barriers [ 74.659482][ T5349] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.675844][ T5349] REISERFS (device loop0): checking transaction log (loop0) [pid 5349] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5349] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5349] chdir("./file0") = 0 [pid 5349] ioctl(4, LOOP_CLR_FD) = 0 [pid 5349] close(4) = 0 [pid 5349] creat("./bus", 000) = 4 [pid 5349] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5349] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5349] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5349] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5349] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5349] exit_group(0) = ? [pid 5349] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5349, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./141/binderfs") = 0 umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./141/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 74.713378][ T5349] REISERFS (device loop0): Using r5 hash to sort names [ 74.720745][ T5349] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./141/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./141") = 0 mkdir("./142", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5351 ./strace-static-x86_64: Process 5351 attached [pid 5351] chdir("./142") = 0 [pid 5351] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5351] setpgid(0, 0) = 0 [pid 5351] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5351] write(3, "1000", 4) = 4 [pid 5351] close(3) = 0 [pid 5351] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5351] memfd_create("syzkaller", 0) = 3 [pid 5351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5351] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5351] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5351] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5351] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5351] close(3) = 0 [pid 5351] mkdir("./file0", 0777) = 0 [ 74.821207][ T5351] loop0: detected capacity change from 0 to 8192 [ 74.830883][ T5351] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.844019][ T5351] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 74.853312][ T5351] REISERFS (device loop0): using ordered data mode [ 74.859897][ T5351] reiserfs: using flush barriers [ 74.865529][ T5351] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.881978][ T5351] REISERFS (device loop0): checking transaction log (loop0) [pid 5351] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5351] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5351] chdir("./file0") = 0 [pid 5351] ioctl(4, LOOP_CLR_FD) = 0 [pid 5351] close(4) = 0 [pid 5351] creat("./bus", 000) = 4 [pid 5351] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5351] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5351] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5351] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5351] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5351] exit_group(0) = ? [pid 5351] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5351, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./142/binderfs") = 0 umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 74.913729][ T5351] REISERFS (device loop0): Using r5 hash to sort names [ 74.921153][ T5351] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. lstat("./142/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./142/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./142") = 0 mkdir("./143", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5353 ./strace-static-x86_64: Process 5353 attached [pid 5353] chdir("./143") = 0 [pid 5353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5353] setpgid(0, 0) = 0 [pid 5353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5353] write(3, "1000", 4) = 4 [pid 5353] close(3) = 0 [pid 5353] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5353] memfd_create("syzkaller", 0) = 3 [pid 5353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5353] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5353] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5353] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5353] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5353] close(3) = 0 [pid 5353] mkdir("./file0", 0777) = 0 [ 75.026564][ T5353] loop0: detected capacity change from 0 to 8192 [ 75.036026][ T5353] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.049045][ T5353] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 75.058266][ T5353] REISERFS (device loop0): using ordered data mode [ 75.066104][ T5353] reiserfs: using flush barriers [ 75.071759][ T5353] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.088202][ T5353] REISERFS (device loop0): checking transaction log (loop0) [pid 5353] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5353] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5353] chdir("./file0") = 0 [pid 5353] ioctl(4, LOOP_CLR_FD) = 0 [pid 5353] close(4) = 0 [pid 5353] creat("./bus", 000) = 4 [pid 5353] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5353] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5353] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5353] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5353] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5353] exit_group(0) = ? [pid 5353] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5353, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./143/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./143/binderfs") = 0 [ 75.119722][ T5353] REISERFS (device loop0): Using r5 hash to sort names [ 75.126796][ T5353] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./143/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./143/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./143") = 0 mkdir("./144", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5355 attached , child_tidptr=0x555556cf25d0) = 5355 [pid 5355] chdir("./144") = 0 [pid 5355] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5355] setpgid(0, 0) = 0 [pid 5355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5355] write(3, "1000", 4) = 4 [pid 5355] close(3) = 0 [pid 5355] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5355] memfd_create("syzkaller", 0) = 3 [pid 5355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5355] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5355] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5355] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5355] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5355] close(3) = 0 [pid 5355] mkdir("./file0", 0777) = 0 [ 75.237235][ T5355] loop0: detected capacity change from 0 to 8192 [ 75.247496][ T5355] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.260793][ T5355] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 75.270082][ T5355] REISERFS (device loop0): using ordered data mode [ 75.276592][ T5355] reiserfs: using flush barriers [ 75.282418][ T5355] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.298730][ T5355] REISERFS (device loop0): checking transaction log (loop0) [pid 5355] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5355] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5355] chdir("./file0") = 0 [pid 5355] ioctl(4, LOOP_CLR_FD) = 0 [pid 5355] close(4) = 0 [pid 5355] creat("./bus", 000) = 4 [pid 5355] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5355] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5355] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5355] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5355] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5355] exit_group(0) = ? [pid 5355] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5355, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./144/binderfs") = 0 [ 75.329675][ T5355] REISERFS (device loop0): Using r5 hash to sort names [ 75.336718][ T5355] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./144/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./144/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./144") = 0 mkdir("./145", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5357 attached , child_tidptr=0x555556cf25d0) = 5357 [pid 5357] chdir("./145") = 0 [pid 5357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5357] setpgid(0, 0) = 0 [pid 5357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5357] write(3, "1000", 4) = 4 [pid 5357] close(3) = 0 [pid 5357] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5357] memfd_create("syzkaller", 0) = 3 [pid 5357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5357] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5357] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5357] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5357] close(3) = 0 [pid 5357] mkdir("./file0", 0777) = 0 [ 75.443462][ T5357] loop0: detected capacity change from 0 to 8192 [ 75.452806][ T5357] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.466200][ T5357] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 75.475965][ T5357] REISERFS (device loop0): using ordered data mode [ 75.482613][ T5357] reiserfs: using flush barriers [ 75.488253][ T5357] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.504715][ T5357] REISERFS (device loop0): checking transaction log (loop0) [pid 5357] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5357] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5357] chdir("./file0") = 0 [pid 5357] ioctl(4, LOOP_CLR_FD) = 0 [pid 5357] close(4) = 0 [pid 5357] creat("./bus", 000) = 4 [pid 5357] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5357] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5357] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5357] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5357] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5357] exit_group(0) = ? [pid 5357] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5357, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./145/binderfs") = 0 umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./145/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 75.541467][ T5357] REISERFS (device loop0): Using r5 hash to sort names [ 75.548535][ T5357] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./145/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./145") = 0 mkdir("./146", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5359 attached , child_tidptr=0x555556cf25d0) = 5359 [pid 5359] chdir("./146") = 0 [pid 5359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5359] setpgid(0, 0) = 0 [pid 5359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5359] write(3, "1000", 4) = 4 [pid 5359] close(3) = 0 [pid 5359] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5359] memfd_create("syzkaller", 0) = 3 [pid 5359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5359] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5359] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5359] close(3) = 0 [pid 5359] mkdir("./file0", 0777) = 0 [ 75.657288][ T5359] loop0: detected capacity change from 0 to 8192 [ 75.666855][ T5359] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.679989][ T5359] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 75.689277][ T5359] REISERFS (device loop0): using ordered data mode [ 75.695795][ T5359] reiserfs: using flush barriers [ 75.701596][ T5359] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.718191][ T5359] REISERFS (device loop0): checking transaction log (loop0) [pid 5359] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5359] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5359] chdir("./file0") = 0 [pid 5359] ioctl(4, LOOP_CLR_FD) = 0 [pid 5359] close(4) = 0 [pid 5359] creat("./bus", 000) = 4 [pid 5359] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5359] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5359] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5359] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5359] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5359] exit_group(0) = ? [pid 5359] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5359, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./146/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./146/binderfs") = 0 [ 75.754610][ T5359] REISERFS (device loop0): Using r5 hash to sort names [ 75.761981][ T5359] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./146/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./146/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./146") = 0 mkdir("./147", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5361 ./strace-static-x86_64: Process 5361 attached [pid 5361] chdir("./147") = 0 [pid 5361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5361] setpgid(0, 0) = 0 [pid 5361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5361] write(3, "1000", 4) = 4 [pid 5361] close(3) = 0 [pid 5361] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5361] memfd_create("syzkaller", 0) = 3 [pid 5361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5361] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5361] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5361] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5361] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5361] close(3) = 0 [pid 5361] mkdir("./file0", 0777) = 0 [ 75.876288][ T5361] loop0: detected capacity change from 0 to 8192 [ 75.885595][ T5361] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.898881][ T5361] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 75.908064][ T5361] REISERFS (device loop0): using ordered data mode [ 75.914994][ T5361] reiserfs: using flush barriers [ 75.920703][ T5361] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.937230][ T5361] REISERFS (device loop0): checking transaction log (loop0) [pid 5361] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5361] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5361] chdir("./file0") = 0 [pid 5361] ioctl(4, LOOP_CLR_FD) = 0 [pid 5361] close(4) = 0 [pid 5361] creat("./bus", 000) = 4 [pid 5361] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5361] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5361] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5361] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5361] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5361] exit_group(0) = ? [pid 5361] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5361, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./147/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./147/binderfs") = 0 umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./147/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 75.968611][ T5361] REISERFS (device loop0): Using r5 hash to sort names [ 75.975719][ T5361] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./147/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./147") = 0 mkdir("./148", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5363 ./strace-static-x86_64: Process 5363 attached [pid 5363] chdir("./148") = 0 [pid 5363] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5363] setpgid(0, 0) = 0 [pid 5363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5363] write(3, "1000", 4) = 4 [pid 5363] close(3) = 0 [pid 5363] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5363] memfd_create("syzkaller", 0) = 3 [pid 5363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5363] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5363] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5363] close(3) = 0 [pid 5363] mkdir("./file0", 0777) = 0 [ 76.076622][ T5363] loop0: detected capacity change from 0 to 8192 [ 76.086144][ T5363] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.099341][ T5363] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 76.108519][ T5363] REISERFS (device loop0): using ordered data mode [ 76.115074][ T5363] reiserfs: using flush barriers [ 76.120913][ T5363] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.137311][ T5363] REISERFS (device loop0): checking transaction log (loop0) [ 76.166765][ T5363] REISERFS (device loop0): Using r5 hash to sort names [pid 5363] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5363] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5363] chdir("./file0") = 0 [pid 5363] ioctl(4, LOOP_CLR_FD) = 0 [pid 5363] close(4) = 0 [pid 5363] creat("./bus", 000) = 4 [pid 5363] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5363] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5363] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5363] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5363] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5363] exit_group(0) = ? [pid 5363] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5363, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./148/binderfs") = 0 umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./148/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 76.173847][ T5363] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./148/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./148") = 0 mkdir("./149", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5365 ./strace-static-x86_64: Process 5365 attached [pid 5365] chdir("./149") = 0 [pid 5365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5365] setpgid(0, 0) = 0 [pid 5365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5365] write(3, "1000", 4) = 4 [pid 5365] close(3) = 0 [pid 5365] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5365] memfd_create("syzkaller", 0) = 3 [pid 5365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5365] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5365] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5365] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5365] close(3) = 0 [pid 5365] mkdir("./file0", 0777) = 0 [ 76.283982][ T5365] loop0: detected capacity change from 0 to 8192 [ 76.293110][ T5365] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.306153][ T5365] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 76.315412][ T5365] REISERFS (device loop0): using ordered data mode [ 76.321972][ T5365] reiserfs: using flush barriers [ 76.327858][ T5365] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.344303][ T5365] REISERFS (device loop0): checking transaction log (loop0) [pid 5365] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5365] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5365] chdir("./file0") = 0 [pid 5365] ioctl(4, LOOP_CLR_FD) = 0 [pid 5365] close(4) = 0 [pid 5365] creat("./bus", 000) = 4 [pid 5365] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5365] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5365] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5365] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5365] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5365] exit_group(0) = ? [pid 5365] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5365, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./149/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./149/binderfs") = 0 [ 76.375224][ T5365] REISERFS (device loop0): Using r5 hash to sort names [ 76.382447][ T5365] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./149/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./149/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./149") = 0 mkdir("./150", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5367 ./strace-static-x86_64: Process 5367 attached [pid 5367] chdir("./150") = 0 [pid 5367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5367] setpgid(0, 0) = 0 [pid 5367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5367] write(3, "1000", 4) = 4 [pid 5367] close(3) = 0 [pid 5367] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5367] memfd_create("syzkaller", 0) = 3 [pid 5367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5367] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5367] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5367] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5367] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5367] close(3) = 0 [pid 5367] mkdir("./file0", 0777) = 0 [ 76.489759][ T5367] loop0: detected capacity change from 0 to 8192 [ 76.499654][ T5367] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.512782][ T5367] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 76.522074][ T5367] REISERFS (device loop0): using ordered data mode [ 76.528602][ T5367] reiserfs: using flush barriers [ 76.534786][ T5367] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.551105][ T5367] REISERFS (device loop0): checking transaction log (loop0) [pid 5367] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5367] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5367] chdir("./file0") = 0 [pid 5367] ioctl(4, LOOP_CLR_FD) = 0 [pid 5367] close(4) = 0 [pid 5367] creat("./bus", 000) = 4 [pid 5367] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5367] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5367] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5367] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5367] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5367] exit_group(0) = ? [pid 5367] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5367, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./150/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./150/binderfs") = 0 [ 76.588023][ T5367] REISERFS (device loop0): Using r5 hash to sort names [ 76.595208][ T5367] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./150/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./150/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./150") = 0 mkdir("./151", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5369 ./strace-static-x86_64: Process 5369 attached [pid 5369] chdir("./151") = 0 [pid 5369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5369] setpgid(0, 0) = 0 [pid 5369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5369] write(3, "1000", 4) = 4 [pid 5369] close(3) = 0 [pid 5369] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5369] memfd_create("syzkaller", 0) = 3 [pid 5369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5369] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5369] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5369] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5369] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5369] close(3) = 0 [pid 5369] mkdir("./file0", 0777) = 0 [ 76.697244][ T5369] loop0: detected capacity change from 0 to 8192 [ 76.707171][ T5369] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.720364][ T5369] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 76.729671][ T5369] REISERFS (device loop0): using ordered data mode [ 76.736271][ T5369] reiserfs: using flush barriers [ 76.742477][ T5369] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.759306][ T5369] REISERFS (device loop0): checking transaction log (loop0) [pid 5369] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5369] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5369] chdir("./file0") = 0 [pid 5369] ioctl(4, LOOP_CLR_FD) = 0 [pid 5369] close(4) = 0 [pid 5369] creat("./bus", 000) = 4 [pid 5369] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5369] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5369] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5369] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5369] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5369] exit_group(0) = ? [pid 5369] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5369, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./151/binderfs") = 0 [ 76.794508][ T5369] REISERFS (device loop0): Using r5 hash to sort names [ 76.801629][ T5369] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./151/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./151/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./151") = 0 mkdir("./152", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5371 ./strace-static-x86_64: Process 5371 attached [pid 5371] chdir("./152") = 0 [pid 5371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5371] setpgid(0, 0) = 0 [pid 5371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5371] write(3, "1000", 4) = 4 [pid 5371] close(3) = 0 [pid 5371] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5371] memfd_create("syzkaller", 0) = 3 [pid 5371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5371] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5371] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5371] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5371] close(3) = 0 [pid 5371] mkdir("./file0", 0777) = 0 [ 76.910597][ T5371] loop0: detected capacity change from 0 to 8192 [ 76.921194][ T5371] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.934425][ T5371] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 76.943716][ T5371] REISERFS (device loop0): using ordered data mode [ 76.950279][ T5371] reiserfs: using flush barriers [ 76.955930][ T5371] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.972458][ T5371] REISERFS (device loop0): checking transaction log (loop0) [pid 5371] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5371] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5371] chdir("./file0") = 0 [pid 5371] ioctl(4, LOOP_CLR_FD) = 0 [pid 5371] close(4) = 0 [pid 5371] creat("./bus", 000) = 4 [pid 5371] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5371] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5371] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5371] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5371] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5371] exit_group(0) = ? [pid 5371] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5371, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./152/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./152/binderfs") = 0 umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./152/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./152/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 [ 77.009122][ T5371] REISERFS (device loop0): Using r5 hash to sort names [ 77.016188][ T5371] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 rmdir("./152") = 0 mkdir("./153", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5373 attached , child_tidptr=0x555556cf25d0) = 5373 [pid 5373] chdir("./153") = 0 [pid 5373] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5373] setpgid(0, 0) = 0 [pid 5373] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5373] write(3, "1000", 4) = 4 [pid 5373] close(3) = 0 [pid 5373] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5373] memfd_create("syzkaller", 0) = 3 [pid 5373] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5373] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5373] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5373] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5373] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5373] close(3) = 0 [pid 5373] mkdir("./file0", 0777) = 0 [ 77.112840][ T5373] loop0: detected capacity change from 0 to 8192 [ 77.122339][ T5373] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.135576][ T5373] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 77.144805][ T5373] REISERFS (device loop0): using ordered data mode [ 77.151381][ T5373] reiserfs: using flush barriers [ 77.157067][ T5373] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.173486][ T5373] REISERFS (device loop0): checking transaction log (loop0) [pid 5373] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5373] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5373] chdir("./file0") = 0 [pid 5373] ioctl(4, LOOP_CLR_FD) = 0 [pid 5373] close(4) = 0 [pid 5373] creat("./bus", 000) = 4 [pid 5373] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5373] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5373] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5373] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5373] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5373] exit_group(0) = ? [pid 5373] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5373, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./153/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./153/binderfs") = 0 [ 77.204500][ T5373] REISERFS (device loop0): Using r5 hash to sort names [ 77.211647][ T5373] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./153/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./153/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./153") = 0 mkdir("./154", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5375 ./strace-static-x86_64: Process 5375 attached [pid 5375] chdir("./154") = 0 [pid 5375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5375] setpgid(0, 0) = 0 [pid 5375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5375] write(3, "1000", 4) = 4 [pid 5375] close(3) = 0 [pid 5375] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5375] memfd_create("syzkaller", 0) = 3 [pid 5375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5375] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5375] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5375] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5375] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5375] close(3) = 0 [pid 5375] mkdir("./file0", 0777) = 0 [ 77.316035][ T5375] loop0: detected capacity change from 0 to 8192 [ 77.325585][ T5375] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.338678][ T5375] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 77.348084][ T5375] REISERFS (device loop0): using ordered data mode [ 77.354712][ T5375] reiserfs: using flush barriers [ 77.360941][ T5375] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.377337][ T5375] REISERFS (device loop0): checking transaction log (loop0) [pid 5375] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5375] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5375] chdir("./file0") = 0 [pid 5375] ioctl(4, LOOP_CLR_FD) = 0 [pid 5375] close(4) = 0 [pid 5375] creat("./bus", 000) = 4 [pid 5375] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5375] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5375] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5375] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5375] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5375] exit_group(0) = ? [pid 5375] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5375, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./154/binderfs") = 0 umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./154/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 77.413047][ T5375] REISERFS (device loop0): Using r5 hash to sort names [ 77.420372][ T5375] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./154/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./154") = 0 mkdir("./155", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5377 attached , child_tidptr=0x555556cf25d0) = 5377 [pid 5377] chdir("./155") = 0 [pid 5377] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5377] setpgid(0, 0) = 0 [pid 5377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5377] write(3, "1000", 4) = 4 [pid 5377] close(3) = 0 [pid 5377] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5377] memfd_create("syzkaller", 0) = 3 [pid 5377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5377] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5377] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5377] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5377] close(3) = 0 [pid 5377] mkdir("./file0", 0777) = 0 [ 77.523761][ T5377] loop0: detected capacity change from 0 to 8192 [ 77.533757][ T5377] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.546801][ T5377] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 77.556110][ T5377] REISERFS (device loop0): using ordered data mode [ 77.562715][ T5377] reiserfs: using flush barriers [ 77.568389][ T5377] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.585057][ T5377] REISERFS (device loop0): checking transaction log (loop0) [pid 5377] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5377] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5377] chdir("./file0") = 0 [pid 5377] ioctl(4, LOOP_CLR_FD) = 0 [pid 5377] close(4) = 0 [pid 5377] creat("./bus", 000) = 4 [pid 5377] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5377] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5377] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5377] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5377] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5377] exit_group(0) = ? [pid 5377] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5377, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./155/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./155/binderfs") = 0 umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./155/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./155/file0") = 0 [ 77.615464][ T5377] REISERFS (device loop0): Using r5 hash to sort names [ 77.622568][ T5377] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./155") = 0 mkdir("./156", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5379 ./strace-static-x86_64: Process 5379 attached [pid 5379] chdir("./156") = 0 [pid 5379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5379] setpgid(0, 0) = 0 [pid 5379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5379] write(3, "1000", 4) = 4 [pid 5379] close(3) = 0 [pid 5379] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5379] memfd_create("syzkaller", 0) = 3 [pid 5379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5379] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5379] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5379] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5379] close(3) = 0 [pid 5379] mkdir("./file0", 0777) = 0 [ 77.727708][ T5379] loop0: detected capacity change from 0 to 8192 [ 77.737014][ T5379] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.750107][ T5379] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 77.759337][ T5379] REISERFS (device loop0): using ordered data mode [ 77.765837][ T5379] reiserfs: using flush barriers [ 77.771765][ T5379] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.788226][ T5379] REISERFS (device loop0): checking transaction log (loop0) [pid 5379] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5379] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5379] chdir("./file0") = 0 [pid 5379] ioctl(4, LOOP_CLR_FD) = 0 [pid 5379] close(4) = 0 [pid 5379] creat("./bus", 000) = 4 [pid 5379] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5379] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5379] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5379] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5379] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5379] exit_group(0) = ? [pid 5379] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5379, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./156", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./156", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./156/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./156/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./156/binderfs") = 0 [ 77.824241][ T5379] REISERFS (device loop0): Using r5 hash to sort names [ 77.831420][ T5379] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./156/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./156/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./156/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./156") = 0 mkdir("./157", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5381 ./strace-static-x86_64: Process 5381 attached [pid 5381] chdir("./157") = 0 [pid 5381] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5381] setpgid(0, 0) = 0 [pid 5381] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5381] write(3, "1000", 4) = 4 [pid 5381] close(3) = 0 [pid 5381] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5381] memfd_create("syzkaller", 0) = 3 [pid 5381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5381] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5381] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5381] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5381] close(3) = 0 [pid 5381] mkdir("./file0", 0777) = 0 [ 77.937494][ T5381] loop0: detected capacity change from 0 to 8192 [ 77.946854][ T5381] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.960082][ T5381] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 77.969364][ T5381] REISERFS (device loop0): using ordered data mode [ 77.975878][ T5381] reiserfs: using flush barriers [ 77.981746][ T5381] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.998237][ T5381] REISERFS (device loop0): checking transaction log (loop0) [pid 5381] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5381] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5381] chdir("./file0") = 0 [pid 5381] ioctl(4, LOOP_CLR_FD) = 0 [pid 5381] close(4) = 0 [pid 5381] creat("./bus", 000) = 4 [pid 5381] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5381] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5381] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5381] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5381] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5381] exit_group(0) = ? [pid 5381] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5381, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./157", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./157", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./157/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./157/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./157/binderfs") = 0 umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 78.037121][ T5381] REISERFS (device loop0): Using r5 hash to sort names [ 78.044368][ T5381] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. lstat("./157/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./157/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./157/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./157") = 0 mkdir("./158", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5383 ./strace-static-x86_64: Process 5383 attached [pid 5383] chdir("./158") = 0 [pid 5383] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5383] setpgid(0, 0) = 0 [pid 5383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5383] write(3, "1000", 4) = 4 [pid 5383] close(3) = 0 [pid 5383] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5383] memfd_create("syzkaller", 0) = 3 [pid 5383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5383] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5383] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5383] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5383] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5383] close(3) = 0 [pid 5383] mkdir("./file0", 0777) = 0 [ 78.144321][ T5383] loop0: detected capacity change from 0 to 8192 [ 78.153327][ T5383] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.166745][ T5383] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 78.176002][ T5383] REISERFS (device loop0): using ordered data mode [ 78.182593][ T5383] reiserfs: using flush barriers [ 78.188515][ T5383] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.204926][ T5383] REISERFS (device loop0): checking transaction log (loop0) [pid 5383] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5383] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5383] chdir("./file0") = 0 [pid 5383] ioctl(4, LOOP_CLR_FD) = 0 [pid 5383] close(4) = 0 [pid 5383] creat("./bus", 000) = 4 [pid 5383] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5383] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5383] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5383] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5383] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5383] exit_group(0) = ? [pid 5383] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5383, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./158", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./158", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./158/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./158/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./158/binderfs") = 0 umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./158/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./158/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./158/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./158") = 0 [ 78.241601][ T5383] REISERFS (device loop0): Using r5 hash to sort names [ 78.248873][ T5383] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. mkdir("./159", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5385 ./strace-static-x86_64: Process 5385 attached [pid 5385] chdir("./159") = 0 [pid 5385] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5385] setpgid(0, 0) = 0 [pid 5385] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5385] write(3, "1000", 4) = 4 [pid 5385] close(3) = 0 [pid 5385] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5385] memfd_create("syzkaller", 0) = 3 [pid 5385] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5385] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5385] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5385] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5385] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5385] close(3) = 0 [pid 5385] mkdir("./file0", 0777) = 0 [ 78.349510][ T5385] loop0: detected capacity change from 0 to 8192 [ 78.359151][ T5385] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.372165][ T5385] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 78.381463][ T5385] REISERFS (device loop0): using ordered data mode [ 78.387984][ T5385] reiserfs: using flush barriers [ 78.394003][ T5385] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.410730][ T5385] REISERFS (device loop0): checking transaction log (loop0) [pid 5385] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5385] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5385] chdir("./file0") = 0 [pid 5385] ioctl(4, LOOP_CLR_FD) = 0 [pid 5385] close(4) = 0 [pid 5385] creat("./bus", 000) = 4 [pid 5385] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5385] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5385] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5385] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5385] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5385] exit_group(0) = ? [pid 5385] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5385, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./159", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./159", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./159/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./159/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./159/binderfs") = 0 [ 78.447445][ T5385] REISERFS (device loop0): Using r5 hash to sort names [ 78.454647][ T5385] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./159/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./159/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./159/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./159") = 0 mkdir("./160", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5387 ./strace-static-x86_64: Process 5387 attached [pid 5387] chdir("./160") = 0 [pid 5387] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5387] setpgid(0, 0) = 0 [pid 5387] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5387] write(3, "1000", 4) = 4 [pid 5387] close(3) = 0 [pid 5387] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5387] memfd_create("syzkaller", 0) = 3 [pid 5387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5387] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5387] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5387] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5387] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5387] close(3) = 0 [pid 5387] mkdir("./file0", 0777) = 0 [ 78.575770][ T5387] loop0: detected capacity change from 0 to 8192 [ 78.586466][ T5387] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.599771][ T5387] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 78.609068][ T5387] REISERFS (device loop0): using ordered data mode [ 78.615585][ T5387] reiserfs: using flush barriers [ 78.621335][ T5387] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.638037][ T5387] REISERFS (device loop0): checking transaction log (loop0) [pid 5387] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5387] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5387] chdir("./file0") = 0 [pid 5387] ioctl(4, LOOP_CLR_FD) = 0 [pid 5387] close(4) = 0 [pid 5387] creat("./bus", 000) = 4 [pid 5387] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5387] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5387] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5387] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5387] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5387] exit_group(0) = ? [pid 5387] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5387, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./160", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./160", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./160/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./160/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./160/binderfs") = 0 [ 78.668396][ T5387] REISERFS (device loop0): Using r5 hash to sort names [ 78.675498][ T5387] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./160/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./160/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./160/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./160") = 0 mkdir("./161", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5389 ./strace-static-x86_64: Process 5389 attached [pid 5389] chdir("./161") = 0 [pid 5389] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5389] setpgid(0, 0) = 0 [pid 5389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5389] write(3, "1000", 4) = 4 [pid 5389] close(3) = 0 [pid 5389] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5389] memfd_create("syzkaller", 0) = 3 [pid 5389] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5389] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5389] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5389] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5389] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5389] close(3) = 0 [pid 5389] mkdir("./file0", 0777) = 0 [ 78.783386][ T5389] loop0: detected capacity change from 0 to 8192 [ 78.792971][ T5389] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.806175][ T5389] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 78.815423][ T5389] REISERFS (device loop0): using ordered data mode [ 78.821983][ T5389] reiserfs: using flush barriers [ 78.827640][ T5389] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.844078][ T5389] REISERFS (device loop0): checking transaction log (loop0) [pid 5389] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5389] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5389] chdir("./file0") = 0 [pid 5389] ioctl(4, LOOP_CLR_FD) = 0 [pid 5389] close(4) = 0 [pid 5389] creat("./bus", 000) = 4 [pid 5389] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5389] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5389] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5389] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5389] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5389] exit_group(0) = ? [pid 5389] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5389, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./161", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./161", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./161/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./161/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./161/binderfs") = 0 [ 78.880182][ T5389] REISERFS (device loop0): Using r5 hash to sort names [ 78.887240][ T5389] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./161/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./161/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./161/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./161") = 0 mkdir("./162", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5391 ./strace-static-x86_64: Process 5391 attached [pid 5391] chdir("./162") = 0 [pid 5391] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5391] setpgid(0, 0) = 0 [pid 5391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5391] write(3, "1000", 4) = 4 [pid 5391] close(3) = 0 [pid 5391] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5391] memfd_create("syzkaller", 0) = 3 [pid 5391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5391] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5391] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5391] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5391] close(3) = 0 [pid 5391] mkdir("./file0", 0777) = 0 [ 78.998630][ T5391] loop0: detected capacity change from 0 to 8192 [ 79.008125][ T5391] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.021352][ T5391] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 79.030569][ T5391] REISERFS (device loop0): using ordered data mode [ 79.037061][ T5391] reiserfs: using flush barriers [ 79.042910][ T5391] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.059276][ T5391] REISERFS (device loop0): checking transaction log (loop0) [pid 5391] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5391] chdir("./file0") = 0 [pid 5391] ioctl(4, LOOP_CLR_FD) = 0 [pid 5391] close(4) = 0 [pid 5391] creat("./bus", 000) = 4 [pid 5391] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5391] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5391] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5391] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5391] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5391] exit_group(0) = ? [pid 5391] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5391, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./162", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./162", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./162/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./162/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./162/binderfs") = 0 [ 79.095940][ T5391] REISERFS (device loop0): Using r5 hash to sort names [ 79.103144][ T5391] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./162/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./162/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./162/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./162") = 0 mkdir("./163", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5393 ./strace-static-x86_64: Process 5393 attached [pid 5393] chdir("./163") = 0 [pid 5393] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5393] setpgid(0, 0) = 0 [pid 5393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5393] write(3, "1000", 4) = 4 [pid 5393] close(3) = 0 [pid 5393] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5393] memfd_create("syzkaller", 0) = 3 [pid 5393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5393] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5393] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5393] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5393] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5393] close(3) = 0 [pid 5393] mkdir("./file0", 0777) = 0 [ 79.217978][ T5393] loop0: detected capacity change from 0 to 8192 [ 79.227118][ T5393] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.240197][ T5393] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 79.249515][ T5393] REISERFS (device loop0): using ordered data mode [ 79.256008][ T5393] reiserfs: using flush barriers [ 79.261797][ T5393] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.278088][ T5393] REISERFS (device loop0): checking transaction log (loop0) [pid 5393] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5393] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5393] chdir("./file0") = 0 [pid 5393] ioctl(4, LOOP_CLR_FD) = 0 [pid 5393] close(4) = 0 [pid 5393] creat("./bus", 000) = 4 [pid 5393] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5393] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5393] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5393] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5393] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5393] exit_group(0) = ? [pid 5393] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5393, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./163", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./163", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./163/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./163/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./163/binderfs") = 0 umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./163/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./163/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./163/file0") = 0 [ 79.308472][ T5393] REISERFS (device loop0): Using r5 hash to sort names [ 79.315548][ T5393] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./163") = 0 mkdir("./164", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5395 ./strace-static-x86_64: Process 5395 attached [pid 5395] chdir("./164") = 0 [pid 5395] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5395] setpgid(0, 0) = 0 [pid 5395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5395] write(3, "1000", 4) = 4 [pid 5395] close(3) = 0 [pid 5395] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5395] memfd_create("syzkaller", 0) = 3 [pid 5395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5395] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5395] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5395] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5395] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5395] close(3) = 0 [pid 5395] mkdir("./file0", 0777) = 0 [ 79.415514][ T5395] loop0: detected capacity change from 0 to 8192 [ 79.424537][ T5395] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.437601][ T5395] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 79.446892][ T5395] REISERFS (device loop0): using ordered data mode [ 79.453445][ T5395] reiserfs: using flush barriers [ 79.459227][ T5395] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.475577][ T5395] REISERFS (device loop0): checking transaction log (loop0) [ 79.505437][ T5395] REISERFS (device loop0): Using r5 hash to sort names [pid 5395] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5395] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5395] chdir("./file0") = 0 [pid 5395] ioctl(4, LOOP_CLR_FD) = 0 [pid 5395] close(4) = 0 [pid 5395] creat("./bus", 000) = 4 [pid 5395] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5395] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5395] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5395] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5395] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5395] exit_group(0) = ? [pid 5395] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5395, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./164", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./164", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./164/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./164/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./164/binderfs") = 0 umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./164/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./164/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./164/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./164") = 0 mkdir("./165", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 79.512731][ T5395] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5397 attached , child_tidptr=0x555556cf25d0) = 5397 [pid 5397] chdir("./165") = 0 [pid 5397] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5397] setpgid(0, 0) = 0 [pid 5397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5397] write(3, "1000", 4) = 4 [pid 5397] close(3) = 0 [pid 5397] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5397] memfd_create("syzkaller", 0) = 3 [pid 5397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5397] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5397] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5397] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5397] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5397] close(3) = 0 [pid 5397] mkdir("./file0", 0777) = 0 [ 79.618418][ T5397] loop0: detected capacity change from 0 to 8192 [ 79.628004][ T5397] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.641207][ T5397] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 79.650590][ T5397] REISERFS (device loop0): using ordered data mode [ 79.657109][ T5397] reiserfs: using flush barriers [ 79.662985][ T5397] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.679281][ T5397] REISERFS (device loop0): checking transaction log (loop0) [pid 5397] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5397] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5397] chdir("./file0") = 0 [pid 5397] ioctl(4, LOOP_CLR_FD) = 0 [pid 5397] close(4) = 0 [pid 5397] creat("./bus", 000) = 4 [pid 5397] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5397] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5397] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5397] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5397] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5397] exit_group(0) = ? [pid 5397] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5397, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./165", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./165", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./165/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./165/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./165/binderfs") = 0 umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./165/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./165/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./165/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./165") = 0 [ 79.715393][ T5397] REISERFS (device loop0): Using r5 hash to sort names [ 79.722606][ T5397] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. mkdir("./166", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5399 ./strace-static-x86_64: Process 5399 attached [pid 5399] chdir("./166") = 0 [pid 5399] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5399] setpgid(0, 0) = 0 [pid 5399] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5399] write(3, "1000", 4) = 4 [pid 5399] close(3) = 0 [pid 5399] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5399] memfd_create("syzkaller", 0) = 3 [pid 5399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5399] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5399] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5399] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5399] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5399] close(3) = 0 [pid 5399] mkdir("./file0", 0777) = 0 [ 79.822503][ T5399] loop0: detected capacity change from 0 to 8192 [ 79.831680][ T5399] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.844918][ T5399] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 79.854388][ T5399] REISERFS (device loop0): using ordered data mode [ 79.860923][ T5399] reiserfs: using flush barriers [ 79.866498][ T5399] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.883070][ T5399] REISERFS (device loop0): checking transaction log (loop0) [pid 5399] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5399] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5399] chdir("./file0") = 0 [pid 5399] ioctl(4, LOOP_CLR_FD) = 0 [pid 5399] close(4) = 0 [pid 5399] creat("./bus", 000) = 4 [pid 5399] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5399] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5399] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5399] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5399] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5399] exit_group(0) = ? [pid 5399] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5399, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./166", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./166", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./166/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./166/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./166/binderfs") = 0 [ 79.918105][ T5399] REISERFS (device loop0): Using r5 hash to sort names [ 79.925514][ T5399] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./166/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./166/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./166/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./166") = 0 mkdir("./167", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5401 attached [pid 5401] chdir("./167") = 0 [pid 5401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5401] setpgid(0, 0) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5401 [pid 5401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5401] write(3, "1000", 4) = 4 [pid 5401] close(3) = 0 [pid 5401] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5401] memfd_create("syzkaller", 0) = 3 [pid 5401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5401] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5401] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5401] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5401] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5401] close(3) = 0 [pid 5401] mkdir("./file0", 0777) = 0 [ 80.030781][ T5401] loop0: detected capacity change from 0 to 8192 [ 80.039902][ T5401] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.053158][ T5401] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 80.062406][ T5401] REISERFS (device loop0): using ordered data mode [ 80.068936][ T5401] reiserfs: using flush barriers [ 80.074651][ T5401] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.091145][ T5401] REISERFS (device loop0): checking transaction log (loop0) [ 80.120489][ T5401] REISERFS (device loop0): Using r5 hash to sort names [pid 5401] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5401] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5401] chdir("./file0") = 0 [pid 5401] ioctl(4, LOOP_CLR_FD) = 0 [pid 5401] close(4) = 0 [pid 5401] creat("./bus", 000) = 4 [pid 5401] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5401] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5401] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5401] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5401] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5401] exit_group(0) = ? [pid 5401] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5401, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./167", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./167", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./167/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./167/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./167/binderfs") = 0 umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./167/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./167/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./167/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./167") = 0 mkdir("./168", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 80.127567][ T5401] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5403 ./strace-static-x86_64: Process 5403 attached [pid 5403] chdir("./168") = 0 [pid 5403] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5403] setpgid(0, 0) = 0 [pid 5403] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5403] write(3, "1000", 4) = 4 [pid 5403] close(3) = 0 [pid 5403] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5403] memfd_create("syzkaller", 0) = 3 [pid 5403] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5403] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5403] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5403] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5403] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5403] close(3) = 0 [pid 5403] mkdir("./file0", 0777) = 0 [ 80.229210][ T5403] loop0: detected capacity change from 0 to 8192 [ 80.238509][ T5403] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.251615][ T5403] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 80.260819][ T5403] REISERFS (device loop0): using ordered data mode [ 80.267311][ T5403] reiserfs: using flush barriers [ 80.273140][ T5403] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.289420][ T5403] REISERFS (device loop0): checking transaction log (loop0) [pid 5403] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5403] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5403] chdir("./file0") = 0 [pid 5403] ioctl(4, LOOP_CLR_FD) = 0 [pid 5403] close(4) = 0 [pid 5403] creat("./bus", 000) = 4 [pid 5403] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5403] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5403] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5403] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5403] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5403] exit_group(0) = ? [pid 5403] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5403, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./168", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./168", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./168/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./168/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./168/binderfs") = 0 [ 80.322635][ T5403] REISERFS (device loop0): Using r5 hash to sort names [ 80.329928][ T5403] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./168/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./168/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./168/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./168") = 0 mkdir("./169", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5405 attached , child_tidptr=0x555556cf25d0) = 5405 [pid 5405] chdir("./169") = 0 [pid 5405] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5405] setpgid(0, 0) = 0 [pid 5405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5405] write(3, "1000", 4) = 4 [pid 5405] close(3) = 0 [pid 5405] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5405] memfd_create("syzkaller", 0) = 3 [pid 5405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5405] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5405] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5405] close(3) = 0 [pid 5405] mkdir("./file0", 0777) = 0 [ 80.450909][ T5405] loop0: detected capacity change from 0 to 8192 [ 80.460704][ T5405] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.473715][ T5405] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 80.482946][ T5405] REISERFS (device loop0): using ordered data mode [ 80.489491][ T5405] reiserfs: using flush barriers [ 80.495161][ T5405] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.511604][ T5405] REISERFS (device loop0): checking transaction log (loop0) [pid 5405] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5405] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5405] chdir("./file0") = 0 [pid 5405] ioctl(4, LOOP_CLR_FD) = 0 [pid 5405] close(4) = 0 [pid 5405] creat("./bus", 000) = 4 [pid 5405] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5405] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5405] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5405] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5405] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5405] exit_group(0) = ? [pid 5405] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5405, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./169", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./169", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./169/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./169/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./169/binderfs") = 0 [ 80.545347][ T5405] REISERFS (device loop0): Using r5 hash to sort names [ 80.552431][ T5405] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./169/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./169/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./169/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./169") = 0 mkdir("./170", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5407 attached , child_tidptr=0x555556cf25d0) = 5407 [pid 5407] chdir("./170") = 0 [pid 5407] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5407] setpgid(0, 0) = 0 [pid 5407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5407] write(3, "1000", 4) = 4 [pid 5407] close(3) = 0 [pid 5407] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5407] memfd_create("syzkaller", 0) = 3 [pid 5407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5407] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5407] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5407] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5407] close(3) = 0 [pid 5407] mkdir("./file0", 0777) = 0 [ 80.661768][ T5407] loop0: detected capacity change from 0 to 8192 [ 80.671236][ T5407] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.684361][ T5407] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 80.693623][ T5407] REISERFS (device loop0): using ordered data mode [ 80.700197][ T5407] reiserfs: using flush barriers [ 80.706125][ T5407] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.722406][ T5407] REISERFS (device loop0): checking transaction log (loop0) [pid 5407] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5407] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5407] chdir("./file0") = 0 [pid 5407] ioctl(4, LOOP_CLR_FD) = 0 [pid 5407] close(4) = 0 [pid 5407] creat("./bus", 000) = 4 [pid 5407] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5407] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5407] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5407] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5407] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5407] exit_group(0) = ? [pid 5407] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5407, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./170", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./170", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./170/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./170/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./170/binderfs") = 0 [ 80.757286][ T5407] REISERFS (device loop0): Using r5 hash to sort names [ 80.764488][ T5407] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./170/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./170/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./170/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./170") = 0 mkdir("./171", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5409 attached , child_tidptr=0x555556cf25d0) = 5409 [pid 5409] chdir("./171") = 0 [pid 5409] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5409] setpgid(0, 0) = 0 [pid 5409] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5409] write(3, "1000", 4) = 4 [pid 5409] close(3) = 0 [pid 5409] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5409] memfd_create("syzkaller", 0) = 3 [pid 5409] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5409] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5409] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5409] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5409] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5409] close(3) = 0 [pid 5409] mkdir("./file0", 0777) = 0 [ 80.879720][ T5409] loop0: detected capacity change from 0 to 8192 [ 80.888968][ T5409] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.902073][ T5409] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 80.911382][ T5409] REISERFS (device loop0): using ordered data mode [ 80.917905][ T5409] reiserfs: using flush barriers [ 80.923807][ T5409] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.940213][ T5409] REISERFS (device loop0): checking transaction log (loop0) [pid 5409] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5409] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5409] chdir("./file0") = 0 [pid 5409] ioctl(4, LOOP_CLR_FD) = 0 [pid 5409] close(4) = 0 [pid 5409] creat("./bus", 000) = 4 [pid 5409] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5409] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5409] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5409] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5409] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5409] exit_group(0) = ? [pid 5409] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5409, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./171", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./171", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./171/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./171/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./171/binderfs") = 0 umount2("./171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./171/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./171/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 [ 80.971764][ T5409] REISERFS (device loop0): Using r5 hash to sort names [ 80.979346][ T5409] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./171/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./171") = 0 mkdir("./172", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5411 ./strace-static-x86_64: Process 5411 attached [pid 5411] chdir("./172") = 0 [pid 5411] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5411] setpgid(0, 0) = 0 [pid 5411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5411] write(3, "1000", 4) = 4 [pid 5411] close(3) = 0 [pid 5411] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5411] memfd_create("syzkaller", 0) = 3 [pid 5411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5411] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5411] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5411] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5411] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5411] close(3) = 0 [pid 5411] mkdir("./file0", 0777) = 0 [ 81.080862][ T5411] loop0: detected capacity change from 0 to 8192 [ 81.090136][ T5411] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.103325][ T5411] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.112579][ T5411] REISERFS (device loop0): using ordered data mode [ 81.119195][ T5411] reiserfs: using flush barriers [ 81.124796][ T5411] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.141344][ T5411] REISERFS (device loop0): checking transaction log (loop0) [pid 5411] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5411] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5411] chdir("./file0") = 0 [pid 5411] ioctl(4, LOOP_CLR_FD) = 0 [pid 5411] close(4) = 0 [pid 5411] creat("./bus", 000) = 4 [pid 5411] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5411] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5411] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5411] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5411] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5411] exit_group(0) = ? [pid 5411] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5411, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./172", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./172", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./172/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./172/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./172/binderfs") = 0 [ 81.174962][ T5411] REISERFS (device loop0): Using r5 hash to sort names [ 81.182222][ T5411] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./172/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./172/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./172/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./172") = 0 mkdir("./173", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5413 attached , child_tidptr=0x555556cf25d0) = 5413 [pid 5413] chdir("./173") = 0 [pid 5413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5413] setpgid(0, 0) = 0 [pid 5413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5413] write(3, "1000", 4) = 4 [pid 5413] close(3) = 0 [pid 5413] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5413] memfd_create("syzkaller", 0) = 3 [pid 5413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5413] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5413] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5413] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5413] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5413] close(3) = 0 [pid 5413] mkdir("./file0", 0777) = 0 [ 81.300914][ T5413] loop0: detected capacity change from 0 to 8192 [ 81.310493][ T5413] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.323627][ T5413] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.332948][ T5413] REISERFS (device loop0): using ordered data mode [ 81.339531][ T5413] reiserfs: using flush barriers [ 81.345130][ T5413] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.361712][ T5413] REISERFS (device loop0): checking transaction log (loop0) [pid 5413] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5413] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5413] chdir("./file0") = 0 [pid 5413] ioctl(4, LOOP_CLR_FD) = 0 [pid 5413] close(4) = 0 [pid 5413] creat("./bus", 000) = 4 [pid 5413] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5413] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5413] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5413] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5413] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5413] exit_group(0) = ? [pid 5413] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5413, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./173", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./173", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./173/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./173/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./173/binderfs") = 0 umount2("./173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./173/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./173/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 [ 81.395751][ T5413] REISERFS (device loop0): Using r5 hash to sort names [ 81.402833][ T5413] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(4) = 0 rmdir("./173/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./173") = 0 mkdir("./174", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5415 attached , child_tidptr=0x555556cf25d0) = 5415 [pid 5415] chdir("./174") = 0 [pid 5415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5415] setpgid(0, 0) = 0 [pid 5415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5415] write(3, "1000", 4) = 4 [pid 5415] close(3) = 0 [pid 5415] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5415] memfd_create("syzkaller", 0) = 3 [pid 5415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5415] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5415] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5415] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5415] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5415] close(3) = 0 [pid 5415] mkdir("./file0", 0777) = 0 [ 81.501783][ T5415] loop0: detected capacity change from 0 to 8192 [ 81.511451][ T5415] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.524569][ T5415] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.533810][ T5415] REISERFS (device loop0): using ordered data mode [ 81.540353][ T5415] reiserfs: using flush barriers [ 81.546040][ T5415] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.562444][ T5415] REISERFS (device loop0): checking transaction log (loop0) [ 81.591691][ T5415] REISERFS (device loop0): Using r5 hash to sort names [pid 5415] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5415] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5415] chdir("./file0") = 0 [pid 5415] ioctl(4, LOOP_CLR_FD) = 0 [pid 5415] close(4) = 0 [pid 5415] creat("./bus", 000) = 4 [pid 5415] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5415] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5415] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5415] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5415] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5415] exit_group(0) = ? [pid 5415] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5415, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./174", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./174", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./174/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./174/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./174/binderfs") = 0 umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./174/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./174/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./174/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./174") = 0 mkdir("./175", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5417 ./strace-static-x86_64: Process 5417 attached [pid 5417] chdir("./175") = 0 [pid 5417] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5417] setpgid(0, 0) = 0 [ 81.598718][ T5415] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5417] write(3, "1000", 4) = 4 [pid 5417] close(3) = 0 [pid 5417] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5417] memfd_create("syzkaller", 0) = 3 [pid 5417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5417] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5417] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5417] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5417] close(3) = 0 [pid 5417] mkdir("./file0", 0777) = 0 [ 81.696560][ T5417] loop0: detected capacity change from 0 to 8192 [ 81.706155][ T5417] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.719344][ T5417] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.728575][ T5417] REISERFS (device loop0): using ordered data mode [ 81.735243][ T5417] reiserfs: using flush barriers [ 81.741099][ T5417] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.757517][ T5417] REISERFS (device loop0): checking transaction log (loop0) [pid 5417] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5417] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5417] chdir("./file0") = 0 [pid 5417] ioctl(4, LOOP_CLR_FD) = 0 [pid 5417] close(4) = 0 [pid 5417] creat("./bus", 000) = 4 [pid 5417] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5417] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5417] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5417] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5417] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5417] exit_group(0) = ? [pid 5417] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5417, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./175", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./175", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./175/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./175/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./175/binderfs") = 0 [ 81.792415][ T5417] REISERFS (device loop0): Using r5 hash to sort names [ 81.799553][ T5417] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./175/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./175/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./175/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./175") = 0 mkdir("./176", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5419 ./strace-static-x86_64: Process 5419 attached [pid 5419] chdir("./176") = 0 [pid 5419] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5419] setpgid(0, 0) = 0 [pid 5419] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5419] write(3, "1000", 4) = 4 [pid 5419] close(3) = 0 [pid 5419] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5419] memfd_create("syzkaller", 0) = 3 [pid 5419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5419] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5419] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5419] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5419] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5419] close(3) = 0 [pid 5419] mkdir("./file0", 0777) = 0 [ 81.916085][ T5419] loop0: detected capacity change from 0 to 8192 [ 81.925875][ T5419] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.938977][ T5419] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.948168][ T5419] REISERFS (device loop0): using ordered data mode [ 81.954757][ T5419] reiserfs: using flush barriers [ 81.960814][ T5419] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.977219][ T5419] REISERFS (device loop0): checking transaction log (loop0) [pid 5419] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5419] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5419] chdir("./file0") = 0 [pid 5419] ioctl(4, LOOP_CLR_FD) = 0 [pid 5419] close(4) = 0 [pid 5419] creat("./bus", 000) = 4 [pid 5419] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5419] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5419] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5419] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5419] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5419] exit_group(0) = ? [pid 5419] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5419, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./176", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./176", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./176/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./176/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./176/binderfs") = 0 [ 82.011550][ T5419] REISERFS (device loop0): Using r5 hash to sort names [ 82.018607][ T5419] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./176/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./176/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./176/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./176") = 0 mkdir("./177", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5421 ./strace-static-x86_64: Process 5421 attached [pid 5421] chdir("./177") = 0 [pid 5421] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5421] setpgid(0, 0) = 0 [pid 5421] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5421] write(3, "1000", 4) = 4 [pid 5421] close(3) = 0 [pid 5421] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5421] memfd_create("syzkaller", 0) = 3 [pid 5421] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5421] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5421] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5421] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5421] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5421] close(3) = 0 [pid 5421] mkdir("./file0", 0777) = 0 [ 82.122924][ T5421] loop0: detected capacity change from 0 to 8192 [ 82.131966][ T5421] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.145360][ T5421] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 82.154639][ T5421] REISERFS (device loop0): using ordered data mode [ 82.161202][ T5421] reiserfs: using flush barriers [ 82.166768][ T5421] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.183384][ T5421] REISERFS (device loop0): checking transaction log (loop0) [pid 5421] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5421] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5421] chdir("./file0") = 0 [pid 5421] ioctl(4, LOOP_CLR_FD) = 0 [pid 5421] close(4) = 0 [pid 5421] creat("./bus", 000) = 4 [pid 5421] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5421] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5421] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5421] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5421] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5421] exit_group(0) = ? [pid 5421] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5421, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./177", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./177", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./177/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./177/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./177/binderfs") = 0 [ 82.217712][ T5421] REISERFS (device loop0): Using r5 hash to sort names [ 82.224812][ T5421] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./177/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./177/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./177/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./177") = 0 mkdir("./178", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5423 ./strace-static-x86_64: Process 5423 attached [pid 5423] chdir("./178") = 0 [pid 5423] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5423] setpgid(0, 0) = 0 [pid 5423] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5423] write(3, "1000", 4) = 4 [pid 5423] close(3) = 0 [pid 5423] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5423] memfd_create("syzkaller", 0) = 3 [pid 5423] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5423] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5423] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5423] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5423] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5423] close(3) = 0 [pid 5423] mkdir("./file0", 0777) = 0 [ 82.320828][ T5423] loop0: detected capacity change from 0 to 8192 [ 82.330807][ T5423] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.343869][ T5423] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 82.353411][ T5423] REISERFS (device loop0): using ordered data mode [ 82.359998][ T5423] reiserfs: using flush barriers [ 82.365794][ T5423] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.382420][ T5423] REISERFS (device loop0): checking transaction log (loop0) [pid 5423] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5423] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5423] chdir("./file0") = 0 [pid 5423] ioctl(4, LOOP_CLR_FD) = 0 [pid 5423] close(4) = 0 [pid 5423] creat("./bus", 000) = 4 [pid 5423] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5423] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5423] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5423] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5423] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5423] exit_group(0) = ? [pid 5423] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5423, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./178", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./178", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./178/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./178/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./178/binderfs") = 0 [ 82.417156][ T5423] REISERFS (device loop0): Using r5 hash to sort names [ 82.424239][ T5423] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./178/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./178/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./178/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./178") = 0 mkdir("./179", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5425 ./strace-static-x86_64: Process 5425 attached [pid 5425] chdir("./179") = 0 [pid 5425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5425] setpgid(0, 0) = 0 [pid 5425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5425] write(3, "1000", 4) = 4 [pid 5425] close(3) = 0 [pid 5425] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5425] memfd_create("syzkaller", 0) = 3 [pid 5425] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5425] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5425] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5425] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5425] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5425] close(3) = 0 [pid 5425] mkdir("./file0", 0777) = 0 [ 82.529720][ T5425] loop0: detected capacity change from 0 to 8192 [ 82.538930][ T5425] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.552050][ T5425] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 82.561370][ T5425] REISERFS (device loop0): using ordered data mode [ 82.567891][ T5425] reiserfs: using flush barriers [ 82.573617][ T5425] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.590020][ T5425] REISERFS (device loop0): checking transaction log (loop0) [pid 5425] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5425] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5425] chdir("./file0") = 0 [pid 5425] ioctl(4, LOOP_CLR_FD) = 0 [pid 5425] close(4) = 0 [pid 5425] creat("./bus", 000) = 4 [pid 5425] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5425] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5425] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5425] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5425] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5425] exit_group(0) = ? [pid 5425] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5425, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./179", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./179", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./179/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./179/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./179/binderfs") = 0 [ 82.624246][ T5425] REISERFS (device loop0): Using r5 hash to sort names [ 82.631497][ T5425] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./179/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./179/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./179/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./179") = 0 mkdir("./180", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5427 ./strace-static-x86_64: Process 5427 attached [pid 5427] chdir("./180") = 0 [pid 5427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5427] setpgid(0, 0) = 0 [pid 5427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5427] write(3, "1000", 4) = 4 [pid 5427] close(3) = 0 [pid 5427] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5427] memfd_create("syzkaller", 0) = 3 [pid 5427] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5427] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5427] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5427] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5427] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5427] close(3) = 0 [pid 5427] mkdir("./file0", 0777) = 0 [ 82.723403][ T5427] loop0: detected capacity change from 0 to 8192 [ 82.732669][ T5427] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.745874][ T5427] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 82.755266][ T5427] REISERFS (device loop0): using ordered data mode [ 82.761851][ T5427] reiserfs: using flush barriers [ 82.767484][ T5427] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.783943][ T5427] REISERFS (device loop0): checking transaction log (loop0) [pid 5427] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5427] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5427] chdir("./file0") = 0 [pid 5427] ioctl(4, LOOP_CLR_FD) = 0 [pid 5427] close(4) = 0 [pid 5427] creat("./bus", 000) = 4 [pid 5427] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5427] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5427] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5427] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5427] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5427] exit_group(0) = ? [pid 5427] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5427, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./180", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./180", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./180/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./180/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./180/binderfs") = 0 [ 82.819165][ T5427] REISERFS (device loop0): Using r5 hash to sort names [ 82.826197][ T5427] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./180/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./180/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./180/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./180") = 0 mkdir("./181", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5429 ./strace-static-x86_64: Process 5429 attached [pid 5429] chdir("./181") = 0 [pid 5429] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5429] setpgid(0, 0) = 0 [pid 5429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5429] write(3, "1000", 4) = 4 [pid 5429] close(3) = 0 [pid 5429] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5429] memfd_create("syzkaller", 0) = 3 [pid 5429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5429] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5429] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5429] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5429] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5429] close(3) = 0 [pid 5429] mkdir("./file0", 0777) = 0 [ 82.925324][ T5429] loop0: detected capacity change from 0 to 8192 [ 82.934447][ T5429] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.947479][ T5429] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 82.956731][ T5429] REISERFS (device loop0): using ordered data mode [ 82.963332][ T5429] reiserfs: using flush barriers [ 82.969169][ T5429] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.985559][ T5429] REISERFS (device loop0): checking transaction log (loop0) [pid 5429] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5429] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5429] chdir("./file0") = 0 [pid 5429] ioctl(4, LOOP_CLR_FD) = 0 [pid 5429] close(4) = 0 [pid 5429] creat("./bus", 000) = 4 [pid 5429] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5429] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5429] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5429] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5429] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5429] exit_group(0) = ? [pid 5429] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5429, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./181", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./181", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./181/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./181/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./181/binderfs") = 0 umount2("./181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 83.020847][ T5429] REISERFS (device loop0): Using r5 hash to sort names [ 83.027867][ T5429] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./181/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./181/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./181/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./181") = 0 mkdir("./182", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5431 attached [pid 5431] chdir("./182") = 0 [pid 5431] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5431] setpgid(0, 0) = 0 [pid 5431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5431] write(3, "1000", 4) = 4 [pid 5431] close(3) = 0 [pid 5431] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5431] memfd_create("syzkaller", 0) = 3 [pid 5431] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5431 [pid 5431] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5431] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5431] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5431] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5431] close(3) = 0 [pid 5431] mkdir("./file0", 0777) = 0 [ 83.129764][ T5431] loop0: detected capacity change from 0 to 8192 [ 83.139151][ T5431] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.152207][ T5431] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.161463][ T5431] REISERFS (device loop0): using ordered data mode [ 83.167974][ T5431] reiserfs: using flush barriers [ 83.173871][ T5431] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.190187][ T5431] REISERFS (device loop0): checking transaction log (loop0) [pid 5431] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5431] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5431] chdir("./file0") = 0 [pid 5431] ioctl(4, LOOP_CLR_FD) = 0 [pid 5431] close(4) = 0 [pid 5431] creat("./bus", 000) = 4 [pid 5431] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5431] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5431] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5431] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5431] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5431] exit_group(0) = ? [pid 5431] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5431, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./182", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./182", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./182/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./182/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./182/binderfs") = 0 [ 83.224444][ T5431] REISERFS (device loop0): Using r5 hash to sort names [ 83.231550][ T5431] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./182/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./182/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./182/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./182/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./182/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./182/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./182") = 0 mkdir("./183", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5433 ./strace-static-x86_64: Process 5433 attached [pid 5433] chdir("./183") = 0 [pid 5433] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5433] setpgid(0, 0) = 0 [pid 5433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5433] write(3, "1000", 4) = 4 [pid 5433] close(3) = 0 [pid 5433] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5433] memfd_create("syzkaller", 0) = 3 [pid 5433] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5433] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5433] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5433] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5433] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5433] close(3) = 0 [pid 5433] mkdir("./file0", 0777) = 0 [ 83.342977][ T5433] loop0: detected capacity change from 0 to 8192 [ 83.352301][ T5433] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.365399][ T5433] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.374707][ T5433] REISERFS (device loop0): using ordered data mode [ 83.381286][ T5433] reiserfs: using flush barriers [ 83.386972][ T5433] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.403429][ T5433] REISERFS (device loop0): checking transaction log (loop0) [pid 5433] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5433] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5433] chdir("./file0") = 0 [pid 5433] ioctl(4, LOOP_CLR_FD) = 0 [pid 5433] close(4) = 0 [pid 5433] creat("./bus", 000) = 4 [pid 5433] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5433] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5433] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5433] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5433] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5433] exit_group(0) = ? [pid 5433] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5433, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./183", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./183", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./183/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./183/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./183/binderfs") = 0 [ 83.433636][ T5433] REISERFS (device loop0): Using r5 hash to sort names [ 83.440945][ T5433] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./183/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./183/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./183/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./183/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./183/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./183/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./183") = 0 mkdir("./184", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5435 ./strace-static-x86_64: Process 5435 attached [pid 5435] chdir("./184") = 0 [pid 5435] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5435] setpgid(0, 0) = 0 [pid 5435] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5435] write(3, "1000", 4) = 4 [pid 5435] close(3) = 0 [pid 5435] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5435] memfd_create("syzkaller", 0) = 3 [pid 5435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5435] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5435] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5435] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5435] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5435] close(3) = 0 [pid 5435] mkdir("./file0", 0777) = 0 [ 83.555896][ T5435] loop0: detected capacity change from 0 to 8192 [ 83.564996][ T5435] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.578042][ T5435] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.587291][ T5435] REISERFS (device loop0): using ordered data mode [ 83.593841][ T5435] reiserfs: using flush barriers [ 83.599598][ T5435] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.615938][ T5435] REISERFS (device loop0): checking transaction log (loop0) [ 83.644929][ T5435] REISERFS (device loop0): Using r5 hash to sort names [pid 5435] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5435] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5435] chdir("./file0") = 0 [pid 5435] ioctl(4, LOOP_CLR_FD) = 0 [pid 5435] close(4) = 0 [pid 5435] creat("./bus", 000) = 4 [pid 5435] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5435] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5435] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5435] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5435] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5435] exit_group(0) = ? [pid 5435] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5435, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./184", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./184", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./184/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./184/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./184/binderfs") = 0 [ 83.652212][ T5435] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./184/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./184/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./184/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./184/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./184/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./184/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./184") = 0 mkdir("./185", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5437 ./strace-static-x86_64: Process 5437 attached [pid 5437] chdir("./185") = 0 [pid 5437] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5437] setpgid(0, 0) = 0 [pid 5437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5437] write(3, "1000", 4) = 4 [pid 5437] close(3) = 0 [pid 5437] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5437] memfd_create("syzkaller", 0) = 3 [pid 5437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5437] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5437] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5437] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5437] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5437] close(3) = 0 [pid 5437] mkdir("./file0", 0777) = 0 [ 83.750655][ T5437] loop0: detected capacity change from 0 to 8192 [ 83.760288][ T5437] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.773382][ T5437] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.782616][ T5437] REISERFS (device loop0): using ordered data mode [ 83.789186][ T5437] reiserfs: using flush barriers [ 83.795161][ T5437] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.811549][ T5437] REISERFS (device loop0): checking transaction log (loop0) [pid 5437] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5437] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5437] chdir("./file0") = 0 [pid 5437] ioctl(4, LOOP_CLR_FD) = 0 [pid 5437] close(4) = 0 [pid 5437] creat("./bus", 000) = 4 [pid 5437] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5437] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5437] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5437] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5437] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5437] exit_group(0) = ? [pid 5437] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5437, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./185", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./185", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./185/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./185/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./185/binderfs") = 0 [ 83.846172][ T5437] REISERFS (device loop0): Using r5 hash to sort names [ 83.853310][ T5437] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./185/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./185/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./185/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./185/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./185/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./185/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./185") = 0 mkdir("./186", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5439 ./strace-static-x86_64: Process 5439 attached [pid 5439] chdir("./186") = 0 [pid 5439] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5439] setpgid(0, 0) = 0 [pid 5439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5439] write(3, "1000", 4) = 4 [pid 5439] close(3) = 0 [pid 5439] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5439] memfd_create("syzkaller", 0) = 3 [pid 5439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5439] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5439] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5439] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5439] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5439] close(3) = 0 [pid 5439] mkdir("./file0", 0777) = 0 [ 83.971037][ T5439] loop0: detected capacity change from 0 to 8192 [ 83.980508][ T5439] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.993620][ T5439] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.003156][ T5439] REISERFS (device loop0): using ordered data mode [ 84.009776][ T5439] reiserfs: using flush barriers [ 84.015676][ T5439] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.032078][ T5439] REISERFS (device loop0): checking transaction log (loop0) [pid 5439] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5439] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5439] chdir("./file0") = 0 [pid 5439] ioctl(4, LOOP_CLR_FD) = 0 [pid 5439] close(4) = 0 [pid 5439] creat("./bus", 000) = 4 [pid 5439] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5439] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5439] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5439] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5439] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5439] exit_group(0) = ? [pid 5439] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5439, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./186", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./186", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./186/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./186/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./186/binderfs") = 0 [ 84.066875][ T5439] REISERFS (device loop0): Using r5 hash to sort names [ 84.074093][ T5439] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./186/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./186/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./186/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./186/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./186/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./186/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./186") = 0 mkdir("./187", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5441 ./strace-static-x86_64: Process 5441 attached [pid 5441] chdir("./187") = 0 [pid 5441] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5441] setpgid(0, 0) = 0 [pid 5441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5441] write(3, "1000", 4) = 4 [pid 5441] close(3) = 0 [pid 5441] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5441] memfd_create("syzkaller", 0) = 3 [pid 5441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5441] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5441] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5441] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5441] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5441] close(3) = 0 [pid 5441] mkdir("./file0", 0777) = 0 [ 84.183918][ T5441] loop0: detected capacity change from 0 to 8192 [ 84.193124][ T5441] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.206433][ T5441] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.215717][ T5441] REISERFS (device loop0): using ordered data mode [ 84.222279][ T5441] reiserfs: using flush barriers [ 84.227877][ T5441] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.244363][ T5441] REISERFS (device loop0): checking transaction log (loop0) [pid 5441] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5441] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5441] chdir("./file0") = 0 [pid 5441] ioctl(4, LOOP_CLR_FD) = 0 [pid 5441] close(4) = 0 [pid 5441] creat("./bus", 000) = 4 [pid 5441] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5441] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5441] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5441] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5441] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5441] exit_group(0) = ? [pid 5441] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5441, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./187", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./187", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./187/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./187/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./187/binderfs") = 0 umount2("./187/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./187/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 84.275199][ T5441] REISERFS (device loop0): Using r5 hash to sort names [ 84.282260][ T5441] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. lstat("./187/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./187/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./187/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./187/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./187") = 0 mkdir("./188", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5443 ./strace-static-x86_64: Process 5443 attached [pid 5443] chdir("./188") = 0 [pid 5443] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5443] setpgid(0, 0) = 0 [pid 5443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5443] write(3, "1000", 4) = 4 [pid 5443] close(3) = 0 [pid 5443] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5443] memfd_create("syzkaller", 0) = 3 [pid 5443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5443] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5443] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5443] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5443] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5443] close(3) = 0 [pid 5443] mkdir("./file0", 0777) = 0 [ 84.382780][ T5443] loop0: detected capacity change from 0 to 8192 [ 84.391996][ T5443] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.405056][ T5443] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.414307][ T5443] REISERFS (device loop0): using ordered data mode [ 84.420855][ T5443] reiserfs: using flush barriers [ 84.426470][ T5443] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.443056][ T5443] REISERFS (device loop0): checking transaction log (loop0) [ 84.472187][ T5443] REISERFS (device loop0): Using r5 hash to sort names [pid 5443] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5443] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5443] chdir("./file0") = 0 [pid 5443] ioctl(4, LOOP_CLR_FD) = 0 [pid 5443] close(4) = 0 [pid 5443] creat("./bus", 000) = 4 [pid 5443] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5443] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5443] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5443] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5443] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5443] exit_group(0) = ? [pid 5443] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5443, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./188", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./188", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./188/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./188/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./188/binderfs") = 0 [ 84.479486][ T5443] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./188/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./188/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./188/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./188/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./188/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./188/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./188") = 0 mkdir("./189", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5445 ./strace-static-x86_64: Process 5445 attached [pid 5445] chdir("./189") = 0 [pid 5445] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5445] setpgid(0, 0) = 0 [pid 5445] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5445] write(3, "1000", 4) = 4 [pid 5445] close(3) = 0 [pid 5445] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5445] memfd_create("syzkaller", 0) = 3 [pid 5445] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5445] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5445] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5445] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5445] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5445] close(3) = 0 [pid 5445] mkdir("./file0", 0777) = 0 [ 84.580102][ T5445] loop0: detected capacity change from 0 to 8192 [ 84.589740][ T5445] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.602845][ T5445] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.612094][ T5445] REISERFS (device loop0): using ordered data mode [ 84.618612][ T5445] reiserfs: using flush barriers [ 84.624378][ T5445] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.640666][ T5445] REISERFS (device loop0): checking transaction log (loop0) [ 84.669513][ T5445] REISERFS (device loop0): Using r5 hash to sort names [pid 5445] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5445] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5445] chdir("./file0") = 0 [pid 5445] ioctl(4, LOOP_CLR_FD) = 0 [pid 5445] close(4) = 0 [pid 5445] creat("./bus", 000) = 4 [pid 5445] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5445] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5445] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5445] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5445] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5445] exit_group(0) = ? [pid 5445] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5445, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./189", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./189", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./189/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./189/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./189/binderfs") = 0 [ 84.676700][ T5445] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./189/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./189/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./189/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./189/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./189/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./189/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./189") = 0 mkdir("./190", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5447 ./strace-static-x86_64: Process 5447 attached [pid 5447] chdir("./190") = 0 [pid 5447] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5447] setpgid(0, 0) = 0 [pid 5447] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5447] write(3, "1000", 4) = 4 [pid 5447] close(3) = 0 [pid 5447] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5447] memfd_create("syzkaller", 0) = 3 [pid 5447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5447] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5447] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5447] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5447] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5447] close(3) = 0 [pid 5447] mkdir("./file0", 0777) = 0 [ 84.770997][ T5447] loop0: detected capacity change from 0 to 8192 [ 84.780433][ T5447] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.793777][ T5447] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.803119][ T5447] REISERFS (device loop0): using ordered data mode [ 84.809698][ T5447] reiserfs: using flush barriers [ 84.815810][ T5447] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.832121][ T5447] REISERFS (device loop0): checking transaction log (loop0) [ 84.861043][ T5447] REISERFS (device loop0): Using r5 hash to sort names [pid 5447] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5447] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5447] chdir("./file0") = 0 [pid 5447] ioctl(4, LOOP_CLR_FD) = 0 [pid 5447] close(4) = 0 [pid 5447] creat("./bus", 000) = 4 [pid 5447] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5447] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5447] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5447] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5447] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5447] exit_group(0) = ? [pid 5447] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5447, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./190", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./190", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./190/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./190/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./190/binderfs") = 0 umount2("./190/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./190/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./190/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./190/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./190/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./190/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./190") = 0 mkdir("./191", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 84.868081][ T5447] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5449 ./strace-static-x86_64: Process 5449 attached [pid 5449] chdir("./191") = 0 [pid 5449] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5449] setpgid(0, 0) = 0 [pid 5449] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5449] write(3, "1000", 4) = 4 [pid 5449] close(3) = 0 [pid 5449] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5449] memfd_create("syzkaller", 0) = 3 [pid 5449] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5449] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5449] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5449] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5449] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5449] close(3) = 0 [pid 5449] mkdir("./file0", 0777) = 0 [ 84.969934][ T5449] loop0: detected capacity change from 0 to 8192 [ 84.979679][ T5449] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.992794][ T5449] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.002073][ T5449] REISERFS (device loop0): using ordered data mode [ 85.008679][ T5449] reiserfs: using flush barriers [ 85.014542][ T5449] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.031310][ T5449] REISERFS (device loop0): checking transaction log (loop0) [pid 5449] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5449] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5449] chdir("./file0") = 0 [pid 5449] ioctl(4, LOOP_CLR_FD) = 0 [pid 5449] close(4) = 0 [pid 5449] creat("./bus", 000) = 4 [pid 5449] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5449] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5449] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5449] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5449] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5449] exit_group(0) = ? [pid 5449] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5449, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./191", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./191", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./191/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./191/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./191/binderfs") = 0 [ 85.064778][ T5449] REISERFS (device loop0): Using r5 hash to sort names [ 85.071919][ T5449] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./191/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./191/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./191/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./191/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./191/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./191/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./191") = 0 mkdir("./192", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5451 ./strace-static-x86_64: Process 5451 attached [pid 5451] chdir("./192") = 0 [pid 5451] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5451] setpgid(0, 0) = 0 [pid 5451] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5451] write(3, "1000", 4) = 4 [pid 5451] close(3) = 0 [pid 5451] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5451] memfd_create("syzkaller", 0) = 3 [pid 5451] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5451] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5451] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5451] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5451] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5451] close(3) = 0 [pid 5451] mkdir("./file0", 0777) = 0 [ 85.178504][ T5451] loop0: detected capacity change from 0 to 8192 [ 85.187700][ T5451] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.200888][ T5451] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.210359][ T5451] REISERFS (device loop0): using ordered data mode [ 85.216894][ T5451] reiserfs: using flush barriers [ 85.222646][ T5451] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.239081][ T5451] REISERFS (device loop0): checking transaction log (loop0) [pid 5451] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5451] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5451] chdir("./file0") = 0 [pid 5451] ioctl(4, LOOP_CLR_FD) = 0 [pid 5451] close(4) = 0 [pid 5451] creat("./bus", 000) = 4 [pid 5451] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5451] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5451] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5451] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5451] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5451] exit_group(0) = ? [pid 5451] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5451, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./192", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./192", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./192/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./192/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./192/binderfs") = 0 [ 85.273408][ T5451] REISERFS (device loop0): Using r5 hash to sort names [ 85.280582][ T5451] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./192/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./192/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./192/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./192/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./192/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./192/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./192") = 0 mkdir("./193", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5453 ./strace-static-x86_64: Process 5453 attached [pid 5453] chdir("./193") = 0 [pid 5453] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5453] setpgid(0, 0) = 0 [pid 5453] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5453] write(3, "1000", 4) = 4 [pid 5453] close(3) = 0 [pid 5453] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5453] memfd_create("syzkaller", 0) = 3 [pid 5453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5453] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5453] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5453] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5453] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5453] close(3) = 0 [pid 5453] mkdir("./file0", 0777) = 0 [ 85.374972][ T5453] loop0: detected capacity change from 0 to 8192 [ 85.383872][ T5453] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.396896][ T5453] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.406157][ T5453] REISERFS (device loop0): using ordered data mode [ 85.412789][ T5453] reiserfs: using flush barriers [ 85.418337][ T5453] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.434704][ T5453] REISERFS (device loop0): checking transaction log (loop0) [pid 5453] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5453] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5453] chdir("./file0") = 0 [pid 5453] ioctl(4, LOOP_CLR_FD) = 0 [pid 5453] close(4) = 0 [pid 5453] creat("./bus", 000) = 4 [pid 5453] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5453] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5453] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5453] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5453] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5453] exit_group(0) = ? [pid 5453] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5453, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./193", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./193", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./193/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./193/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./193/binderfs") = 0 [ 85.468579][ T5453] REISERFS (device loop0): Using r5 hash to sort names [ 85.475716][ T5453] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./193/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./193/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./193/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./193/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./193/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./193/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./193") = 0 mkdir("./194", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5455 attached , child_tidptr=0x555556cf25d0) = 5455 [pid 5455] chdir("./194") = 0 [pid 5455] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5455] setpgid(0, 0) = 0 [pid 5455] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5455] write(3, "1000", 4) = 4 [pid 5455] close(3) = 0 [pid 5455] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5455] memfd_create("syzkaller", 0) = 3 [pid 5455] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5455] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5455] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5455] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5455] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5455] close(3) = 0 [pid 5455] mkdir("./file0", 0777) = 0 [ 85.587831][ T5455] loop0: detected capacity change from 0 to 8192 [ 85.597021][ T5455] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.610345][ T5455] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.619775][ T5455] REISERFS (device loop0): using ordered data mode [ 85.626291][ T5455] reiserfs: using flush barriers [ 85.632093][ T5455] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.648342][ T5455] REISERFS (device loop0): checking transaction log (loop0) [pid 5455] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5455] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5455] chdir("./file0") = 0 [pid 5455] ioctl(4, LOOP_CLR_FD) = 0 [pid 5455] close(4) = 0 [pid 5455] creat("./bus", 000) = 4 [pid 5455] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5455] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5455] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5455] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5455] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5455] exit_group(0) = ? [pid 5455] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5455, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./194", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./194", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./194/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./194/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./194/binderfs") = 0 umount2("./194/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./194/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./194/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./194/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 85.681580][ T5455] REISERFS (device loop0): Using r5 hash to sort names [ 85.688715][ T5455] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./194/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./194/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./194") = 0 mkdir("./195", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5458 ./strace-static-x86_64: Process 5458 attached [pid 5458] chdir("./195") = 0 [pid 5458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5458] setpgid(0, 0) = 0 [pid 5458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5458] write(3, "1000", 4) = 4 [pid 5458] close(3) = 0 [pid 5458] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5458] memfd_create("syzkaller", 0) = 3 [pid 5458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5458] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5458] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5458] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5458] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5458] close(3) = 0 [pid 5458] mkdir("./file0", 0777) = 0 [ 85.784208][ T5458] loop0: detected capacity change from 0 to 8192 [ 85.793940][ T5458] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.807034][ T5458] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.816259][ T5458] REISERFS (device loop0): using ordered data mode [ 85.822827][ T5458] reiserfs: using flush barriers [ 85.828335][ T5458] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.844777][ T5458] REISERFS (device loop0): checking transaction log (loop0) [pid 5458] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5458] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5458] chdir("./file0") = 0 [pid 5458] ioctl(4, LOOP_CLR_FD) = 0 [pid 5458] close(4) = 0 [pid 5458] creat("./bus", 000) = 4 [pid 5458] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5458] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5458] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5458] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5458] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5458] exit_group(0) = ? [pid 5458] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5458, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./195", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./195", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./195/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./195/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./195/binderfs") = 0 [ 85.879316][ T5458] REISERFS (device loop0): Using r5 hash to sort names [ 85.886656][ T5458] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./195/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./195/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./195/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./195/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./195/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./195/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./195") = 0 mkdir("./196", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5461 ./strace-static-x86_64: Process 5461 attached [pid 5461] chdir("./196") = 0 [pid 5461] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5461] setpgid(0, 0) = 0 [pid 5461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5461] write(3, "1000", 4) = 4 [pid 5461] close(3) = 0 [pid 5461] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5461] memfd_create("syzkaller", 0) = 3 [pid 5461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5461] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5461] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5461] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5461] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5461] close(3) = 0 [pid 5461] mkdir("./file0", 0777) = 0 [ 85.997277][ T5461] loop0: detected capacity change from 0 to 8192 [ 86.007333][ T5461] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.020629][ T5461] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.029895][ T5461] REISERFS (device loop0): using ordered data mode [ 86.036417][ T5461] reiserfs: using flush barriers [ 86.042118][ T5461] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.058448][ T5461] REISERFS (device loop0): checking transaction log (loop0) [pid 5461] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5461] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5461] chdir("./file0") = 0 [pid 5461] ioctl(4, LOOP_CLR_FD) = 0 [pid 5461] close(4) = 0 [pid 5461] creat("./bus", 000) = 4 [pid 5461] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5461] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5461] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5461] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5461] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5461] exit_group(0) = ? [pid 5461] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5461, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./196", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./196", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./196/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./196/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./196/binderfs") = 0 [ 86.092093][ T5461] REISERFS (device loop0): Using r5 hash to sort names [ 86.099295][ T5461] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./196/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./196/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./196/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./196/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./196/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./196/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./196") = 0 mkdir("./197", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5464 attached , child_tidptr=0x555556cf25d0) = 5464 [pid 5464] chdir("./197") = 0 [pid 5464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5464] setpgid(0, 0) = 0 [pid 5464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5464] write(3, "1000", 4) = 4 [pid 5464] close(3) = 0 [pid 5464] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5464] memfd_create("syzkaller", 0) = 3 [pid 5464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5464] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5464] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5464] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5464] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5464] close(3) = 0 [pid 5464] mkdir("./file0", 0777) = 0 [ 86.214230][ T5464] loop0: detected capacity change from 0 to 8192 [ 86.223877][ T5464] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.236946][ T5464] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.246188][ T5464] REISERFS (device loop0): using ordered data mode [ 86.252750][ T5464] reiserfs: using flush barriers [ 86.258953][ T5464] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.275228][ T5464] REISERFS (device loop0): checking transaction log (loop0) [pid 5464] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5464] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5464] chdir("./file0") = 0 [pid 5464] ioctl(4, LOOP_CLR_FD) = 0 [pid 5464] close(4) = 0 [pid 5464] creat("./bus", 000) = 4 [pid 5464] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5464] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5464] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5464] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5464] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5464] exit_group(0) = ? [pid 5464] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5464, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./197", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./197", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./197/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./197/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./197/binderfs") = 0 [ 86.309497][ T5464] REISERFS (device loop0): Using r5 hash to sort names [ 86.316530][ T5464] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./197/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./197/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./197/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./197/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./197/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./197/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./197") = 0 mkdir("./198", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5467 ./strace-static-x86_64: Process 5467 attached [pid 5467] chdir("./198") = 0 [pid 5467] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5467] setpgid(0, 0) = 0 [pid 5467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5467] write(3, "1000", 4) = 4 [pid 5467] close(3) = 0 [pid 5467] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5467] memfd_create("syzkaller", 0) = 3 [pid 5467] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5467] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5467] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5467] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5467] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5467] close(3) = 0 [pid 5467] mkdir("./file0", 0777) = 0 [ 86.430744][ T5467] loop0: detected capacity change from 0 to 8192 [ 86.440354][ T5467] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.453456][ T5467] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.462746][ T5467] REISERFS (device loop0): using ordered data mode [ 86.469291][ T5467] reiserfs: using flush barriers [ 86.474916][ T5467] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.491351][ T5467] REISERFS (device loop0): checking transaction log (loop0) [pid 5467] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5467] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5467] chdir("./file0") = 0 [pid 5467] ioctl(4, LOOP_CLR_FD) = 0 [pid 5467] close(4) = 0 [pid 5467] creat("./bus", 000) = 4 [pid 5467] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5467] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5467] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5467] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5467] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5467] exit_group(0) = ? [pid 5467] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5467, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./198", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./198", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./198/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./198/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./198/binderfs") = 0 [ 86.522743][ T5467] REISERFS (device loop0): Using r5 hash to sort names [ 86.530286][ T5467] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./198/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./198/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./198/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./198/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./198/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./198/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./198") = 0 mkdir("./199", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5470 attached , child_tidptr=0x555556cf25d0) = 5470 [pid 5470] chdir("./199") = 0 [pid 5470] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5470] setpgid(0, 0) = 0 [pid 5470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5470] write(3, "1000", 4) = 4 [pid 5470] close(3) = 0 [pid 5470] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5470] memfd_create("syzkaller", 0) = 3 [pid 5470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5470] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5470] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5470] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5470] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5470] close(3) = 0 [pid 5470] mkdir("./file0", 0777) = 0 [ 86.650352][ T5470] loop0: detected capacity change from 0 to 8192 [ 86.660652][ T5470] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.673829][ T5470] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.683334][ T5470] REISERFS (device loop0): using ordered data mode [ 86.689888][ T5470] reiserfs: using flush barriers [ 86.695596][ T5470] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.712390][ T5470] REISERFS (device loop0): checking transaction log (loop0) [pid 5470] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5470] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5470] chdir("./file0") = 0 [pid 5470] ioctl(4, LOOP_CLR_FD) = 0 [pid 5470] close(4) = 0 [pid 5470] creat("./bus", 000) = 4 [pid 5470] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5470] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5470] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5470] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5470] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5470] exit_group(0) = ? [pid 5470] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5470, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./199", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./199", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./199/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./199/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./199/binderfs") = 0 [ 86.747876][ T5470] REISERFS (device loop0): Using r5 hash to sort names [ 86.755277][ T5470] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./199/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./199/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./199/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./199/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./199/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./199/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./199") = 0 mkdir("./200", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5472 ./strace-static-x86_64: Process 5472 attached [pid 5472] chdir("./200") = 0 [pid 5472] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5472] setpgid(0, 0) = 0 [pid 5472] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5472] write(3, "1000", 4) = 4 [pid 5472] close(3) = 0 [pid 5472] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5472] memfd_create("syzkaller", 0) = 3 [pid 5472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5472] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5472] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5472] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5472] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5472] close(3) = 0 [pid 5472] mkdir("./file0", 0777) = 0 [ 86.863051][ T5472] loop0: detected capacity change from 0 to 8192 [ 86.872252][ T5472] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.885413][ T5472] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.894999][ T5472] REISERFS (device loop0): using ordered data mode [ 86.901582][ T5472] reiserfs: using flush barriers [ 86.907239][ T5472] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.923783][ T5472] REISERFS (device loop0): checking transaction log (loop0) [pid 5472] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5472] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5472] chdir("./file0") = 0 [pid 5472] ioctl(4, LOOP_CLR_FD) = 0 [pid 5472] close(4) = 0 [pid 5472] creat("./bus", 000) = 4 [pid 5472] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5472] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5472] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5472] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5472] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5472] exit_group(0) = ? [pid 5472] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5472, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./200", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./200", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./200/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./200/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./200/binderfs") = 0 [ 86.955270][ T5472] REISERFS (device loop0): Using r5 hash to sort names [ 86.962575][ T5472] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./200/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./200/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./200/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./200/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./200/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./200/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./200") = 0 mkdir("./201", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5474 ./strace-static-x86_64: Process 5474 attached [pid 5474] chdir("./201") = 0 [pid 5474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5474] setpgid(0, 0) = 0 [pid 5474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5474] write(3, "1000", 4) = 4 [pid 5474] close(3) = 0 [pid 5474] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5474] memfd_create("syzkaller", 0) = 3 [pid 5474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5474] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5474] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5474] close(3) = 0 [pid 5474] mkdir("./file0", 0777) = 0 [ 87.066590][ T5474] loop0: detected capacity change from 0 to 8192 [ 87.076495][ T5474] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.089573][ T5474] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 87.098848][ T5474] REISERFS (device loop0): using ordered data mode [ 87.105375][ T5474] reiserfs: using flush barriers [ 87.111472][ T5474] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.128352][ T5474] REISERFS (device loop0): checking transaction log (loop0) [pid 5474] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5474] chdir("./file0") = 0 [pid 5474] ioctl(4, LOOP_CLR_FD) = 0 [pid 5474] close(4) = 0 [pid 5474] creat("./bus", 000) = 4 [pid 5474] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5474] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5474] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5474] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5474] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5474] exit_group(0) = ? [pid 5474] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5474, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./201", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./201", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./201/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./201/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./201/binderfs") = 0 [ 87.165164][ T5474] REISERFS (device loop0): Using r5 hash to sort names [ 87.172389][ T5474] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./201/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./201/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./201/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./201/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./201/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./201/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./201") = 0 mkdir("./202", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5476 ./strace-static-x86_64: Process 5476 attached [pid 5476] chdir("./202") = 0 [pid 5476] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5476] setpgid(0, 0) = 0 [pid 5476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5476] write(3, "1000", 4) = 4 [pid 5476] close(3) = 0 [pid 5476] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5476] memfd_create("syzkaller", 0) = 3 [pid 5476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5476] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5476] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5476] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5476] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5476] close(3) = 0 [pid 5476] mkdir("./file0", 0777) = 0 [ 87.279928][ T5476] loop0: detected capacity change from 0 to 8192 [ 87.289609][ T5476] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.302727][ T5476] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 87.312029][ T5476] REISERFS (device loop0): using ordered data mode [ 87.318562][ T5476] reiserfs: using flush barriers [ 87.324403][ T5476] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.341011][ T5476] REISERFS (device loop0): checking transaction log (loop0) [pid 5476] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5476] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5476] chdir("./file0") = 0 [pid 5476] ioctl(4, LOOP_CLR_FD) = 0 [pid 5476] close(4) = 0 [pid 5476] creat("./bus", 000) = 4 [pid 5476] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5476] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5476] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5476] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5476] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5476] exit_group(0) = ? [pid 5476] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5476, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./202", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./202", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./202/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./202/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./202/binderfs") = 0 [ 87.378091][ T5476] REISERFS (device loop0): Using r5 hash to sort names [ 87.385297][ T5476] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./202/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./202/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./202/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./202/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./202/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./202/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./202") = 0 mkdir("./203", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5478 ./strace-static-x86_64: Process 5478 attached [pid 5478] chdir("./203") = 0 [pid 5478] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5478] setpgid(0, 0) = 0 [pid 5478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5478] write(3, "1000", 4) = 4 [pid 5478] close(3) = 0 [pid 5478] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5478] memfd_create("syzkaller", 0) = 3 [pid 5478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5478] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5478] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5478] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5478] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5478] close(3) = 0 [pid 5478] mkdir("./file0", 0777) = 0 [ 87.510912][ T5478] loop0: detected capacity change from 0 to 8192 [ 87.520930][ T5478] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.533965][ T5478] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 87.543356][ T5478] REISERFS (device loop0): using ordered data mode [ 87.549896][ T5478] reiserfs: using flush barriers [ 87.555617][ T5478] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.572096][ T5478] REISERFS (device loop0): checking transaction log (loop0) [pid 5478] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5478] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5478] chdir("./file0") = 0 [pid 5478] ioctl(4, LOOP_CLR_FD) = 0 [pid 5478] close(4) = 0 [pid 5478] creat("./bus", 000) = 4 [pid 5478] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5478] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5478] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5478] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5478] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5478] exit_group(0) = ? [pid 5478] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5478, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./203", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./203", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./203/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./203/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./203/binderfs") = 0 umount2("./203/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./203/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./203/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./203/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./203/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 87.601738][ T5478] REISERFS (device loop0): Using r5 hash to sort names [ 87.608715][ T5478] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./203/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./203") = 0 mkdir("./204", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5480 ./strace-static-x86_64: Process 5480 attached [pid 5480] chdir("./204") = 0 [pid 5480] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5480] setpgid(0, 0) = 0 [pid 5480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5480] write(3, "1000", 4) = 4 [pid 5480] close(3) = 0 [pid 5480] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5480] memfd_create("syzkaller", 0) = 3 [pid 5480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5480] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5480] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5480] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5480] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5480] close(3) = 0 [pid 5480] mkdir("./file0", 0777) = 0 [ 87.702236][ T5480] loop0: detected capacity change from 0 to 8192 [ 87.711982][ T5480] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.725052][ T5480] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 87.734291][ T5480] REISERFS (device loop0): using ordered data mode [ 87.740923][ T5480] reiserfs: using flush barriers [ 87.746443][ T5480] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.762857][ T5480] REISERFS (device loop0): checking transaction log (loop0) [pid 5480] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5480] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5480] chdir("./file0") = 0 [pid 5480] ioctl(4, LOOP_CLR_FD) = 0 [pid 5480] close(4) = 0 [pid 5480] creat("./bus", 000) = 4 [pid 5480] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5480] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5480] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5480] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5480] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5480] exit_group(0) = ? [pid 5480] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5480, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./204", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./204", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./204/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./204/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./204/binderfs") = 0 umount2("./204/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 87.798626][ T5480] REISERFS (device loop0): Using r5 hash to sort names [ 87.805777][ T5480] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./204/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./204/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./204/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./204/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./204/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./204") = 0 mkdir("./205", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5482 ./strace-static-x86_64: Process 5482 attached [pid 5482] chdir("./205") = 0 [pid 5482] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5482] setpgid(0, 0) = 0 [pid 5482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5482] write(3, "1000", 4) = 4 [pid 5482] close(3) = 0 [pid 5482] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5482] memfd_create("syzkaller", 0) = 3 [pid 5482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5482] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5482] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5482] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5482] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5482] close(3) = 0 [pid 5482] mkdir("./file0", 0777) = 0 [ 87.907011][ T5482] loop0: detected capacity change from 0 to 8192 [ 87.915977][ T5482] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.930028][ T5482] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 87.939694][ T5482] REISERFS (device loop0): using ordered data mode [ 87.946233][ T5482] reiserfs: using flush barriers [ 87.952052][ T5482] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.968439][ T5482] REISERFS (device loop0): checking transaction log (loop0) [pid 5482] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5482] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5482] chdir("./file0") = 0 [pid 5482] ioctl(4, LOOP_CLR_FD) = 0 [pid 5482] close(4) = 0 [pid 5482] creat("./bus", 000) = 4 [pid 5482] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5482] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5482] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5482] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5482] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5482] exit_group(0) = ? [pid 5482] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5482, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./205", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./205", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./205/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./205/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./205/binderfs") = 0 [ 87.998550][ T5482] REISERFS (device loop0): Using r5 hash to sort names [ 88.005709][ T5482] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./205/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./205/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./205/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./205/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./205/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./205/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./205") = 0 mkdir("./206", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5484 attached [pid 5484] chdir("./206") = 0 [pid 5484] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5484] setpgid(0, 0) = 0 [pid 5484] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5484] write(3, "1000", 4) = 4 [pid 5484] close(3) = 0 [pid 5484] symlink("/dev/binderfs", "./binderfs" [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5484 [pid 5484] <... symlink resumed>) = 0 [pid 5484] memfd_create("syzkaller", 0) = 3 [pid 5484] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5484] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5484] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5484] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5484] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5484] close(3) = 0 [pid 5484] mkdir("./file0", 0777) = 0 [ 88.112939][ T5484] loop0: detected capacity change from 0 to 8192 [ 88.122343][ T5484] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.135630][ T5484] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.144943][ T5484] REISERFS (device loop0): using ordered data mode [ 88.151495][ T5484] reiserfs: using flush barriers [ 88.157094][ T5484] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.173550][ T5484] REISERFS (device loop0): checking transaction log (loop0) [ 88.202347][ T5484] REISERFS (device loop0): Using r5 hash to sort names [pid 5484] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5484] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5484] chdir("./file0") = 0 [pid 5484] ioctl(4, LOOP_CLR_FD) = 0 [pid 5484] close(4) = 0 [pid 5484] creat("./bus", 000) = 4 [pid 5484] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5484] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5484] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5484] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5484] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5484] exit_group(0) = ? [pid 5484] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5484, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./206", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./206", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./206/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./206/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./206/binderfs") = 0 [ 88.209512][ T5484] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./206/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./206/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./206/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./206/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./206/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./206/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./206") = 0 mkdir("./207", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5487 ./strace-static-x86_64: Process 5487 attached [pid 5487] chdir("./207") = 0 [pid 5487] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5487] setpgid(0, 0) = 0 [pid 5487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5487] write(3, "1000", 4) = 4 [pid 5487] close(3) = 0 [pid 5487] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5487] memfd_create("syzkaller", 0) = 3 [pid 5487] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5487] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5487] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5487] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5487] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5487] close(3) = 0 [pid 5487] mkdir("./file0", 0777) = 0 [ 88.310087][ T5487] loop0: detected capacity change from 0 to 8192 [ 88.319070][ T5487] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.332179][ T5487] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.341442][ T5487] REISERFS (device loop0): using ordered data mode [ 88.347945][ T5487] reiserfs: using flush barriers [ 88.353842][ T5487] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.370532][ T5487] REISERFS (device loop0): checking transaction log (loop0) [pid 5487] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5487] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5487] chdir("./file0") = 0 [pid 5487] ioctl(4, LOOP_CLR_FD) = 0 [pid 5487] close(4) = 0 [pid 5487] creat("./bus", 000) = 4 [pid 5487] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5487] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5487] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5487] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5487] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5487] exit_group(0) = ? [pid 5487] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5487, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./207", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./207", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./207/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./207/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./207/binderfs") = 0 umount2("./207/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./207/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./207/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./207/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./207/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 [ 88.405423][ T5487] REISERFS (device loop0): Using r5 hash to sort names [ 88.412502][ T5487] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./207/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./207") = 0 mkdir("./208", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5489 attached [pid 5489] chdir("./208") = 0 [pid 5489] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5489] setpgid(0, 0) = 0 [pid 5489] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5489 [pid 5489] <... openat resumed>) = 3 [pid 5489] write(3, "1000", 4) = 4 [pid 5489] close(3) = 0 [pid 5489] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5489] memfd_create("syzkaller", 0) = 3 [pid 5489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5489] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5489] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5489] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5489] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5489] close(3) = 0 [pid 5489] mkdir("./file0", 0777) = 0 [ 88.508493][ T5489] loop0: detected capacity change from 0 to 8192 [ 88.518939][ T5489] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.532067][ T5489] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.541354][ T5489] REISERFS (device loop0): using ordered data mode [ 88.547867][ T5489] reiserfs: using flush barriers [ 88.553689][ T5489] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.570155][ T5489] REISERFS (device loop0): checking transaction log (loop0) [pid 5489] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5489] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5489] chdir("./file0") = 0 [pid 5489] ioctl(4, LOOP_CLR_FD) = 0 [pid 5489] close(4) = 0 [pid 5489] creat("./bus", 000) = 4 [pid 5489] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5489] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5489] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5489] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5489] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5489] exit_group(0) = ? [pid 5489] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5489, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./208", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./208", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./208/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./208/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./208/binderfs") = 0 umount2("./208/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./208/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./208/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./208/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./208/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 88.600184][ T5489] REISERFS (device loop0): Using r5 hash to sort names [ 88.607308][ T5489] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./208/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./208") = 0 mkdir("./209", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5491 ./strace-static-x86_64: Process 5491 attached [pid 5491] chdir("./209") = 0 [pid 5491] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5491] setpgid(0, 0) = 0 [pid 5491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5491] write(3, "1000", 4) = 4 [pid 5491] close(3) = 0 [pid 5491] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5491] memfd_create("syzkaller", 0) = 3 [pid 5491] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5491] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5491] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5491] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5491] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5491] close(3) = 0 [pid 5491] mkdir("./file0", 0777) = 0 [ 88.708565][ T5491] loop0: detected capacity change from 0 to 8192 [ 88.717842][ T5491] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.730994][ T5491] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.740197][ T5491] REISERFS (device loop0): using ordered data mode [ 88.746711][ T5491] reiserfs: using flush barriers [ 88.752704][ T5491] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.769024][ T5491] REISERFS (device loop0): checking transaction log (loop0) [pid 5491] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5491] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5491] chdir("./file0") = 0 [pid 5491] ioctl(4, LOOP_CLR_FD) = 0 [pid 5491] close(4) = 0 [pid 5491] creat("./bus", 000) = 4 [pid 5491] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5491] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5491] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5491] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5491] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5491] exit_group(0) = ? [pid 5491] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5491, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./209", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./209", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./209/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./209/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./209/binderfs") = 0 umount2("./209/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./209/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./209/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./209/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./209/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 88.803983][ T5491] REISERFS (device loop0): Using r5 hash to sort names [ 88.811201][ T5491] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./209/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./209") = 0 mkdir("./210", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5493 attached , child_tidptr=0x555556cf25d0) = 5493 [pid 5493] chdir("./210") = 0 [pid 5493] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5493] setpgid(0, 0) = 0 [pid 5493] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5493] write(3, "1000", 4) = 4 [pid 5493] close(3) = 0 [pid 5493] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5493] memfd_create("syzkaller", 0) = 3 [pid 5493] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5493] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5493] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5493] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5493] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5493] close(3) = 0 [pid 5493] mkdir("./file0", 0777) = 0 [ 88.914902][ T5493] loop0: detected capacity change from 0 to 8192 [ 88.924270][ T5493] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.937486][ T5493] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.946806][ T5493] REISERFS (device loop0): using ordered data mode [ 88.953381][ T5493] reiserfs: using flush barriers [ 88.959170][ T5493] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.975573][ T5493] REISERFS (device loop0): checking transaction log (loop0) [pid 5493] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5493] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5493] chdir("./file0") = 0 [pid 5493] ioctl(4, LOOP_CLR_FD) = 0 [pid 5493] close(4) = 0 [pid 5493] creat("./bus", 000) = 4 [pid 5493] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5493] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5493] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5493] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5493] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5493] exit_group(0) = ? [pid 5493] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5493, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./210", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./210", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./210/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./210/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./210/binderfs") = 0 umount2("./210/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./210/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./210/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./210/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./210/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 89.012913][ T5493] REISERFS (device loop0): Using r5 hash to sort names [ 89.020051][ T5493] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./210/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./210") = 0 mkdir("./211", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5495 ./strace-static-x86_64: Process 5495 attached [pid 5495] chdir("./211") = 0 [pid 5495] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5495] setpgid(0, 0) = 0 [pid 5495] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5495] write(3, "1000", 4) = 4 [pid 5495] close(3) = 0 [pid 5495] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5495] memfd_create("syzkaller", 0) = 3 [pid 5495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5495] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5495] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5495] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5495] close(3) = 0 [pid 5495] mkdir("./file0", 0777) = 0 [ 89.116520][ T5495] loop0: detected capacity change from 0 to 8192 [ 89.125796][ T5495] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.139277][ T5495] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 89.148583][ T5495] REISERFS (device loop0): using ordered data mode [ 89.155163][ T5495] reiserfs: using flush barriers [ 89.160959][ T5495] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.177380][ T5495] REISERFS (device loop0): checking transaction log (loop0) [pid 5495] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5495] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5495] chdir("./file0") = 0 [pid 5495] ioctl(4, LOOP_CLR_FD) = 0 [pid 5495] close(4) = 0 [pid 5495] creat("./bus", 000) = 4 [pid 5495] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5495] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5495] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5495] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5495] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5495] exit_group(0) = ? [pid 5495] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5495, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./211", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./211", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./211/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./211/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./211/binderfs") = 0 [ 89.212792][ T5495] REISERFS (device loop0): Using r5 hash to sort names [ 89.220067][ T5495] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./211/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./211/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./211/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./211/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./211/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./211/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./211") = 0 mkdir("./212", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5497 ./strace-static-x86_64: Process 5497 attached [pid 5497] chdir("./212") = 0 [pid 5497] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5497] setpgid(0, 0) = 0 [pid 5497] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5497] write(3, "1000", 4) = 4 [pid 5497] close(3) = 0 [pid 5497] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5497] memfd_create("syzkaller", 0) = 3 [pid 5497] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5497] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5497] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5497] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5497] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5497] close(3) = 0 [pid 5497] mkdir("./file0", 0777) = 0 [ 89.334885][ T5497] loop0: detected capacity change from 0 to 8192 [ 89.344937][ T5497] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.358038][ T5497] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 89.367307][ T5497] REISERFS (device loop0): using ordered data mode [ 89.374051][ T5497] reiserfs: using flush barriers [ 89.379827][ T5497] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.396286][ T5497] REISERFS (device loop0): checking transaction log (loop0) [pid 5497] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5497] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5497] chdir("./file0") = 0 [pid 5497] ioctl(4, LOOP_CLR_FD) = 0 [pid 5497] close(4) = 0 [pid 5497] creat("./bus", 000) = 4 [pid 5497] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5497] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5497] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5497] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5497] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5497] exit_group(0) = ? [pid 5497] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5497, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./212", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./212", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./212/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./212/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./212/binderfs") = 0 [ 89.432743][ T5497] REISERFS (device loop0): Using r5 hash to sort names [ 89.439843][ T5497] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./212/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./212/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./212/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./212/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./212/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./212/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./212") = 0 mkdir("./213", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5499 ./strace-static-x86_64: Process 5499 attached [pid 5499] chdir("./213") = 0 [pid 5499] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5499] setpgid(0, 0) = 0 [pid 5499] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5499] write(3, "1000", 4) = 4 [pid 5499] close(3) = 0 [pid 5499] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5499] memfd_create("syzkaller", 0) = 3 [pid 5499] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5499] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5499] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5499] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5499] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5499] close(3) = 0 [pid 5499] mkdir("./file0", 0777) = 0 [ 89.551379][ T5499] loop0: detected capacity change from 0 to 8192 [ 89.561018][ T5499] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.574090][ T5499] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 89.583738][ T5499] REISERFS (device loop0): using ordered data mode [ 89.590368][ T5499] reiserfs: using flush barriers [ 89.596159][ T5499] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.612602][ T5499] REISERFS (device loop0): checking transaction log (loop0) [pid 5499] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5499] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5499] chdir("./file0") = 0 [pid 5499] ioctl(4, LOOP_CLR_FD) = 0 [pid 5499] close(4) = 0 [pid 5499] creat("./bus", 000) = 4 [pid 5499] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5499] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5499] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5499] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5499] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5499] exit_group(0) = ? [pid 5499] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5499, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./213", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./213", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./213/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./213/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./213/binderfs") = 0 [ 89.643400][ T5499] REISERFS (device loop0): Using r5 hash to sort names [ 89.650462][ T5499] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./213/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./213/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./213/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./213/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./213/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./213/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./213") = 0 mkdir("./214", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5501 ./strace-static-x86_64: Process 5501 attached [pid 5501] chdir("./214") = 0 [pid 5501] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5501] setpgid(0, 0) = 0 [pid 5501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5501] write(3, "1000", 4) = 4 [pid 5501] close(3) = 0 [pid 5501] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5501] memfd_create("syzkaller", 0) = 3 [pid 5501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5501] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5501] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5501] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5501] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5501] close(3) = 0 [pid 5501] mkdir("./file0", 0777) = 0 [ 89.763085][ T5501] loop0: detected capacity change from 0 to 8192 [ 89.773118][ T5501] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.786192][ T5501] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 89.795457][ T5501] REISERFS (device loop0): using ordered data mode [ 89.802044][ T5501] reiserfs: using flush barriers [ 89.808151][ T5501] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.824606][ T5501] REISERFS (device loop0): checking transaction log (loop0) [pid 5501] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5501] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5501] chdir("./file0") = 0 [pid 5501] ioctl(4, LOOP_CLR_FD) = 0 [pid 5501] close(4) = 0 [pid 5501] creat("./bus", 000) = 4 [pid 5501] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5501] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5501] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5501] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5501] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5501] exit_group(0) = ? [pid 5501] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5501, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./214", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./214", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./214/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./214/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./214/binderfs") = 0 [ 89.861676][ T5501] REISERFS (device loop0): Using r5 hash to sort names [ 89.869198][ T5501] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./214/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./214/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./214/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./214/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./214/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./214/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./214") = 0 mkdir("./215", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5503 ./strace-static-x86_64: Process 5503 attached [pid 5503] chdir("./215") = 0 [pid 5503] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5503] setpgid(0, 0) = 0 [pid 5503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5503] write(3, "1000", 4) = 4 [pid 5503] close(3) = 0 [pid 5503] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5503] memfd_create("syzkaller", 0) = 3 [pid 5503] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5503] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5503] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5503] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5503] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5503] close(3) = 0 [pid 5503] mkdir("./file0", 0777) = 0 [ 89.990194][ T5503] loop0: detected capacity change from 0 to 8192 [ 89.999955][ T5503] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.013024][ T5503] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.022329][ T5503] REISERFS (device loop0): using ordered data mode [ 90.029118][ T5503] reiserfs: using flush barriers [ 90.035059][ T5503] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.051523][ T5503] REISERFS (device loop0): checking transaction log (loop0) [pid 5503] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5503] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5503] chdir("./file0") = 0 [pid 5503] ioctl(4, LOOP_CLR_FD) = 0 [pid 5503] close(4) = 0 [pid 5503] creat("./bus", 000) = 4 [pid 5503] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5503] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5503] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5503] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5503] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5503] exit_group(0) = ? [pid 5503] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5503, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./215", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./215", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./215/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./215/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./215/binderfs") = 0 [ 90.088862][ T5503] REISERFS (device loop0): Using r5 hash to sort names [ 90.095903][ T5503] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./215/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./215/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./215/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./215/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./215/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./215/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./215") = 0 mkdir("./216", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5505 ./strace-static-x86_64: Process 5505 attached [pid 5505] chdir("./216") = 0 [pid 5505] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5505] setpgid(0, 0) = 0 [pid 5505] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5505] write(3, "1000", 4) = 4 [pid 5505] close(3) = 0 [pid 5505] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5505] memfd_create("syzkaller", 0) = 3 [pid 5505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5505] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5505] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5505] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5505] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5505] close(3) = 0 [pid 5505] mkdir("./file0", 0777) = 0 [ 90.216520][ T5505] loop0: detected capacity change from 0 to 8192 [ 90.226301][ T5505] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.239476][ T5505] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.248828][ T5505] REISERFS (device loop0): using ordered data mode [ 90.255336][ T5505] reiserfs: using flush barriers [ 90.261107][ T5505] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.277649][ T5505] REISERFS (device loop0): checking transaction log (loop0) [pid 5505] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5505] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5505] chdir("./file0") = 0 [pid 5505] ioctl(4, LOOP_CLR_FD) = 0 [pid 5505] close(4) = 0 [pid 5505] creat("./bus", 000) = 4 [pid 5505] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5505] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5505] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5505] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5505] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5505] exit_group(0) = ? [pid 5505] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5505, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./216", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./216", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./216/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./216/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./216/binderfs") = 0 [ 90.314289][ T5505] REISERFS (device loop0): Using r5 hash to sort names [ 90.321594][ T5505] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./216/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./216/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./216/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./216/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./216/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./216/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./216") = 0 mkdir("./217", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5507 ./strace-static-x86_64: Process 5507 attached [pid 5507] chdir("./217") = 0 [pid 5507] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5507] setpgid(0, 0) = 0 [pid 5507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5507] write(3, "1000", 4) = 4 [pid 5507] close(3) = 0 [pid 5507] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5507] memfd_create("syzkaller", 0) = 3 [pid 5507] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5507] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5507] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5507] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5507] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5507] close(3) = 0 [pid 5507] mkdir("./file0", 0777) = 0 [ 90.430129][ T5507] loop0: detected capacity change from 0 to 8192 [ 90.439228][ T5507] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.452345][ T5507] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.461693][ T5507] REISERFS (device loop0): using ordered data mode [ 90.468219][ T5507] reiserfs: using flush barriers [ 90.474168][ T5507] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.490498][ T5507] REISERFS (device loop0): checking transaction log (loop0) [pid 5507] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5507] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5507] chdir("./file0") = 0 [pid 5507] ioctl(4, LOOP_CLR_FD) = 0 [pid 5507] close(4) = 0 [pid 5507] creat("./bus", 000) = 4 [pid 5507] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5507] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5507] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5507] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5507] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5507] exit_group(0) = ? [pid 5507] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5507, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./217", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./217", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./217/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./217/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./217/binderfs") = 0 [ 90.521022][ T5507] REISERFS (device loop0): Using r5 hash to sort names [ 90.528086][ T5507] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./217/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./217/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./217/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./217/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./217/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./217/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./217") = 0 mkdir("./218", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5509 ./strace-static-x86_64: Process 5509 attached [pid 5509] chdir("./218") = 0 [pid 5509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5509] setpgid(0, 0) = 0 [pid 5509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5509] write(3, "1000", 4) = 4 [pid 5509] close(3) = 0 [pid 5509] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5509] memfd_create("syzkaller", 0) = 3 [pid 5509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5509] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5509] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5509] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5509] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5509] close(3) = 0 [pid 5509] mkdir("./file0", 0777) = 0 [ 90.636694][ T5509] loop0: detected capacity change from 0 to 8192 [ 90.646137][ T5509] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.659233][ T5509] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.668433][ T5509] REISERFS (device loop0): using ordered data mode [ 90.675054][ T5509] reiserfs: using flush barriers [ 90.680794][ T5509] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.697368][ T5509] REISERFS (device loop0): checking transaction log (loop0) [pid 5509] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5509] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5509] chdir("./file0") = 0 [pid 5509] ioctl(4, LOOP_CLR_FD) = 0 [pid 5509] close(4) = 0 [pid 5509] creat("./bus", 000) = 4 [pid 5509] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5509] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5509] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5509] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5509] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5509] exit_group(0) = ? [pid 5509] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5509, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./218", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./218", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./218/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./218/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./218/binderfs") = 0 [ 90.727425][ T5509] REISERFS (device loop0): Using r5 hash to sort names [ 90.734510][ T5509] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./218/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./218/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./218/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./218/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./218/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./218/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./218") = 0 mkdir("./219", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5511 ./strace-static-x86_64: Process 5511 attached [pid 5511] chdir("./219") = 0 [pid 5511] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5511] setpgid(0, 0) = 0 [pid 5511] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5511] write(3, "1000", 4) = 4 [pid 5511] close(3) = 0 [pid 5511] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5511] memfd_create("syzkaller", 0) = 3 [pid 5511] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5511] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5511] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5511] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5511] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5511] close(3) = 0 [pid 5511] mkdir("./file0", 0777) = 0 [ 90.841695][ T5511] loop0: detected capacity change from 0 to 8192 [ 90.851016][ T5511] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.864212][ T5511] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.873594][ T5511] REISERFS (device loop0): using ordered data mode [ 90.880340][ T5511] reiserfs: using flush barriers [ 90.886232][ T5511] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.902694][ T5511] REISERFS (device loop0): checking transaction log (loop0) [pid 5511] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5511] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5511] chdir("./file0") = 0 [pid 5511] ioctl(4, LOOP_CLR_FD) = 0 [pid 5511] close(4) = 0 [pid 5511] creat("./bus", 000) = 4 [pid 5511] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5511] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5511] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5511] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5511] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5511] exit_group(0) = ? [pid 5511] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5511, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./219", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./219", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./219/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./219/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./219/binderfs") = 0 [ 90.938184][ T5511] REISERFS (device loop0): Using r5 hash to sort names [ 90.945351][ T5511] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./219/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./219/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./219/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./219/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./219/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./219/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./219") = 0 mkdir("./220", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5513 ./strace-static-x86_64: Process 5513 attached [pid 5513] chdir("./220") = 0 [pid 5513] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5513] setpgid(0, 0) = 0 [pid 5513] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5513] write(3, "1000", 4) = 4 [pid 5513] close(3) = 0 [pid 5513] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5513] memfd_create("syzkaller", 0) = 3 [pid 5513] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5513] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5513] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5513] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5513] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5513] close(3) = 0 [pid 5513] mkdir("./file0", 0777) = 0 [ 91.060078][ T5513] loop0: detected capacity change from 0 to 8192 [ 91.069587][ T5513] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.082748][ T5513] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.092026][ T5513] REISERFS (device loop0): using ordered data mode [ 91.098565][ T5513] reiserfs: using flush barriers [ 91.104609][ T5513] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.121087][ T5513] REISERFS (device loop0): checking transaction log (loop0) [pid 5513] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5513] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5513] chdir("./file0") = 0 [pid 5513] ioctl(4, LOOP_CLR_FD) = 0 [pid 5513] close(4) = 0 [pid 5513] creat("./bus", 000) = 4 [pid 5513] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5513] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5513] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5513] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5513] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5513] exit_group(0) = ? [pid 5513] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5513, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./220", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./220", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./220/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./220/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./220/binderfs") = 0 [ 91.156377][ T5513] REISERFS (device loop0): Using r5 hash to sort names [ 91.163546][ T5513] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./220/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./220/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./220/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./220/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./220/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./220/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./220") = 0 mkdir("./221", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5515 ./strace-static-x86_64: Process 5515 attached [pid 5515] chdir("./221") = 0 [pid 5515] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5515] setpgid(0, 0) = 0 [pid 5515] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5515] write(3, "1000", 4) = 4 [pid 5515] close(3) = 0 [pid 5515] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5515] memfd_create("syzkaller", 0) = 3 [pid 5515] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5515] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5515] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5515] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5515] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5515] close(3) = 0 [pid 5515] mkdir("./file0", 0777) = 0 [ 91.282686][ T5515] loop0: detected capacity change from 0 to 8192 [ 91.291930][ T5515] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.304990][ T5515] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.314228][ T5515] REISERFS (device loop0): using ordered data mode [ 91.320800][ T5515] reiserfs: using flush barriers [ 91.326702][ T5515] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.343105][ T5515] REISERFS (device loop0): checking transaction log (loop0) [pid 5515] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5515] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5515] chdir("./file0") = 0 [pid 5515] ioctl(4, LOOP_CLR_FD) = 0 [pid 5515] close(4) = 0 [pid 5515] creat("./bus", 000) = 4 [pid 5515] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5515] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5515] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5515] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5515] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5515] exit_group(0) = ? [pid 5515] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5515, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./221", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./221", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./221/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./221/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./221/binderfs") = 0 umount2("./221/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./221/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./221/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./221/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./221/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./221/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./221") = 0 mkdir("./222", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 91.377494][ T5515] REISERFS (device loop0): Using r5 hash to sort names [ 91.384878][ T5515] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5517 ./strace-static-x86_64: Process 5517 attached [pid 5517] chdir("./222") = 0 [pid 5517] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5517] setpgid(0, 0) = 0 [pid 5517] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5517] write(3, "1000", 4) = 4 [pid 5517] close(3) = 0 [pid 5517] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5517] memfd_create("syzkaller", 0) = 3 [pid 5517] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5517] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5517] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5517] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5517] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5517] close(3) = 0 [pid 5517] mkdir("./file0", 0777) = 0 [ 91.479142][ T5517] loop0: detected capacity change from 0 to 8192 [ 91.498451][ T5517] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.511782][ T5517] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.521319][ T5517] REISERFS (device loop0): using ordered data mode [ 91.527848][ T5517] reiserfs: using flush barriers [ 91.533889][ T5517] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.550426][ T5517] REISERFS (device loop0): checking transaction log (loop0) [pid 5517] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5517] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5517] chdir("./file0") = 0 [pid 5517] ioctl(4, LOOP_CLR_FD) = 0 [pid 5517] close(4) = 0 [pid 5517] creat("./bus", 000) = 4 [pid 5517] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5517] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5517] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5517] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5517] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5517] exit_group(0) = ? [pid 5517] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5517, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./222", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./222", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./222/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./222/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./222/binderfs") = 0 umount2("./222/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./222/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./222/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./222/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./222/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 [ 91.584878][ T5517] REISERFS (device loop0): Using r5 hash to sort names [ 91.591979][ T5517] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./222/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./222") = 0 mkdir("./223", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5519 ./strace-static-x86_64: Process 5519 attached [pid 5519] chdir("./223") = 0 [pid 5519] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5519] setpgid(0, 0) = 0 [pid 5519] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5519] write(3, "1000", 4) = 4 [pid 5519] close(3) = 0 [pid 5519] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5519] memfd_create("syzkaller", 0) = 3 [pid 5519] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5519] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5519] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5519] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5519] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5519] close(3) = 0 [pid 5519] mkdir("./file0", 0777) = 0 [ 91.690270][ T5519] loop0: detected capacity change from 0 to 8192 [ 91.700002][ T5519] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.713240][ T5519] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.722584][ T5519] REISERFS (device loop0): using ordered data mode [ 91.729159][ T5519] reiserfs: using flush barriers [ 91.734746][ T5519] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.751288][ T5519] REISERFS (device loop0): checking transaction log (loop0) [pid 5519] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5519] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5519] chdir("./file0") = 0 [pid 5519] ioctl(4, LOOP_CLR_FD) = 0 [pid 5519] close(4) = 0 [pid 5519] creat("./bus", 000) = 4 [pid 5519] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5519] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5519] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5519] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5519] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5519] exit_group(0) = ? [pid 5519] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5519, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./223", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./223", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./223/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./223/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./223/binderfs") = 0 [ 91.786368][ T5519] REISERFS (device loop0): Using r5 hash to sort names [ 91.793481][ T5519] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./223/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./223/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./223/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./223/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./223/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./223/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./223") = 0 mkdir("./224", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5521 ./strace-static-x86_64: Process 5521 attached [pid 5521] chdir("./224") = 0 [pid 5521] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5521] setpgid(0, 0) = 0 [pid 5521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5521] write(3, "1000", 4) = 4 [pid 5521] close(3) = 0 [pid 5521] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5521] memfd_create("syzkaller", 0) = 3 [pid 5521] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5521] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5521] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5521] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5521] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5521] close(3) = 0 [pid 5521] mkdir("./file0", 0777) = 0 [ 91.899539][ T5521] loop0: detected capacity change from 0 to 8192 [ 91.908364][ T5521] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.921494][ T5521] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.930723][ T5521] REISERFS (device loop0): using ordered data mode [ 91.937239][ T5521] reiserfs: using flush barriers [ 91.942956][ T5521] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.959359][ T5521] REISERFS (device loop0): checking transaction log (loop0) [ 91.989337][ T5521] REISERFS (device loop0): Using r5 hash to sort names [pid 5521] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5521] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5521] chdir("./file0") = 0 [pid 5521] ioctl(4, LOOP_CLR_FD) = 0 [pid 5521] close(4) = 0 [pid 5521] creat("./bus", 000) = 4 [pid 5521] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5521] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5521] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5521] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5521] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5521] exit_group(0) = ? [pid 5521] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5521, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./224", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./224", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./224/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./224/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./224/binderfs") = 0 umount2("./224/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./224/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./224/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./224/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./224/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./224/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./224") = 0 mkdir("./225", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5523 ./strace-static-x86_64: Process 5523 attached [pid 5523] chdir("./225") = 0 [pid 5523] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5523] setpgid(0, 0) = 0 [ 91.996470][ T5521] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5523] write(3, "1000", 4) = 4 [pid 5523] close(3) = 0 [pid 5523] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5523] memfd_create("syzkaller", 0) = 3 [pid 5523] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5523] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5523] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5523] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5523] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5523] close(3) = 0 [pid 5523] mkdir("./file0", 0777) = 0 [ 92.091788][ T5523] loop0: detected capacity change from 0 to 8192 [ 92.101528][ T5523] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.114832][ T5523] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.124461][ T5523] REISERFS (device loop0): using ordered data mode [ 92.131059][ T5523] reiserfs: using flush barriers [ 92.136743][ T5523] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.153123][ T5523] REISERFS (device loop0): checking transaction log (loop0) [pid 5523] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5523] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5523] chdir("./file0") = 0 [pid 5523] ioctl(4, LOOP_CLR_FD) = 0 [pid 5523] close(4) = 0 [pid 5523] creat("./bus", 000) = 4 [pid 5523] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5523] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5523] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5523] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5523] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5523] exit_group(0) = ? [pid 5523] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5523, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./225", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./225/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./225/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./225/binderfs") = 0 umount2("./225/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./225/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./225/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./225/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./225/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 92.186685][ T5523] REISERFS (device loop0): Using r5 hash to sort names [ 92.194046][ T5523] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./225/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./225") = 0 mkdir("./226", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5525 ./strace-static-x86_64: Process 5525 attached [pid 5525] chdir("./226") = 0 [pid 5525] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5525] setpgid(0, 0) = 0 [pid 5525] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5525] write(3, "1000", 4) = 4 [pid 5525] close(3) = 0 [pid 5525] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5525] memfd_create("syzkaller", 0) = 3 [pid 5525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5525] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5525] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5525] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5525] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5525] close(3) = 0 [pid 5525] mkdir("./file0", 0777) = 0 [ 92.287162][ T5525] loop0: detected capacity change from 0 to 8192 [ 92.296471][ T5525] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.309711][ T5525] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.318972][ T5525] REISERFS (device loop0): using ordered data mode [ 92.325478][ T5525] reiserfs: using flush barriers [ 92.331231][ T5525] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.347698][ T5525] REISERFS (device loop0): checking transaction log (loop0) [pid 5525] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5525] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5525] chdir("./file0") = 0 [pid 5525] ioctl(4, LOOP_CLR_FD) = 0 [pid 5525] close(4) = 0 [pid 5525] creat("./bus", 000) = 4 [pid 5525] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5525] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5525] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5525] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5525] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5525] exit_group(0) = ? [pid 5525] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5525, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./226", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./226/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./226/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./226/binderfs") = 0 [ 92.377495][ T5525] REISERFS (device loop0): Using r5 hash to sort names [ 92.384642][ T5525] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./226/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./226/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./226/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./226/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./226/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./226/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./226") = 0 mkdir("./227", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5527 ./strace-static-x86_64: Process 5527 attached [pid 5527] chdir("./227") = 0 [pid 5527] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5527] setpgid(0, 0) = 0 [pid 5527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5527] write(3, "1000", 4) = 4 [pid 5527] close(3) = 0 [pid 5527] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5527] memfd_create("syzkaller", 0) = 3 [pid 5527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5527] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5527] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5527] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5527] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5527] close(3) = 0 [pid 5527] mkdir("./file0", 0777) = 0 [ 92.486364][ T5527] loop0: detected capacity change from 0 to 8192 [ 92.496246][ T5527] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.509463][ T5527] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.518650][ T5527] REISERFS (device loop0): using ordered data mode [ 92.525253][ T5527] reiserfs: using flush barriers [ 92.530925][ T5527] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.547330][ T5527] REISERFS (device loop0): checking transaction log (loop0) [pid 5527] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5527] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5527] chdir("./file0") = 0 [pid 5527] ioctl(4, LOOP_CLR_FD) = 0 [pid 5527] close(4) = 0 [pid 5527] creat("./bus", 000) = 4 [pid 5527] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5527] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5527] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5527] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5527] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5527] exit_group(0) = ? [pid 5527] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5527, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./227", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./227/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./227/binderfs") = 0 umount2("./227/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./227/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./227/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./227/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./227/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 92.581566][ T5527] REISERFS (device loop0): Using r5 hash to sort names [ 92.588957][ T5527] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./227/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./227") = 0 mkdir("./228", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5529 ./strace-static-x86_64: Process 5529 attached [pid 5529] chdir("./228") = 0 [pid 5529] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5529] setpgid(0, 0) = 0 [pid 5529] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5529] write(3, "1000", 4) = 4 [pid 5529] close(3) = 0 [pid 5529] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5529] memfd_create("syzkaller", 0) = 3 [pid 5529] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5529] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5529] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5529] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5529] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5529] close(3) = 0 [pid 5529] mkdir("./file0", 0777) = 0 [ 92.687042][ T5529] loop0: detected capacity change from 0 to 8192 [ 92.696486][ T5529] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.709821][ T5529] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.719100][ T5529] REISERFS (device loop0): using ordered data mode [ 92.725597][ T5529] reiserfs: using flush barriers [ 92.731537][ T5529] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.747832][ T5529] REISERFS (device loop0): checking transaction log (loop0) [pid 5529] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5529] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5529] chdir("./file0") = 0 [pid 5529] ioctl(4, LOOP_CLR_FD) = 0 [pid 5529] close(4) = 0 [pid 5529] creat("./bus", 000) = 4 [pid 5529] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5529] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5529] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5529] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5529] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5529] exit_group(0) = ? [pid 5529] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5529, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./228", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./228/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./228/binderfs") = 0 umount2("./228/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./228/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./228/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./228/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./228/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./228/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 92.782028][ T5529] REISERFS (device loop0): Using r5 hash to sort names [ 92.789162][ T5529] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./228") = 0 mkdir("./229", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5531 ./strace-static-x86_64: Process 5531 attached [pid 5531] chdir("./229") = 0 [pid 5531] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5531] setpgid(0, 0) = 0 [pid 5531] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5531] write(3, "1000", 4) = 4 [pid 5531] close(3) = 0 [pid 5531] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5531] memfd_create("syzkaller", 0) = 3 [pid 5531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5531] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5531] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5531] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5531] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5531] close(3) = 0 [pid 5531] mkdir("./file0", 0777) = 0 [ 92.888437][ T5531] loop0: detected capacity change from 0 to 8192 [ 92.897681][ T5531] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.910951][ T5531] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.920469][ T5531] REISERFS (device loop0): using ordered data mode [ 92.926979][ T5531] reiserfs: using flush barriers [ 92.932929][ T5531] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.949230][ T5531] REISERFS (device loop0): checking transaction log (loop0) [pid 5531] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5531] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5531] chdir("./file0") = 0 [pid 5531] ioctl(4, LOOP_CLR_FD) = 0 [pid 5531] close(4) = 0 [pid 5531] creat("./bus", 000) = 4 [pid 5531] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5531] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5531] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5531] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5531] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5531] exit_group(0) = ? [pid 5531] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5531, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./229", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./229/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./229/binderfs") = 0 [ 92.983664][ T5531] REISERFS (device loop0): Using r5 hash to sort names [ 92.990774][ T5531] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./229/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./229/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./229/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./229/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./229/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./229/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./229") = 0 mkdir("./230", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5533 ./strace-static-x86_64: Process 5533 attached [pid 5533] chdir("./230") = 0 [pid 5533] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5533] setpgid(0, 0) = 0 [pid 5533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5533] write(3, "1000", 4) = 4 [pid 5533] close(3) = 0 [pid 5533] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5533] memfd_create("syzkaller", 0) = 3 [pid 5533] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5533] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5533] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5533] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5533] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5533] close(3) = 0 [pid 5533] mkdir("./file0", 0777) = 0 [ 93.090387][ T5533] loop0: detected capacity change from 0 to 8192 [ 93.099272][ T5533] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.112359][ T5533] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.121619][ T5533] REISERFS (device loop0): using ordered data mode [ 93.128219][ T5533] reiserfs: using flush barriers [ 93.133896][ T5533] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.150398][ T5533] REISERFS (device loop0): checking transaction log (loop0) [pid 5533] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5533] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5533] chdir("./file0") = 0 [pid 5533] ioctl(4, LOOP_CLR_FD) = 0 [pid 5533] close(4) = 0 [pid 5533] creat("./bus", 000) = 4 [pid 5533] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5533] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5533] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5533] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5533] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5533] exit_group(0) = ? [pid 5533] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5533, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./230", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./230/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./230/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./230/binderfs") = 0 [ 93.184876][ T5533] REISERFS (device loop0): Using r5 hash to sort names [ 93.191977][ T5533] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./230/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./230/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./230/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./230/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./230/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./230/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./230") = 0 mkdir("./231", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5535 ./strace-static-x86_64: Process 5535 attached [pid 5535] chdir("./231") = 0 [pid 5535] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5535] setpgid(0, 0) = 0 [pid 5535] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5535] write(3, "1000", 4) = 4 [pid 5535] close(3) = 0 [pid 5535] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5535] memfd_create("syzkaller", 0) = 3 [pid 5535] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5535] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5535] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5535] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5535] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5535] close(3) = 0 [pid 5535] mkdir("./file0", 0777) = 0 [ 93.291811][ T5535] loop0: detected capacity change from 0 to 8192 [ 93.300586][ T5535] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.313615][ T5535] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.322961][ T5535] REISERFS (device loop0): using ordered data mode [ 93.329489][ T5535] reiserfs: using flush barriers [ 93.335019][ T5535] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.351414][ T5535] REISERFS (device loop0): checking transaction log (loop0) [ 93.380179][ T5535] REISERFS (device loop0): Using r5 hash to sort names [pid 5535] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5535] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5535] chdir("./file0") = 0 [pid 5535] ioctl(4, LOOP_CLR_FD) = 0 [pid 5535] close(4) = 0 [pid 5535] creat("./bus", 000) = 4 [pid 5535] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5535] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5535] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5535] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5535] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5535] exit_group(0) = ? [pid 5535] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5535, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./231", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./231/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./231/binderfs") = 0 [ 93.387229][ T5535] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./231/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./231/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./231/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./231/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./231/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./231/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./231") = 0 mkdir("./232", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5537 ./strace-static-x86_64: Process 5537 attached [pid 5537] chdir("./232") = 0 [pid 5537] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5537] setpgid(0, 0) = 0 [pid 5537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5537] write(3, "1000", 4) = 4 [pid 5537] close(3) = 0 [pid 5537] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5537] memfd_create("syzkaller", 0) = 3 [pid 5537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5537] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5537] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5537] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5537] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5537] close(3) = 0 [pid 5537] mkdir("./file0", 0777) = 0 [ 93.485642][ T5537] loop0: detected capacity change from 0 to 8192 [ 93.495337][ T5537] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.508665][ T5537] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.518042][ T5537] REISERFS (device loop0): using ordered data mode [ 93.524613][ T5537] reiserfs: using flush barriers [ 93.530579][ T5537] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.547704][ T5537] REISERFS (device loop0): checking transaction log (loop0) [pid 5537] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5537] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5537] chdir("./file0") = 0 [pid 5537] ioctl(4, LOOP_CLR_FD) = 0 [pid 5537] close(4) = 0 [pid 5537] creat("./bus", 000) = 4 [pid 5537] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5537] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5537] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5537] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5537] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5537] exit_group(0) = ? [pid 5537] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5537, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./232", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./232/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./232/binderfs") = 0 [ 93.582752][ T5537] REISERFS (device loop0): Using r5 hash to sort names [ 93.589978][ T5537] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./232/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./232/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./232/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./232/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./232/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./232/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./232") = 0 mkdir("./233", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5539 ./strace-static-x86_64: Process 5539 attached [pid 5539] chdir("./233") = 0 [pid 5539] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5539] setpgid(0, 0) = 0 [pid 5539] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5539] write(3, "1000", 4) = 4 [pid 5539] close(3) = 0 [pid 5539] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5539] memfd_create("syzkaller", 0) = 3 [pid 5539] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5539] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5539] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5539] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5539] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5539] close(3) = 0 [pid 5539] mkdir("./file0", 0777) = 0 [ 93.693434][ T5539] loop0: detected capacity change from 0 to 8192 [ 93.703122][ T5539] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.716716][ T5539] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.725973][ T5539] REISERFS (device loop0): using ordered data mode [ 93.732516][ T5539] reiserfs: using flush barriers [ 93.738189][ T5539] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.754771][ T5539] REISERFS (device loop0): checking transaction log (loop0) [pid 5539] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5539] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5539] chdir("./file0") = 0 [pid 5539] ioctl(4, LOOP_CLR_FD) = 0 [pid 5539] close(4) = 0 [pid 5539] creat("./bus", 000) = 4 [pid 5539] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5539] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5539] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5539] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5539] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5539] exit_group(0) = ? [pid 5539] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5539, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./233", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./233/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./233/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./233/binderfs") = 0 umount2("./233/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 93.789544][ T5539] REISERFS (device loop0): Using r5 hash to sort names [ 93.796691][ T5539] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./233/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./233/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./233/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./233/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./233/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./233") = 0 mkdir("./234", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5541 ./strace-static-x86_64: Process 5541 attached [pid 5541] chdir("./234") = 0 [pid 5541] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5541] setpgid(0, 0) = 0 [pid 5541] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5541] write(3, "1000", 4) = 4 [pid 5541] close(3) = 0 [pid 5541] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5541] memfd_create("syzkaller", 0) = 3 [pid 5541] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5541] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5541] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5541] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5541] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5541] close(3) = 0 [pid 5541] mkdir("./file0", 0777) = 0 [ 93.892649][ T5541] loop0: detected capacity change from 0 to 8192 [ 93.902196][ T5541] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.915240][ T5541] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.924525][ T5541] REISERFS (device loop0): using ordered data mode [ 93.931062][ T5541] reiserfs: using flush barriers [ 93.936698][ T5541] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.953196][ T5541] REISERFS (device loop0): checking transaction log (loop0) [pid 5541] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5541] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5541] chdir("./file0") = 0 [pid 5541] ioctl(4, LOOP_CLR_FD) = 0 [pid 5541] close(4) = 0 [pid 5541] creat("./bus", 000) = 4 [pid 5541] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5541] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5541] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5541] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5541] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5541] exit_group(0) = ? [pid 5541] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5541, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./234", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./234/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./234/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./234/binderfs") = 0 [ 93.986961][ T5541] REISERFS (device loop0): Using r5 hash to sort names [ 93.994093][ T5541] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./234/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./234/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./234/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./234/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./234/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./234/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./234") = 0 mkdir("./235", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5543 ./strace-static-x86_64: Process 5543 attached [pid 5543] chdir("./235") = 0 [pid 5543] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5543] setpgid(0, 0) = 0 [pid 5543] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5543] write(3, "1000", 4) = 4 [pid 5543] close(3) = 0 [pid 5543] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5543] memfd_create("syzkaller", 0) = 3 [pid 5543] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5543] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5543] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5543] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5543] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5543] close(3) = 0 [pid 5543] mkdir("./file0", 0777) = 0 [ 94.089662][ T5543] loop0: detected capacity change from 0 to 8192 [ 94.099116][ T5543] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.112193][ T5543] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 94.121499][ T5543] REISERFS (device loop0): using ordered data mode [ 94.128002][ T5543] reiserfs: using flush barriers [ 94.133792][ T5543] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.150169][ T5543] REISERFS (device loop0): checking transaction log (loop0) [pid 5543] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5543] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5543] chdir("./file0") = 0 [pid 5543] ioctl(4, LOOP_CLR_FD) = 0 [pid 5543] close(4) = 0 [pid 5543] creat("./bus", 000) = 4 [pid 5543] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5543] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5543] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5543] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5543] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5543] exit_group(0) = ? [pid 5543] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5543, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./235", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./235/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./235/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./235/binderfs") = 0 [ 94.180117][ T5543] REISERFS (device loop0): Using r5 hash to sort names [ 94.187316][ T5543] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./235/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./235/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./235/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./235/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./235/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./235/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./235") = 0 mkdir("./236", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5545 ./strace-static-x86_64: Process 5545 attached [pid 5545] chdir("./236") = 0 [pid 5545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5545] setpgid(0, 0) = 0 [pid 5545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5545] write(3, "1000", 4) = 4 [pid 5545] close(3) = 0 [pid 5545] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5545] memfd_create("syzkaller", 0) = 3 [pid 5545] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5545] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5545] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5545] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5545] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5545] close(3) = 0 [pid 5545] mkdir("./file0", 0777) = 0 [ 94.282616][ T5545] loop0: detected capacity change from 0 to 8192 [ 94.292436][ T5545] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.305546][ T5545] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 94.314773][ T5545] REISERFS (device loop0): using ordered data mode [ 94.321307][ T5545] reiserfs: using flush barriers [ 94.327037][ T5545] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.343569][ T5545] REISERFS (device loop0): checking transaction log (loop0) [pid 5545] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5545] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5545] chdir("./file0") = 0 [pid 5545] ioctl(4, LOOP_CLR_FD) = 0 [pid 5545] close(4) = 0 [pid 5545] creat("./bus", 000) = 4 [pid 5545] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5545] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5545] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5545] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5545] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5545] exit_group(0) = ? [pid 5545] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5545, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./236", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./236/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./236/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./236/binderfs") = 0 [ 94.378641][ T5545] REISERFS (device loop0): Using r5 hash to sort names [ 94.385838][ T5545] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./236/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./236/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./236/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./236/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./236/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./236/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./236") = 0 mkdir("./237", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5547 attached , child_tidptr=0x555556cf25d0) = 5547 [pid 5547] chdir("./237") = 0 [pid 5547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5547] setpgid(0, 0) = 0 [pid 5547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5547] write(3, "1000", 4) = 4 [pid 5547] close(3) = 0 [pid 5547] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5547] memfd_create("syzkaller", 0) = 3 [pid 5547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5547] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5547] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5547] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5547] close(3) = 0 [pid 5547] mkdir("./file0", 0777) = 0 [ 94.499694][ T5547] loop0: detected capacity change from 0 to 8192 [ 94.509027][ T5547] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.522082][ T5547] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 94.531327][ T5547] REISERFS (device loop0): using ordered data mode [ 94.537836][ T5547] reiserfs: using flush barriers [ 94.543558][ T5547] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.559869][ T5547] REISERFS (device loop0): checking transaction log (loop0) [pid 5547] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5547] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5547] chdir("./file0") = 0 [pid 5547] ioctl(4, LOOP_CLR_FD) = 0 [pid 5547] close(4) = 0 [pid 5547] creat("./bus", 000) = 4 [pid 5547] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5547] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5547] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5547] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5547] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5547] exit_group(0) = ? [pid 5547] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5547, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./237", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./237/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./237/binderfs") = 0 [ 94.593661][ T5547] REISERFS (device loop0): Using r5 hash to sort names [ 94.600843][ T5547] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./237/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./237/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./237/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./237/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./237/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./237/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./237") = 0 mkdir("./238", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5549 ./strace-static-x86_64: Process 5549 attached [pid 5549] chdir("./238") = 0 [pid 5549] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5549] setpgid(0, 0) = 0 [pid 5549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5549] write(3, "1000", 4) = 4 [pid 5549] close(3) = 0 [pid 5549] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5549] memfd_create("syzkaller", 0) = 3 [pid 5549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5549] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5549] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5549] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5549] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5549] close(3) = 0 [pid 5549] mkdir("./file0", 0777) = 0 [ 94.705252][ T5549] loop0: detected capacity change from 0 to 8192 [ 94.714421][ T5549] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.727714][ T5549] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 94.736995][ T5549] REISERFS (device loop0): using ordered data mode [ 94.743551][ T5549] reiserfs: using flush barriers [ 94.749286][ T5549] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.765728][ T5549] REISERFS (device loop0): checking transaction log (loop0) [pid 5549] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5549] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5549] chdir("./file0") = 0 [pid 5549] ioctl(4, LOOP_CLR_FD) = 0 [pid 5549] close(4) = 0 [pid 5549] creat("./bus", 000) = 4 [pid 5549] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5549] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5549] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5549] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5549] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5549] exit_group(0) = ? [pid 5549] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5549, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./238", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./238/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./238/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./238/binderfs") = 0 umount2("./238/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./238/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./238/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./238/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./238/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 94.799398][ T5549] REISERFS (device loop0): Using r5 hash to sort names [ 94.806423][ T5549] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./238/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./238") = 0 mkdir("./239", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5551 ./strace-static-x86_64: Process 5551 attached [pid 5551] chdir("./239") = 0 [pid 5551] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5551] setpgid(0, 0) = 0 [pid 5551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5551] write(3, "1000", 4) = 4 [pid 5551] close(3) = 0 [pid 5551] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5551] memfd_create("syzkaller", 0) = 3 [pid 5551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5551] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5551] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5551] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5551] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5551] close(3) = 0 [pid 5551] mkdir("./file0", 0777) = 0 [ 94.903516][ T5551] loop0: detected capacity change from 0 to 8192 [ 94.913075][ T5551] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.926661][ T5551] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 94.936000][ T5551] REISERFS (device loop0): using ordered data mode [ 94.942599][ T5551] reiserfs: using flush barriers [ 94.948279][ T5551] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.964746][ T5551] REISERFS (device loop0): checking transaction log (loop0) [pid 5551] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5551] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5551] chdir("./file0") = 0 [pid 5551] ioctl(4, LOOP_CLR_FD) = 0 [pid 5551] close(4) = 0 [pid 5551] creat("./bus", 000) = 4 [pid 5551] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5551] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5551] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5551] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5551] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5551] exit_group(0) = ? [pid 5551] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5551, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./239", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./239/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./239/binderfs") = 0 [ 94.999438][ T5551] REISERFS (device loop0): Using r5 hash to sort names [ 95.006507][ T5551] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./239/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./239/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./239/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./239/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./239/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./239/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./239") = 0 mkdir("./240", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5553 ./strace-static-x86_64: Process 5553 attached [pid 5553] chdir("./240") = 0 [pid 5553] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5553] setpgid(0, 0) = 0 [pid 5553] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5553] write(3, "1000", 4) = 4 [pid 5553] close(3) = 0 [pid 5553] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5553] memfd_create("syzkaller", 0) = 3 [pid 5553] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5553] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5553] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5553] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5553] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5553] close(3) = 0 [pid 5553] mkdir("./file0", 0777) = 0 [ 95.116998][ T5553] loop0: detected capacity change from 0 to 8192 [ 95.126722][ T5553] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.139867][ T5553] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.149068][ T5553] REISERFS (device loop0): using ordered data mode [ 95.155572][ T5553] reiserfs: using flush barriers [ 95.161414][ T5553] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.178028][ T5553] REISERFS (device loop0): checking transaction log (loop0) [pid 5553] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5553] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5553] chdir("./file0") = 0 [pid 5553] ioctl(4, LOOP_CLR_FD) = 0 [pid 5553] close(4) = 0 [pid 5553] creat("./bus", 000) = 4 [pid 5553] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5553] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5553] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5553] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5553] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5553] exit_group(0) = ? [pid 5553] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5553, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./240", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./240/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./240/binderfs") = 0 [ 95.212313][ T5553] REISERFS (device loop0): Using r5 hash to sort names [ 95.219527][ T5553] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./240/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./240/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./240/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./240/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./240/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./240/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./240") = 0 mkdir("./241", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5555 ./strace-static-x86_64: Process 5555 attached [pid 5555] chdir("./241") = 0 [pid 5555] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5555] setpgid(0, 0) = 0 [pid 5555] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5555] write(3, "1000", 4) = 4 [pid 5555] close(3) = 0 [pid 5555] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5555] memfd_create("syzkaller", 0) = 3 [pid 5555] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5555] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5555] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5555] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5555] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5555] close(3) = 0 [pid 5555] mkdir("./file0", 0777) = 0 [ 95.324465][ T5555] loop0: detected capacity change from 0 to 8192 [ 95.334013][ T5555] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.347154][ T5555] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.356384][ T5555] REISERFS (device loop0): using ordered data mode [ 95.363194][ T5555] reiserfs: using flush barriers [ 95.368812][ T5555] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.385275][ T5555] REISERFS (device loop0): checking transaction log (loop0) [ 95.414401][ T5555] REISERFS (device loop0): Using r5 hash to sort names [pid 5555] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5555] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5555] chdir("./file0") = 0 [pid 5555] ioctl(4, LOOP_CLR_FD) = 0 [pid 5555] close(4) = 0 [pid 5555] creat("./bus", 000) = 4 [pid 5555] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5555] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5555] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5555] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5555] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5555] exit_group(0) = ? [pid 5555] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5555, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./241", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./241/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./241/binderfs") = 0 umount2("./241/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./241/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./241/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./241/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./241/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./241/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./241") = 0 mkdir("./242", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 95.421442][ T5555] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5557 ./strace-static-x86_64: Process 5557 attached [pid 5557] chdir("./242") = 0 [pid 5557] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5557] setpgid(0, 0) = 0 [pid 5557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5557] write(3, "1000", 4) = 4 [pid 5557] close(3) = 0 [pid 5557] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5557] memfd_create("syzkaller", 0) = 3 [pid 5557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5557] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5557] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5557] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5557] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5557] close(3) = 0 [pid 5557] mkdir("./file0", 0777) = 0 [ 95.514123][ T5557] loop0: detected capacity change from 0 to 8192 [ 95.523585][ T5557] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.537183][ T5557] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.546488][ T5557] REISERFS (device loop0): using ordered data mode [ 95.553025][ T5557] reiserfs: using flush barriers [ 95.558836][ T5557] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.575155][ T5557] REISERFS (device loop0): checking transaction log (loop0) [pid 5557] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5557] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5557] chdir("./file0") = 0 [pid 5557] ioctl(4, LOOP_CLR_FD) = 0 [pid 5557] close(4) = 0 [pid 5557] creat("./bus", 000) = 4 [pid 5557] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5557] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5557] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5557] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5557] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5557] exit_group(0) = ? [pid 5557] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5557, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./242", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./242/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./242/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./242/binderfs") = 0 [ 95.609777][ T5557] REISERFS (device loop0): Using r5 hash to sort names [ 95.616801][ T5557] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./242/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./242/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./242/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./242/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./242/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./242/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./242") = 0 mkdir("./243", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5559 ./strace-static-x86_64: Process 5559 attached [pid 5559] chdir("./243") = 0 [pid 5559] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5559] setpgid(0, 0) = 0 [pid 5559] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5559] write(3, "1000", 4) = 4 [pid 5559] close(3) = 0 [pid 5559] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5559] memfd_create("syzkaller", 0) = 3 [pid 5559] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5559] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5559] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5559] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5559] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5559] close(3) = 0 [pid 5559] mkdir("./file0", 0777) = 0 [ 95.725592][ T5559] loop0: detected capacity change from 0 to 8192 [ 95.734838][ T5559] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.747919][ T5559] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.757155][ T5559] REISERFS (device loop0): using ordered data mode [ 95.763702][ T5559] reiserfs: using flush barriers [ 95.769426][ T5559] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.785866][ T5559] REISERFS (device loop0): checking transaction log (loop0) [pid 5559] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5559] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5559] chdir("./file0") = 0 [pid 5559] ioctl(4, LOOP_CLR_FD) = 0 [pid 5559] close(4) = 0 [pid 5559] creat("./bus", 000) = 4 [pid 5559] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5559] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5559] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5559] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5559] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5559] exit_group(0) = ? [pid 5559] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5559, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./243", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./243/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./243/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./243/binderfs") = 0 [ 95.819937][ T5559] REISERFS (device loop0): Using r5 hash to sort names [ 95.827194][ T5559] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./243/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./243/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./243/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./243/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./243/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./243/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./243") = 0 mkdir("./244", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5561 ./strace-static-x86_64: Process 5561 attached [pid 5561] chdir("./244") = 0 [pid 5561] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5561] setpgid(0, 0) = 0 [pid 5561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5561] write(3, "1000", 4) = 4 [pid 5561] close(3) = 0 [pid 5561] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5561] memfd_create("syzkaller", 0) = 3 [pid 5561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5561] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5561] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5561] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5561] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5561] close(3) = 0 [pid 5561] mkdir("./file0", 0777) = 0 [ 95.930508][ T5561] loop0: detected capacity change from 0 to 8192 [ 95.940262][ T5561] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.953363][ T5561] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.963076][ T5561] REISERFS (device loop0): using ordered data mode [ 95.969701][ T5561] reiserfs: using flush barriers [ 95.975315][ T5561] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.991725][ T5561] REISERFS (device loop0): checking transaction log (loop0) [pid 5561] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5561] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5561] chdir("./file0") = 0 [pid 5561] ioctl(4, LOOP_CLR_FD) = 0 [pid 5561] close(4) = 0 [pid 5561] creat("./bus", 000) = 4 [pid 5561] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5561] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5561] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5561] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5561] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5561] exit_group(0) = ? [pid 5561] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5561, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./244", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./244/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./244/binderfs") = 0 [ 96.022326][ T5561] REISERFS (device loop0): Using r5 hash to sort names [ 96.029422][ T5561] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./244/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./244/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./244/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./244/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./244/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./244/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./244") = 0 mkdir("./245", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5563 attached , child_tidptr=0x555556cf25d0) = 5563 [pid 5563] chdir("./245") = 0 [pid 5563] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5563] setpgid(0, 0) = 0 [pid 5563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5563] write(3, "1000", 4) = 4 [pid 5563] close(3) = 0 [pid 5563] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5563] memfd_create("syzkaller", 0) = 3 [pid 5563] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5563] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5563] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5563] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5563] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5563] close(3) = 0 [pid 5563] mkdir("./file0", 0777) = 0 [ 96.149317][ T5563] loop0: detected capacity change from 0 to 8192 [ 96.158396][ T5563] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.171585][ T5563] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.180827][ T5563] REISERFS (device loop0): using ordered data mode [ 96.187322][ T5563] reiserfs: using flush barriers [ 96.193434][ T5563] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.210299][ T5563] REISERFS (device loop0): checking transaction log (loop0) [ 96.239448][ T5563] REISERFS (device loop0): Using r5 hash to sort names [pid 5563] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5563] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5563] chdir("./file0") = 0 [pid 5563] ioctl(4, LOOP_CLR_FD) = 0 [pid 5563] close(4) = 0 [pid 5563] creat("./bus", 000) = 4 [pid 5563] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5563] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5563] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5563] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5563] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5563] exit_group(0) = ? [pid 5563] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5563, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./245", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./245/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./245/binderfs") = 0 umount2("./245/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./245/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./245/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./245/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./245/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./245/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./245") = 0 mkdir("./246", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 96.246468][ T5563] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5565 ./strace-static-x86_64: Process 5565 attached [pid 5565] chdir("./246") = 0 [pid 5565] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5565] setpgid(0, 0) = 0 [pid 5565] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5565] write(3, "1000", 4) = 4 [pid 5565] close(3) = 0 [pid 5565] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5565] memfd_create("syzkaller", 0) = 3 [pid 5565] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5565] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5565] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5565] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5565] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5565] close(3) = 0 [pid 5565] mkdir("./file0", 0777) = 0 [ 96.346444][ T5565] loop0: detected capacity change from 0 to 8192 [ 96.356220][ T5565] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.369309][ T5565] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.378676][ T5565] REISERFS (device loop0): using ordered data mode [ 96.385239][ T5565] reiserfs: using flush barriers [ 96.391233][ T5565] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.407712][ T5565] REISERFS (device loop0): checking transaction log (loop0) [pid 5565] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5565] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5565] chdir("./file0") = 0 [pid 5565] ioctl(4, LOOP_CLR_FD) = 0 [pid 5565] close(4) = 0 [pid 5565] creat("./bus", 000) = 4 [pid 5565] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5565] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5565] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5565] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5565] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5565] exit_group(0) = ? [pid 5565] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5565, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./246", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./246/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./246/binderfs") = 0 umount2("./246/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./246/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./246/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./246/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./246/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./246/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 [ 96.436957][ T5565] REISERFS (device loop0): Using r5 hash to sort names [ 96.444048][ T5565] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 rmdir("./246") = 0 mkdir("./247", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5567 ./strace-static-x86_64: Process 5567 attached [pid 5567] chdir("./247") = 0 [pid 5567] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5567] setpgid(0, 0) = 0 [pid 5567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5567] write(3, "1000", 4) = 4 [pid 5567] close(3) = 0 [pid 5567] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5567] memfd_create("syzkaller", 0) = 3 [pid 5567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5567] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5567] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5567] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5567] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5567] close(3) = 0 [pid 5567] mkdir("./file0", 0777) = 0 [ 96.545437][ T5567] loop0: detected capacity change from 0 to 8192 [ 96.554542][ T5567] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.567810][ T5567] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.577070][ T5567] REISERFS (device loop0): using ordered data mode [ 96.583645][ T5567] reiserfs: using flush barriers [ 96.589429][ T5567] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.605831][ T5567] REISERFS (device loop0): checking transaction log (loop0) [ 96.634761][ T5567] REISERFS (device loop0): Using r5 hash to sort names [pid 5567] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5567] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5567] chdir("./file0") = 0 [pid 5567] ioctl(4, LOOP_CLR_FD) = 0 [pid 5567] close(4) = 0 [pid 5567] creat("./bus", 000) = 4 [pid 5567] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5567] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5567] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5567] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5567] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5567] exit_group(0) = ? [pid 5567] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5567, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./247", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./247/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./247/binderfs") = 0 [ 96.641829][ T5567] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./247/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./247/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./247/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./247/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./247/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./247/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./247") = 0 mkdir("./248", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5569 ./strace-static-x86_64: Process 5569 attached [pid 5569] chdir("./248") = 0 [pid 5569] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5569] setpgid(0, 0) = 0 [pid 5569] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5569] write(3, "1000", 4) = 4 [pid 5569] close(3) = 0 [pid 5569] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5569] memfd_create("syzkaller", 0) = 3 [pid 5569] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5569] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5569] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5569] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5569] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5569] close(3) = 0 [pid 5569] mkdir("./file0", 0777) = 0 [ 96.747115][ T5569] loop0: detected capacity change from 0 to 8192 [ 96.756409][ T5569] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.769540][ T5569] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.779342][ T5569] REISERFS (device loop0): using ordered data mode [ 96.785866][ T5569] reiserfs: using flush barriers [ 96.791644][ T5569] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.808100][ T5569] REISERFS (device loop0): checking transaction log (loop0) [pid 5569] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5569] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5569] chdir("./file0") = 0 [pid 5569] ioctl(4, LOOP_CLR_FD) = 0 [pid 5569] close(4) = 0 [pid 5569] creat("./bus", 000) = 4 [pid 5569] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5569] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5569] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5569] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5569] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5569] exit_group(0) = ? [pid 5569] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5569, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./248", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./248/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./248/binderfs") = 0 [ 96.842823][ T5569] REISERFS (device loop0): Using r5 hash to sort names [ 96.849884][ T5569] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./248/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./248/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./248/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./248/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./248/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./248/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./248") = 0 mkdir("./249", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5571 ./strace-static-x86_64: Process 5571 attached [pid 5571] chdir("./249") = 0 [pid 5571] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5571] setpgid(0, 0) = 0 [pid 5571] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5571] write(3, "1000", 4) = 4 [pid 5571] close(3) = 0 [pid 5571] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5571] memfd_create("syzkaller", 0) = 3 [pid 5571] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5571] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5571] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5571] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5571] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5571] close(3) = 0 [pid 5571] mkdir("./file0", 0777) = 0 [ 96.951253][ T5571] loop0: detected capacity change from 0 to 8192 [ 96.961178][ T5571] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.974222][ T5571] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.983465][ T5571] REISERFS (device loop0): using ordered data mode [ 96.989996][ T5571] reiserfs: using flush barriers [pid 5571] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5571] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5571] chdir("./file0") = 0 [ 96.995601][ T5571] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.012125][ T5571] REISERFS (device loop0): checking transaction log (loop0) [ 97.041135][ T5571] REISERFS (device loop0): Using r5 hash to sort names [pid 5571] ioctl(4, LOOP_CLR_FD) = 0 [pid 5571] close(4) = 0 [pid 5571] creat("./bus", 000) = 4 [pid 5571] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5571] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5571] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5571] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5571] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5571] exit_group(0) = ? [pid 5571] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5571, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./249", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./249/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./249/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./249/binderfs") = 0 umount2("./249/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./249/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./249/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./249/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./249/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./249/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./249") = 0 mkdir("./250", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 97.048175][ T5571] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5573 attached , child_tidptr=0x555556cf25d0) = 5573 [pid 5573] chdir("./250") = 0 [pid 5573] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5573] setpgid(0, 0) = 0 [pid 5573] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5573] write(3, "1000", 4) = 4 [pid 5573] close(3) = 0 [pid 5573] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5573] memfd_create("syzkaller", 0) = 3 [pid 5573] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5573] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5573] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5573] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5573] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5573] close(3) = 0 [pid 5573] mkdir("./file0", 0777) = 0 [ 97.154665][ T5573] loop0: detected capacity change from 0 to 8192 [ 97.164336][ T5573] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.177376][ T5573] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 97.186579][ T5573] REISERFS (device loop0): using ordered data mode [ 97.193159][ T5573] reiserfs: using flush barriers [ 97.198935][ T5573] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.215212][ T5573] REISERFS (device loop0): checking transaction log (loop0) [pid 5573] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5573] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5573] chdir("./file0") = 0 [pid 5573] ioctl(4, LOOP_CLR_FD) = 0 [pid 5573] close(4) = 0 [pid 5573] creat("./bus", 000) = 4 [pid 5573] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5573] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5573] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5573] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5573] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5573] exit_group(0) = ? [pid 5573] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5573, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./250", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./250/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./250/binderfs") = 0 umount2("./250/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./250/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./250/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./250/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./250/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./250/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 [ 97.245534][ T5573] REISERFS (device loop0): Using r5 hash to sort names [ 97.252690][ T5573] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 rmdir("./250") = 0 mkdir("./251", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5575 ./strace-static-x86_64: Process 5575 attached [pid 5575] chdir("./251") = 0 [pid 5575] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5575] setpgid(0, 0) = 0 [pid 5575] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5575] write(3, "1000", 4) = 4 [pid 5575] close(3) = 0 [pid 5575] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5575] memfd_create("syzkaller", 0) = 3 [pid 5575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5575] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5575] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5575] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5575] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5575] close(3) = 0 [pid 5575] mkdir("./file0", 0777) = 0 [ 97.349408][ T5575] loop0: detected capacity change from 0 to 8192 [ 97.359646][ T5575] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.372753][ T5575] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 97.382021][ T5575] REISERFS (device loop0): using ordered data mode [ 97.388531][ T5575] reiserfs: using flush barriers [ 97.394238][ T5575] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.410496][ T5575] REISERFS (device loop0): checking transaction log (loop0) [pid 5575] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5575] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5575] chdir("./file0") = 0 [pid 5575] ioctl(4, LOOP_CLR_FD) = 0 [pid 5575] close(4) = 0 [pid 5575] creat("./bus", 000) = 4 [pid 5575] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5575] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5575] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5575] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5575] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5575] exit_group(0) = ? [pid 5575] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5575, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./251", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./251/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./251/binderfs") = 0 [ 97.444855][ T5575] REISERFS (device loop0): Using r5 hash to sort names [ 97.451963][ T5575] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./251/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./251/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./251/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./251/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./251/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./251/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./251") = 0 mkdir("./252", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5577 ./strace-static-x86_64: Process 5577 attached [pid 5577] chdir("./252") = 0 [pid 5577] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5577] setpgid(0, 0) = 0 [pid 5577] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5577] write(3, "1000", 4) = 4 [pid 5577] close(3) = 0 [pid 5577] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5577] memfd_create("syzkaller", 0) = 3 [pid 5577] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5577] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5577] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5577] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5577] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5577] close(3) = 0 [pid 5577] mkdir("./file0", 0777) = 0 [ 97.557367][ T5577] loop0: detected capacity change from 0 to 8192 [ 97.566988][ T5577] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.580101][ T5577] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 97.589482][ T5577] REISERFS (device loop0): using ordered data mode [ 97.595983][ T5577] reiserfs: using flush barriers [ 97.601777][ T5577] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.618129][ T5577] REISERFS (device loop0): checking transaction log (loop0) [pid 5577] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5577] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5577] chdir("./file0") = 0 [pid 5577] ioctl(4, LOOP_CLR_FD) = 0 [pid 5577] close(4) = 0 [pid 5577] creat("./bus", 000) = 4 [pid 5577] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5577] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5577] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5577] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5577] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5577] exit_group(0) = ? [pid 5577] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5577, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./252", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./252/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./252/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./252/binderfs") = 0 [ 97.651778][ T5577] REISERFS (device loop0): Using r5 hash to sort names [ 97.658984][ T5577] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./252/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./252/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./252/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./252/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./252/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./252/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./252") = 0 mkdir("./253", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5579 ./strace-static-x86_64: Process 5579 attached [pid 5579] chdir("./253") = 0 [pid 5579] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5579] setpgid(0, 0) = 0 [pid 5579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5579] write(3, "1000", 4) = 4 [pid 5579] close(3) = 0 [pid 5579] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5579] memfd_create("syzkaller", 0) = 3 [pid 5579] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5579] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5579] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5579] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5579] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5579] close(3) = 0 [pid 5579] mkdir("./file0", 0777) = 0 [ 97.767411][ T5579] loop0: detected capacity change from 0 to 8192 [ 97.776814][ T5579] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.790009][ T5579] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 97.799207][ T5579] REISERFS (device loop0): using ordered data mode [ 97.805699][ T5579] reiserfs: using flush barriers [ 97.811464][ T5579] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.827967][ T5579] REISERFS (device loop0): checking transaction log (loop0) [pid 5579] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5579] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5579] chdir("./file0") = 0 [pid 5579] ioctl(4, LOOP_CLR_FD) = 0 [pid 5579] close(4) = 0 [pid 5579] creat("./bus", 000) = 4 [pid 5579] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5579] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5579] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5579] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 97.862692][ T5579] REISERFS (device loop0): Using r5 hash to sort names [ 97.869915][ T5579] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 97.898262][ T5579] [ 97.900639][ T5579] ====================================================== [ 97.907648][ T5579] WARNING: possible circular locking dependency detected [ 97.914644][ T5579] 6.2.0-rc6-syzkaller-00262-g95078069c1e7 #0 Not tainted [ 97.921642][ T5579] ------------------------------------------------------ [ 97.928807][ T5579] syz-executor150/5579 is trying to acquire lock: [ 97.935205][ T5579] ffff888022827090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x79/0x100 [ 97.944255][ T5579] [ 97.944255][ T5579] but task is already holding lock: [ 97.951603][ T5579] ffff88802938c558 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x19b/0x680 [ 97.960646][ T5579] [ 97.960646][ T5579] which lock already depends on the new lock. [ 97.960646][ T5579] [ 97.971035][ T5579] [ 97.971035][ T5579] the existing dependency chain (in reverse order) is: [ 97.980205][ T5579] [ 97.980205][ T5579] -> #2 (sb_pagefaults){.+.+}-{0:0}: [ 97.987665][ T5579] filemap_page_mkwrite+0x16e/0x750 [ 97.993379][ T5579] do_page_mkwrite+0x19b/0x680 [ 97.998663][ T5579] __handle_mm_fault+0x23ee/0x3c90 [ 98.004292][ T5579] handle_mm_fault+0x1b6/0x850 [ 98.009573][ T5579] do_user_addr_fault+0x475/0x1210 [ 98.015200][ T5579] exc_page_fault+0x98/0x170 [ 98.020323][ T5579] asm_exc_page_fault+0x26/0x30 [ 98.025688][ T5579] [ 98.025688][ T5579] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 98.033233][ T5579] __might_fault+0x10c/0x180 [ 98.038428][ T5579] reiserfs_ioctl+0x1d2/0x330 [ 98.043615][ T5579] __x64_sys_ioctl+0x197/0x210 [ 98.048896][ T5579] do_syscall_64+0x39/0xb0 [ 98.053832][ T5579] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 98.060246][ T5579] [ 98.060246][ T5579] -> #0 (&sbi->lock){+.+.}-{3:3}: [ 98.067568][ T5579] __lock_acquire+0x2a43/0x56d0 [ 98.072940][ T5579] lock_acquire+0x1e3/0x630 [ 98.077954][ T5579] __mutex_lock+0x12f/0x1360 [ 98.083061][ T5579] reiserfs_write_lock+0x79/0x100 [ 98.088597][ T5579] reiserfs_dirty_inode+0xd2/0x260 [ 98.094230][ T5579] __mark_inode_dirty+0x247/0x11e0 [ 98.099874][ T5579] generic_update_time+0x21b/0x2b0 [ 98.105507][ T5579] file_update_time+0x224/0x270 [ 98.110874][ T5579] filemap_page_mkwrite+0x280/0x750 [ 98.116621][ T5579] do_page_mkwrite+0x19b/0x680 [ 98.121897][ T5579] __handle_mm_fault+0x23ee/0x3c90 [ 98.127527][ T5579] handle_mm_fault+0x1b6/0x850 [ 98.132804][ T5579] do_user_addr_fault+0x475/0x1210 [ 98.138427][ T5579] exc_page_fault+0x98/0x170 [ 98.143533][ T5579] asm_exc_page_fault+0x26/0x30 [ 98.148908][ T5579] [ 98.148908][ T5579] other info that might help us debug this: [ 98.148908][ T5579] [ 98.159207][ T5579] Chain exists of: [ 98.159207][ T5579] &sbi->lock --> &mm->mmap_lock --> sb_pagefaults [ 98.159207][ T5579] [ 98.171539][ T5579] Possible unsafe locking scenario: [ 98.171539][ T5579] [ 98.178988][ T5579] CPU0 CPU1 [ 98.184334][ T5579] ---- ---- [ 98.189680][ T5579] lock(sb_pagefaults); [ 98.193911][ T5579] lock(&mm->mmap_lock); [ 98.200744][ T5579] lock(sb_pagefaults); [ 98.207489][ T5579] lock(&sbi->lock); [ 98.211458][ T5579] [ 98.211458][ T5579] *** DEADLOCK *** [ 98.211458][ T5579] [ 98.219586][ T5579] 2 locks held by syz-executor150/5579: [ 98.225114][ T5579] #0: ffff88801d856198 (&mm->mmap_lock){++++}-{3:3}, at: do_user_addr_fault+0x276/0x1210 [ 98.235028][ T5579] #1: ffff88802938c558 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x19b/0x680 [ 98.244597][ T5579] [ 98.244597][ T5579] stack backtrace: [ 98.250472][ T5579] CPU: 1 PID: 5579 Comm: syz-executor150 Not tainted 6.2.0-rc6-syzkaller-00262-g95078069c1e7 #0 [ 98.260867][ T5579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 98.270910][ T5579] Call Trace: [ 98.274176][ T5579] [ 98.277115][ T5579] dump_stack_lvl+0xd1/0x138 [ 98.281699][ T5579] check_noncircular+0x25f/0x2e0 [ 98.286637][ T5579] ? print_circular_bug+0x1e0/0x1e0 [ 98.291838][ T5579] __lock_acquire+0x2a43/0x56d0 [ 98.296686][ T5579] ? find_held_lock+0x2d/0x110 [ 98.301446][ T5579] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 98.307423][ T5579] ? lock_chain_count+0x20/0x20 [ 98.312276][ T5579] lock_acquire+0x1e3/0x630 [ 98.316765][ T5579] ? reiserfs_write_lock+0x79/0x100 [ 98.321954][ T5579] ? lock_release+0x810/0x810 [ 98.326631][ T5579] __mutex_lock+0x12f/0x1360 [ 98.331222][ T5579] ? reiserfs_write_lock+0x79/0x100 [ 98.336416][ T5579] ? lock_chain_count+0x20/0x20 [ 98.341266][ T5579] ? reiserfs_write_lock+0x79/0x100 [ 98.346458][ T5579] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 98.351999][ T5579] ? find_held_lock+0x2d/0x110 [ 98.356761][ T5579] ? current_time+0x79/0x2c0 [ 98.361347][ T5579] reiserfs_write_lock+0x79/0x100 [ 98.366371][ T5579] reiserfs_dirty_inode+0xd2/0x260 [ 98.371485][ T5579] ? reiserfs_unfreeze+0xa0/0xa0 [ 98.376631][ T5579] ? lockdep_hardirqs_on+0x7d/0x100 [ 98.381827][ T5579] ? ktime_get_coarse_real_ts64+0x1bb/0x200 [ 98.387722][ T5579] ? reiserfs_unfreeze+0xa0/0xa0 [ 98.392657][ T5579] __mark_inode_dirty+0x247/0x11e0 [ 98.397854][ T5579] generic_update_time+0x21b/0x2b0 [ 98.402959][ T5579] file_update_time+0x224/0x270 [ 98.407801][ T5579] ? new_inode+0x280/0x280 [ 98.412219][ T5579] filemap_page_mkwrite+0x280/0x750 [ 98.417415][ T5579] do_page_mkwrite+0x19b/0x680 [ 98.422173][ T5579] __handle_mm_fault+0x23ee/0x3c90 [ 98.427281][ T5579] ? vm_iomap_memory+0x190/0x190 [ 98.432216][ T5579] handle_mm_fault+0x1b6/0x850 [ 98.436972][ T5579] do_user_addr_fault+0x475/0x1210 [ 98.442229][ T5579] ? rcu_read_lock_sched_held+0x3e/0x70 [ 98.447785][ T5579] exc_page_fault+0x98/0x170 [ 98.452393][ T5579] asm_exc_page_fault+0x26/0x30 [ 98.457335][ T5579] RIP: 0033:0x7ffacdfae573 [ 98.461833][ T5579] Code: 00 e8 71 25 04 00 48 8b 35 ea 5b 0b 00 31 c9 31 c0 ba 01 76 08 80 bf 10 00 00 00 e8 57 25 04 00 b8 98 00 00 20 b9 20 00 00 00 04 25 80 00 00 20 08 00 00 00 66 c7 04 25 84 00 00 20 20 01 48 [ 98.481440][ T5579] RSP: 002b:00007ffc61aad4e0 EFLAGS: 00010286 [ 98.487502][ T5579] RAX: 0000000020000098 RBX: 0000000000017cd9 RCX: 0000000000000020 [ 98.495463][ T5579] RDX: 0000000000000000 RSI: 0000000080087601 RDI: 0000000000000004 [ 98.503429][ T5579] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [pid 5579] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5579] exit_group(0) = ? [pid 5579] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5579, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./253", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./253/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./253/binderfs") = 0 umount2("./253/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./253/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./253/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./253/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./253/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./253/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./253") = 0 mkdir("./254", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5581 ./strace-static-x86_64: Process 5581 attached [pid 5581] chdir("./254") = 0 [pid 5581] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5581] setpgid(0, 0) = 0 [pid 5581] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5581] write(3, "1000", 4) = 4 [pid 5581] close(3) = 0 [pid 5581] symlink("/dev/binderfs", "./binderfs") = 0 [ 98.511395][ T5579] R10: 0000000000000005 R11: 0000000000000246 R12: 00007ffc61aad50c [ 98.519361][ T5579] R13: 00007ffc61aad540 R14: 00007ffc61aad520 R15: 00000000000000fd [ 98.527329][ T5579] [pid 5581] memfd_create("syzkaller", 0) = 3 [pid 5581] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5581] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5581] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5581] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5581] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5581] close(3) = 0 [pid 5581] mkdir("./file0", 0777) = 0 [ 98.599992][ T5581] loop0: detected capacity change from 0 to 8192 [ 98.608641][ T5581] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.621988][ T5581] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 98.631188][ T5581] REISERFS (device loop0): using ordered data mode [ 98.637689][ T5581] reiserfs: using flush barriers [pid 5581] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5581] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5581] chdir("./file0") = 0 [pid 5581] ioctl(4, LOOP_CLR_FD) = 0 [pid 5581] close(4) = 0 [pid 5581] creat("./bus", 000) = 4 [pid 5581] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5581] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5581] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5581] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5581] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5581] exit_group(0) = ? [pid 5581] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5581, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./254", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./254/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./254/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./254/binderfs") = 0 umount2("./254/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./254/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./254/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./254/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./254/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./254/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./254") = 0 mkdir("./255", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5583 ./strace-static-x86_64: Process 5583 attached [pid 5583] chdir("./255") = 0 [pid 5583] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5583] setpgid(0, 0) = 0 [ 98.643480][ T5581] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.659873][ T5581] REISERFS (device loop0): checking transaction log (loop0) [ 98.680590][ T5581] REISERFS (device loop0): Using r5 hash to sort names [ 98.687838][ T5581] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5583] write(3, "1000", 4) = 4 [pid 5583] close(3) = 0 [pid 5583] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5583] memfd_create("syzkaller", 0) = 3 [pid 5583] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5583] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5583] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5583] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5583] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5583] close(3) = 0 [pid 5583] mkdir("./file0", 0777) = 0 [ 98.754935][ T5583] loop0: detected capacity change from 0 to 8192 [ 98.763472][ T5583] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.776625][ T5583] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 98.785853][ T5583] REISERFS (device loop0): using ordered data mode [ 98.792412][ T5583] reiserfs: using flush barriers [pid 5583] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5583] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5583] chdir("./file0") = 0 [pid 5583] ioctl(4, LOOP_CLR_FD) = 0 [pid 5583] close(4) = 0 [pid 5583] creat("./bus", 000) = 4 [pid 5583] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5583] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5583] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5583] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5583] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5583] exit_group(0) = ? [pid 5583] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5583, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./255", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./255/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./255/binderfs") = 0 umount2("./255/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./255/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./255/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./255/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./255/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./255/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./255") = 0 mkdir("./256", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5585 ./strace-static-x86_64: Process 5585 attached [pid 5585] chdir("./256") = 0 [pid 5585] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5585] setpgid(0, 0) = 0 [pid 5585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5585] write(3, "1000", 4) = 4 [pid 5585] close(3) = 0 [pid 5585] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5585] memfd_create("syzkaller", 0) = 3 [pid 5585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [ 98.797953][ T5583] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.814274][ T5583] REISERFS (device loop0): checking transaction log (loop0) [ 98.834783][ T5583] REISERFS (device loop0): Using r5 hash to sort names [ 98.841782][ T5583] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5585] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5585] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5585] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5585] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5585] close(3) = 0 [pid 5585] mkdir("./file0", 0777) = 0 [ 98.907486][ T5585] loop0: detected capacity change from 0 to 8192 [ 98.916631][ T5585] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.929656][ T5585] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 98.938856][ T5585] REISERFS (device loop0): using ordered data mode [ 98.945351][ T5585] reiserfs: using flush barriers [pid 5585] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5585] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5585] chdir("./file0") = 0 [pid 5585] ioctl(4, LOOP_CLR_FD) = 0 [pid 5585] close(4) = 0 [pid 5585] creat("./bus", 000) = 4 [pid 5585] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5585] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5585] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5585] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5585] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5585] exit_group(0) = ? [pid 5585] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5585, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./256", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./256/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./256/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./256/binderfs") = 0 umount2("./256/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./256/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./256/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./256/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./256/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./256/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./256") = 0 mkdir("./257", 0777) = 0 [ 98.950938][ T5585] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.967222][ T5585] REISERFS (device loop0): checking transaction log (loop0) [ 98.988037][ T5585] REISERFS (device loop0): Using r5 hash to sort names [ 98.995099][ T5585] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5587 attached , child_tidptr=0x555556cf25d0) = 5587 [pid 5587] chdir("./257") = 0 [pid 5587] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5587] setpgid(0, 0) = 0 [pid 5587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5587] write(3, "1000", 4) = 4 [pid 5587] close(3) = 0 [pid 5587] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5587] memfd_create("syzkaller", 0) = 3 [pid 5587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5587] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5587] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5587] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5587] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5587] close(3) = 0 [pid 5587] mkdir("./file0", 0777) = 0 [ 99.067838][ T5587] loop0: detected capacity change from 0 to 8192 [ 99.076414][ T5587] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.089508][ T5587] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.098822][ T5587] REISERFS (device loop0): using ordered data mode [ 99.105329][ T5587] reiserfs: using flush barriers [pid 5587] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5587] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5587] chdir("./file0") = 0 [pid 5587] ioctl(4, LOOP_CLR_FD) = 0 [pid 5587] close(4) = 0 [pid 5587] creat("./bus", 000) = 4 [pid 5587] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5587] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5587] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5587] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5587] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5587] exit_group(0) = ? [pid 5587] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5587, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./257", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./257/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./257/binderfs") = 0 [ 99.110983][ T5587] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.127299][ T5587] REISERFS (device loop0): checking transaction log (loop0) [ 99.150611][ T5587] REISERFS (device loop0): Using r5 hash to sort names [ 99.157685][ T5587] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./257/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./257/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./257/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./257/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./257/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./257/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./257") = 0 mkdir("./258", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5589 ./strace-static-x86_64: Process 5589 attached [pid 5589] chdir("./258") = 0 [pid 5589] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5589] setpgid(0, 0) = 0 [pid 5589] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5589] write(3, "1000", 4) = 4 [pid 5589] close(3) = 0 [pid 5589] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5589] memfd_create("syzkaller", 0) = 3 [pid 5589] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5589] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5589] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5589] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5589] close(3) = 0 [pid 5589] mkdir("./file0", 0777) = 0 [ 99.233239][ T5589] loop0: detected capacity change from 0 to 8192 [ 99.241891][ T5589] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.254985][ T5589] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.264188][ T5589] REISERFS (device loop0): using ordered data mode [ 99.270812][ T5589] reiserfs: using flush barriers [pid 5589] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5589] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5589] chdir("./file0") = 0 [pid 5589] ioctl(4, LOOP_CLR_FD) = 0 [pid 5589] close(4) = 0 [pid 5589] creat("./bus", 000) = 4 [pid 5589] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5589] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5589] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5589] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5589] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5589] exit_group(0) = ? [pid 5589] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5589, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./258", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./258/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./258/binderfs") = 0 umount2("./258/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./258/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./258/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./258/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./258/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 [ 99.276294][ T5589] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.292678][ T5589] REISERFS (device loop0): checking transaction log (loop0) [ 99.313293][ T5589] REISERFS (device loop0): Using r5 hash to sort names [ 99.320300][ T5589] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(4) = 0 rmdir("./258/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./258") = 0 mkdir("./259", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5591 attached , child_tidptr=0x555556cf25d0) = 5591 [pid 5591] chdir("./259") = 0 [pid 5591] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5591] setpgid(0, 0) = 0 [pid 5591] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5591] write(3, "1000", 4) = 4 [pid 5591] close(3) = 0 [pid 5591] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5591] memfd_create("syzkaller", 0) = 3 [pid 5591] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5591] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5591] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5591] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5591] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5591] close(3) = 0 [pid 5591] mkdir("./file0", 0777) = 0 [ 99.400275][ T5591] loop0: detected capacity change from 0 to 8192 [ 99.408509][ T5591] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.421775][ T5591] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.431180][ T5591] REISERFS (device loop0): using ordered data mode [ 99.437694][ T5591] reiserfs: using flush barriers [pid 5591] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5591] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5591] chdir("./file0") = 0 [pid 5591] ioctl(4, LOOP_CLR_FD) = 0 [pid 5591] close(4) = 0 [pid 5591] creat("./bus", 000) = 4 [pid 5591] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5591] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5591] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5591] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5591] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5591] exit_group(0) = ? [pid 5591] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5591, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./259", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./259/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./259/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./259/binderfs") = 0 umount2("./259/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./259/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./259/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./259/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./259/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./259/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./259") = 0 mkdir("./260", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 99.443311][ T5591] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.459741][ T5591] REISERFS (device loop0): checking transaction log (loop0) [ 99.481290][ T5591] REISERFS (device loop0): Using r5 hash to sort names [ 99.488286][ T5591] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5593 ./strace-static-x86_64: Process 5593 attached [pid 5593] chdir("./260") = 0 [pid 5593] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5593] setpgid(0, 0) = 0 [pid 5593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5593] write(3, "1000", 4) = 4 [pid 5593] close(3) = 0 [pid 5593] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5593] memfd_create("syzkaller", 0) = 3 [pid 5593] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5593] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5593] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5593] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5593] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5593] close(3) = 0 [pid 5593] mkdir("./file0", 0777) = 0 [ 99.560622][ T5593] loop0: detected capacity change from 0 to 8192 [ 99.569298][ T5593] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.582375][ T5593] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.591681][ T5593] REISERFS (device loop0): using ordered data mode [ 99.598210][ T5593] reiserfs: using flush barriers [pid 5593] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5593] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5593] chdir("./file0") = 0 [pid 5593] ioctl(4, LOOP_CLR_FD) = 0 [pid 5593] close(4) = 0 [pid 5593] creat("./bus", 000) = 4 [pid 5593] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5593] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5593] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5593] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5593] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5593] exit_group(0) = ? [pid 5593] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5593, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./260", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./260/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./260/binderfs") = 0 umount2("./260/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./260/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./260/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./260/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 99.603818][ T5593] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.620114][ T5593] REISERFS (device loop0): checking transaction log (loop0) [ 99.642280][ T5593] REISERFS (device loop0): Using r5 hash to sort names [ 99.649295][ T5593] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./260/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./260/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./260") = 0 mkdir("./261", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5595 attached , child_tidptr=0x555556cf25d0) = 5595 [pid 5595] chdir("./261") = 0 [pid 5595] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5595] setpgid(0, 0) = 0 [pid 5595] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5595] write(3, "1000", 4) = 4 [pid 5595] close(3) = 0 [pid 5595] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5595] memfd_create("syzkaller", 0) = 3 [pid 5595] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5595] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5595] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5595] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5595] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5595] close(3) = 0 [pid 5595] mkdir("./file0", 0777) = 0 [ 99.727018][ T5595] loop0: detected capacity change from 0 to 8192 [ 99.735992][ T5595] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.749027][ T5595] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.758242][ T5595] REISERFS (device loop0): using ordered data mode [ 99.764807][ T5595] reiserfs: using flush barriers [pid 5595] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5595] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5595] chdir("./file0") = 0 [pid 5595] ioctl(4, LOOP_CLR_FD) = 0 [pid 5595] close(4) = 0 [pid 5595] creat("./bus", 000) = 4 [pid 5595] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5595] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5595] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5595] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5595] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5595] exit_group(0) = ? [pid 5595] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5595, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./261", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./261/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./261/binderfs") = 0 umount2("./261/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./261/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./261/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./261/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./261/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./261/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 [ 99.770487][ T5595] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.786783][ T5595] REISERFS (device loop0): checking transaction log (loop0) [ 99.809922][ T5595] REISERFS (device loop0): Using r5 hash to sort names [ 99.817008][ T5595] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 rmdir("./261") = 0 mkdir("./262", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5597 attached , child_tidptr=0x555556cf25d0) = 5597 [pid 5597] chdir("./262") = 0 [pid 5597] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5597] setpgid(0, 0) = 0 [pid 5597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5597] write(3, "1000", 4) = 4 [pid 5597] close(3) = 0 [pid 5597] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5597] memfd_create("syzkaller", 0) = 3 [pid 5597] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5597] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5597] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5597] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5597] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5597] close(3) = 0 [pid 5597] mkdir("./file0", 0777) = 0 [ 99.890750][ T5597] loop0: detected capacity change from 0 to 8192 [ 99.900089][ T5597] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.913194][ T5597] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.922728][ T5597] REISERFS (device loop0): using ordered data mode [ 99.929261][ T5597] reiserfs: using flush barriers [pid 5597] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5597] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5597] chdir("./file0") = 0 [pid 5597] ioctl(4, LOOP_CLR_FD) = 0 [pid 5597] close(4) = 0 [pid 5597] creat("./bus", 000) = 4 [pid 5597] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5597] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5597] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5597] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5597] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5597] exit_group(0) = ? [pid 5597] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5597, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- umount2("./262", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./262/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./262/binderfs") = 0 umount2("./262/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./262/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./262/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./262/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./262/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 99.934801][ T5597] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.951150][ T5597] REISERFS (device loop0): checking transaction log (loop0) [ 99.972433][ T5597] REISERFS (device loop0): Using r5 hash to sort names [ 99.979484][ T5597] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./262/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./262") = 0 mkdir("./263", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5599 ./strace-static-x86_64: Process 5599 attached [pid 5599] chdir("./263") = 0 [pid 5599] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5599] setpgid(0, 0) = 0 [pid 5599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5599] write(3, "1000", 4) = 4 [pid 5599] close(3) = 0 [pid 5599] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5599] memfd_create("syzkaller", 0) = 3 [pid 5599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5599] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5599] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5599] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5599] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5599] close(3) = 0 [pid 5599] mkdir("./file0", 0777) = 0 [ 100.054369][ T5599] loop0: detected capacity change from 0 to 8192 [ 100.063815][ T5599] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.077046][ T5599] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.086282][ T5599] REISERFS (device loop0): using ordered data mode [ 100.092922][ T5599] reiserfs: using flush barriers [pid 5599] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5599] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5599] chdir("./file0") = 0 [pid 5599] ioctl(4, LOOP_CLR_FD) = 0 [pid 5599] close(4) = 0 [pid 5599] creat("./bus", 000) = 4 [pid 5599] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5599] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5599] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5599] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5599] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5599] exit_group(0) = ? [pid 5599] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5599, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./263", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./263/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./263/binderfs") = 0 [ 100.098411][ T5599] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.114760][ T5599] REISERFS (device loop0): checking transaction log (loop0) [ 100.136123][ T5599] REISERFS (device loop0): Using r5 hash to sort names [ 100.143130][ T5599] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./263/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./263/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./263/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./263/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./263/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./263/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./263") = 0 mkdir("./264", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5601 ./strace-static-x86_64: Process 5601 attached [pid 5601] chdir("./264") = 0 [pid 5601] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5601] setpgid(0, 0) = 0 [pid 5601] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5601] write(3, "1000", 4) = 4 [pid 5601] close(3) = 0 [pid 5601] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5601] memfd_create("syzkaller", 0) = 3 [pid 5601] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5601] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5601] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5601] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5601] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5601] close(3) = 0 [pid 5601] mkdir("./file0", 0777) = 0 [ 100.225721][ T5601] loop0: detected capacity change from 0 to 8192 [ 100.235286][ T5601] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.248553][ T5601] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.257920][ T5601] REISERFS (device loop0): using ordered data mode [ 100.264652][ T5601] reiserfs: using flush barriers [pid 5601] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5601] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5601] chdir("./file0") = 0 [pid 5601] ioctl(4, LOOP_CLR_FD) = 0 [pid 5601] close(4) = 0 [pid 5601] creat("./bus", 000) = 4 [pid 5601] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5601] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5601] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5601] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5601] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5601] exit_group(0) = ? [pid 5601] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5601, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./264", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./264/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./264/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./264/binderfs") = 0 [ 100.270258][ T5601] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.286657][ T5601] REISERFS (device loop0): checking transaction log (loop0) [ 100.308945][ T5601] REISERFS (device loop0): Using r5 hash to sort names [ 100.316002][ T5601] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./264/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./264/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./264/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./264/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./264/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./264/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./264") = 0 mkdir("./265", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5603 attached , child_tidptr=0x555556cf25d0) = 5603 [pid 5603] chdir("./265") = 0 [pid 5603] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5603] setpgid(0, 0) = 0 [pid 5603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5603] write(3, "1000", 4) = 4 [pid 5603] close(3) = 0 [pid 5603] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5603] memfd_create("syzkaller", 0) = 3 [pid 5603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5603] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5603] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5603] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5603] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5603] close(3) = 0 [pid 5603] mkdir("./file0", 0777) = 0 [ 100.396018][ T5603] loop0: detected capacity change from 0 to 8192 [ 100.404781][ T5603] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.417964][ T5603] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.427170][ T5603] REISERFS (device loop0): using ordered data mode [ 100.433692][ T5603] reiserfs: using flush barriers [pid 5603] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5603] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5603] chdir("./file0") = 0 [pid 5603] ioctl(4, LOOP_CLR_FD) = 0 [pid 5603] close(4) = 0 [pid 5603] creat("./bus", 000) = 4 [pid 5603] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5603] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5603] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5603] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5603] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5603] exit_group(0) = ? [pid 5603] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5603, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./265", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./265/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./265/binderfs") = 0 [ 100.439307][ T5603] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.455578][ T5603] REISERFS (device loop0): checking transaction log (loop0) [ 100.478191][ T5603] REISERFS (device loop0): Using r5 hash to sort names [ 100.485339][ T5603] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./265/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./265/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./265/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./265/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./265/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./265/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./265") = 0 mkdir("./266", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5605 ./strace-static-x86_64: Process 5605 attached [pid 5605] chdir("./266") = 0 [pid 5605] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5605] setpgid(0, 0) = 0 [pid 5605] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5605] write(3, "1000", 4) = 4 [pid 5605] close(3) = 0 [pid 5605] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5605] memfd_create("syzkaller", 0) = 3 [pid 5605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5605] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5605] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5605] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5605] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5605] close(3) = 0 [pid 5605] mkdir("./file0", 0777) = 0 [ 100.570471][ T5605] loop0: detected capacity change from 0 to 8192 [ 100.578537][ T5605] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.591644][ T5605] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.600933][ T5605] REISERFS (device loop0): using ordered data mode [ 100.607507][ T5605] reiserfs: using flush barriers [pid 5605] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [ 100.613084][ T5605] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.629517][ T5605] REISERFS (device loop0): checking transaction log (loop0) [ 100.653707][ T5605] REISERFS (device loop0): Using r5 hash to sort names [ 100.662062][ T5605] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5605] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5605] chdir("./file0") = 0 [pid 5605] ioctl(4, LOOP_CLR_FD) = 0 [pid 5605] close(4) = 0 [pid 5605] creat("./bus", 000) = 4 [pid 5605] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5605] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5605] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5605] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5605] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5605] exit_group(0) = ? [pid 5605] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5605, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./266", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./266/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./266/binderfs") = 0 umount2("./266/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./266/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./266/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./266/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./266/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./266/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./266") = 0 mkdir("./267", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5607 attached , child_tidptr=0x555556cf25d0) = 5607 [pid 5607] chdir("./267") = 0 [pid 5607] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5607] setpgid(0, 0) = 0 [pid 5607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5607] write(3, "1000", 4) = 4 [pid 5607] close(3) = 0 [pid 5607] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5607] memfd_create("syzkaller", 0) = 3 [pid 5607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5607] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5607] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5607] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5607] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5607] close(3) = 0 [pid 5607] mkdir("./file0", 0777) = 0 [ 100.738701][ T5607] loop0: detected capacity change from 0 to 8192 [ 100.747261][ T5607] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.760660][ T5607] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.770046][ T5607] REISERFS (device loop0): using ordered data mode [ 100.776646][ T5607] reiserfs: using flush barriers [pid 5607] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5607] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5607] chdir("./file0") = 0 [pid 5607] ioctl(4, LOOP_CLR_FD) = 0 [pid 5607] close(4) = 0 [pid 5607] creat("./bus", 000) = 4 [pid 5607] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5607] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5607] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5607] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5607] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5607] exit_group(0) = ? [pid 5607] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5607, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./267", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./267/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./267/binderfs") = 0 umount2("./267/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./267/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./267/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./267/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./267/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./267/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./267") = 0 mkdir("./268", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 100.782279][ T5607] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.798651][ T5607] REISERFS (device loop0): checking transaction log (loop0) [ 100.821440][ T5607] REISERFS (device loop0): Using r5 hash to sort names [ 100.828720][ T5607] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5609 ./strace-static-x86_64: Process 5609 attached [pid 5609] chdir("./268") = 0 [pid 5609] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5609] setpgid(0, 0) = 0 [pid 5609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5609] write(3, "1000", 4) = 4 [pid 5609] close(3) = 0 [pid 5609] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5609] memfd_create("syzkaller", 0) = 3 [pid 5609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5609] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5609] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5609] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5609] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5609] close(3) = 0 [pid 5609] mkdir("./file0", 0777) = 0 [ 100.898701][ T5609] loop0: detected capacity change from 0 to 8192 [ 100.907399][ T5609] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.920405][ T5609] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.929763][ T5609] REISERFS (device loop0): using ordered data mode [ 100.936271][ T5609] reiserfs: using flush barriers [pid 5609] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5609] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5609] chdir("./file0") = 0 [pid 5609] ioctl(4, LOOP_CLR_FD) = 0 [pid 5609] close(4) = 0 [pid 5609] creat("./bus", 000) = 4 [pid 5609] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5609] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5609] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5609] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5609] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5609] exit_group(0) = ? [pid 5609] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5609, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./268", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./268/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./268/binderfs") = 0 [ 100.941910][ T5609] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.958391][ T5609] REISERFS (device loop0): checking transaction log (loop0) [ 100.981114][ T5609] REISERFS (device loop0): Using r5 hash to sort names [ 100.988123][ T5609] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./268/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./268/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./268/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./268/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./268/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./268/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./268") = 0 mkdir("./269", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5611 ./strace-static-x86_64: Process 5611 attached [pid 5611] chdir("./269") = 0 [pid 5611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5611] setpgid(0, 0) = 0 [pid 5611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5611] write(3, "1000", 4) = 4 [pid 5611] close(3) = 0 [pid 5611] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5611] memfd_create("syzkaller", 0) = 3 [pid 5611] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5611] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5611] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5611] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5611] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5611] close(3) = 0 [pid 5611] mkdir("./file0", 0777) = 0 [ 101.074466][ T5611] loop0: detected capacity change from 0 to 8192 [ 101.083718][ T5611] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.096761][ T5611] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.105947][ T5611] REISERFS (device loop0): using ordered data mode [ 101.112565][ T5611] reiserfs: using flush barriers [pid 5611] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5611] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5611] chdir("./file0") = 0 [pid 5611] ioctl(4, LOOP_CLR_FD) = 0 [pid 5611] close(4) = 0 [pid 5611] creat("./bus", 000) = 4 [pid 5611] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5611] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5611] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5611] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5611] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5611] exit_group(0) = ? [pid 5611] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5611, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./269", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./269/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./269/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./269/binderfs") = 0 umount2("./269/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./269/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 101.118326][ T5611] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.134649][ T5611] REISERFS (device loop0): checking transaction log (loop0) [ 101.157589][ T5611] REISERFS (device loop0): Using r5 hash to sort names [ 101.164593][ T5611] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. lstat("./269/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./269/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./269/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./269/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./269") = 0 mkdir("./270", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5613 attached , child_tidptr=0x555556cf25d0) = 5613 [pid 5613] chdir("./270") = 0 [pid 5613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5613] setpgid(0, 0) = 0 [pid 5613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5613] write(3, "1000", 4) = 4 [pid 5613] close(3) = 0 [pid 5613] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5613] memfd_create("syzkaller", 0) = 3 [pid 5613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5613] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5613] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5613] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5613] close(3) = 0 [pid 5613] mkdir("./file0", 0777) = 0 [ 101.238947][ T5613] loop0: detected capacity change from 0 to 8192 [ 101.248020][ T5613] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.261189][ T5613] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.270828][ T5613] REISERFS (device loop0): using ordered data mode [ 101.277424][ T5613] reiserfs: using flush barriers [pid 5613] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5613] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5613] chdir("./file0") = 0 [pid 5613] ioctl(4, LOOP_CLR_FD) = 0 [pid 5613] close(4) = 0 [pid 5613] creat("./bus", 000) = 4 [pid 5613] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5613] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5613] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5613] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5613] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5613] exit_group(0) = ? [pid 5613] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5613, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./270", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./270/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./270/binderfs") = 0 umount2("./270/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./270/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./270/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./270/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./270/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./270/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./270") = 0 mkdir("./271", 0777) = 0 [ 101.282948][ T5613] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.299386][ T5613] REISERFS (device loop0): checking transaction log (loop0) [ 101.321546][ T5613] REISERFS (device loop0): Using r5 hash to sort names [ 101.328540][ T5613] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5615 ./strace-static-x86_64: Process 5615 attached [pid 5615] chdir("./271") = 0 [pid 5615] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5615] setpgid(0, 0) = 0 [pid 5615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5615] write(3, "1000", 4) = 4 [pid 5615] close(3) = 0 [pid 5615] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5615] memfd_create("syzkaller", 0) = 3 [pid 5615] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5615] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5615] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5615] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5615] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5615] close(3) = 0 [pid 5615] mkdir("./file0", 0777) = 0 [ 101.400810][ T5615] loop0: detected capacity change from 0 to 8192 [ 101.409373][ T5615] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.422460][ T5615] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.431702][ T5615] REISERFS (device loop0): using ordered data mode [ 101.438213][ T5615] reiserfs: using flush barriers [pid 5615] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5615] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5615] chdir("./file0") = 0 [pid 5615] ioctl(4, LOOP_CLR_FD) = 0 [pid 5615] close(4) = 0 [pid 5615] creat("./bus", 000) = 4 [pid 5615] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5615] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5615] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5615] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5615] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5615] exit_group(0) = ? [pid 5615] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5615, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./271", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./271/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./271/binderfs") = 0 umount2("./271/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./271/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./271/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./271/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./271/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./271/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 [ 101.443749][ T5615] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.460025][ T5615] REISERFS (device loop0): checking transaction log (loop0) [ 101.482403][ T5615] REISERFS (device loop0): Using r5 hash to sort names [ 101.489596][ T5615] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 rmdir("./271") = 0 mkdir("./272", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5617 attached , child_tidptr=0x555556cf25d0) = 5617 [pid 5617] chdir("./272") = 0 [pid 5617] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5617] setpgid(0, 0) = 0 [pid 5617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5617] write(3, "1000", 4) = 4 [pid 5617] close(3) = 0 [pid 5617] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5617] memfd_create("syzkaller", 0) = 3 [pid 5617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5617] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5617] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5617] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5617] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5617] close(3) = 0 [pid 5617] mkdir("./file0", 0777) = 0 [ 101.564452][ T5617] loop0: detected capacity change from 0 to 8192 [ 101.573122][ T5617] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.586206][ T5617] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.595497][ T5617] REISERFS (device loop0): using ordered data mode [ 101.602033][ T5617] reiserfs: using flush barriers [ 101.607500][ T5617] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.625149][ T5617] REISERFS (device loop0): checking transaction log (loop0) [ 101.649434][ T5617] REISERFS (device loop0): Using r5 hash to sort names [pid 5617] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5617] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5617] chdir("./file0") = 0 [pid 5617] ioctl(4, LOOP_CLR_FD) = 0 [pid 5617] close(4) = 0 [pid 5617] creat("./bus", 000) = 4 [pid 5617] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5617] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5617] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5617] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5617] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5617] exit_group(0) = ? [pid 5617] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5617, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./272", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./272/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./272/binderfs") = 0 umount2("./272/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./272/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./272/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./272/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./272/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./272/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./272") = 0 mkdir("./273", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 101.656495][ T5617] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5619 attached , child_tidptr=0x555556cf25d0) = 5619 [pid 5619] chdir("./273") = 0 [pid 5619] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5619] setpgid(0, 0) = 0 [pid 5619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5619] write(3, "1000", 4) = 4 [pid 5619] close(3) = 0 [pid 5619] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5619] memfd_create("syzkaller", 0) = 3 [pid 5619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5619] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5619] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5619] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5619] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5619] close(3) = 0 [pid 5619] mkdir("./file0", 0777) = 0 [ 101.731967][ T5619] loop0: detected capacity change from 0 to 8192 [ 101.741318][ T5619] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.754578][ T5619] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.764754][ T5619] REISERFS (device loop0): using ordered data mode [ 101.771327][ T5619] reiserfs: using flush barriers [ 101.776865][ T5619] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.793248][ T5619] REISERFS (device loop0): checking transaction log (loop0) [ 101.817240][ T5619] REISERFS (device loop0): Using r5 hash to sort names [pid 5619] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5619] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5619] chdir("./file0") = 0 [pid 5619] ioctl(4, LOOP_CLR_FD) = 0 [pid 5619] close(4) = 0 [pid 5619] creat("./bus", 000) = 4 [pid 5619] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5619] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5619] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5619] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5619] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5619] exit_group(0) = ? [pid 5619] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5619, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./273", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./273/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./273/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./273/binderfs") = 0 umount2("./273/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./273/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./273/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./273/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./273/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./273/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./273") = 0 mkdir("./274", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 101.824756][ T5619] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5621 attached , child_tidptr=0x555556cf25d0) = 5621 [pid 5621] chdir("./274") = 0 [pid 5621] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5621] setpgid(0, 0) = 0 [pid 5621] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5621] write(3, "1000", 4) = 4 [pid 5621] close(3) = 0 [pid 5621] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5621] memfd_create("syzkaller", 0) = 3 [pid 5621] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5621] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5621] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5621] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5621] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5621] close(3) = 0 [pid 5621] mkdir("./file0", 0777) = 0 [ 101.899792][ T5621] loop0: detected capacity change from 0 to 8192 [ 101.907806][ T5621] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.920964][ T5621] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.930244][ T5621] REISERFS (device loop0): using ordered data mode [ 101.936748][ T5621] reiserfs: using flush barriers [pid 5621] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5621] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5621] chdir("./file0") = 0 [pid 5621] ioctl(4, LOOP_CLR_FD) = 0 [pid 5621] close(4) = 0 [pid 5621] creat("./bus", 000) = 4 [pid 5621] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5621] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5621] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5621] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5621] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5621] exit_group(0) = ? [pid 5621] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5621, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./274", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./274/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./274/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./274/binderfs") = 0 umount2("./274/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./274/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./274/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./274/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 101.942339][ T5621] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.958704][ T5621] REISERFS (device loop0): checking transaction log (loop0) [ 101.980983][ T5621] REISERFS (device loop0): Using r5 hash to sort names [ 101.988140][ T5621] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./274/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./274/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./274") = 0 mkdir("./275", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5623 attached , child_tidptr=0x555556cf25d0) = 5623 [pid 5623] chdir("./275") = 0 [pid 5623] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5623] setpgid(0, 0) = 0 [pid 5623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5623] write(3, "1000", 4) = 4 [pid 5623] close(3) = 0 [pid 5623] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5623] memfd_create("syzkaller", 0) = 3 [pid 5623] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5623] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5623] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5623] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5623] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5623] close(3) = 0 [pid 5623] mkdir("./file0", 0777) = 0 [ 102.064926][ T5623] loop0: detected capacity change from 0 to 8192 [ 102.073847][ T5623] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.086898][ T5623] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.096211][ T5623] REISERFS (device loop0): using ordered data mode [ 102.102757][ T5623] reiserfs: using flush barriers [pid 5623] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5623] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5623] chdir("./file0") = 0 [pid 5623] ioctl(4, LOOP_CLR_FD) = 0 [pid 5623] close(4) = 0 [pid 5623] creat("./bus", 000) = 4 [pid 5623] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5623] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5623] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5623] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5623] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5623] exit_group(0) = ? [pid 5623] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5623, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./275", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./275/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./275/binderfs") = 0 [ 102.108308][ T5623] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.124625][ T5623] REISERFS (device loop0): checking transaction log (loop0) [ 102.148413][ T5623] REISERFS (device loop0): Using r5 hash to sort names [ 102.155410][ T5623] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./275/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./275/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./275/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./275/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./275/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./275/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./275") = 0 mkdir("./276", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5625 attached , child_tidptr=0x555556cf25d0) = 5625 [pid 5625] chdir("./276") = 0 [pid 5625] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5625] setpgid(0, 0) = 0 [pid 5625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5625] write(3, "1000", 4) = 4 [pid 5625] close(3) = 0 [pid 5625] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5625] memfd_create("syzkaller", 0) = 3 [pid 5625] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5625] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5625] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5625] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5625] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5625] close(3) = 0 [pid 5625] mkdir("./file0", 0777) = 0 [ 102.233123][ T5625] loop0: detected capacity change from 0 to 8192 [ 102.241802][ T5625] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.254800][ T5625] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.263990][ T5625] REISERFS (device loop0): using ordered data mode [ 102.270786][ T5625] reiserfs: using flush barriers [pid 5625] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5625] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5625] chdir("./file0") = 0 [pid 5625] ioctl(4, LOOP_CLR_FD) = 0 [pid 5625] close(4) = 0 [pid 5625] creat("./bus", 000) = 4 [pid 5625] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5625] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5625] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5625] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5625] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5625] exit_group(0) = ? [pid 5625] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5625, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./276", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./276/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./276/binderfs") = 0 [ 102.276359][ T5625] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.292695][ T5625] REISERFS (device loop0): checking transaction log (loop0) [ 102.315150][ T5625] REISERFS (device loop0): Using r5 hash to sort names [ 102.322313][ T5625] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./276/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./276/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./276/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./276/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./276/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./276/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./276") = 0 mkdir("./277", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5627 attached [pid 5627] chdir("./277") = 0 [pid 5627] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5627] setpgid(0, 0) = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5627 [pid 5627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5627] write(3, "1000", 4) = 4 [pid 5627] close(3) = 0 [pid 5627] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5627] memfd_create("syzkaller", 0) = 3 [pid 5627] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5627] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5627] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5627] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5627] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5627] close(3) = 0 [pid 5627] mkdir("./file0", 0777) = 0 [ 102.410446][ T5627] loop0: detected capacity change from 0 to 8192 [ 102.419268][ T5627] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.432319][ T5627] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.441711][ T5627] REISERFS (device loop0): using ordered data mode [ 102.448269][ T5627] reiserfs: using flush barriers [ 102.453870][ T5627] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.470376][ T5627] REISERFS (device loop0): checking transaction log (loop0) [ 102.495657][ T5627] REISERFS (device loop0): Using r5 hash to sort names [pid 5627] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5627] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5627] chdir("./file0") = 0 [pid 5627] ioctl(4, LOOP_CLR_FD) = 0 [pid 5627] close(4) = 0 [pid 5627] creat("./bus", 000) = 4 [pid 5627] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5627] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5627] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5627] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5627] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5627] exit_group(0) = ? [pid 5627] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5627, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./277", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./277/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./277/binderfs") = 0 umount2("./277/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./277/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./277/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./277/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./277/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./277/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 102.502685][ T5627] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./277") = 0 mkdir("./278", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5629 attached , child_tidptr=0x555556cf25d0) = 5629 [pid 5629] chdir("./278") = 0 [pid 5629] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5629] setpgid(0, 0) = 0 [pid 5629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5629] write(3, "1000", 4) = 4 [pid 5629] close(3) = 0 [pid 5629] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5629] memfd_create("syzkaller", 0) = 3 [pid 5629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5629] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5629] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5629] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5629] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5629] close(3) = 0 [pid 5629] mkdir("./file0", 0777) = 0 [ 102.581032][ T5629] loop0: detected capacity change from 0 to 8192 [ 102.590856][ T5629] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.603889][ T5629] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.613757][ T5629] REISERFS (device loop0): using ordered data mode [ 102.620283][ T5629] reiserfs: using flush barriers [pid 5629] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5629] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5629] chdir("./file0") = 0 [pid 5629] ioctl(4, LOOP_CLR_FD) = 0 [pid 5629] close(4) = 0 [pid 5629] creat("./bus", 000) = 4 [pid 5629] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5629] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5629] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5629] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5629] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5629] exit_group(0) = ? [pid 5629] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5629, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./278", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./278/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./278/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./278/binderfs") = 0 umount2("./278/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./278/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./278/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 102.625830][ T5629] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.642157][ T5629] REISERFS (device loop0): checking transaction log (loop0) [ 102.665033][ T5629] REISERFS (device loop0): Using r5 hash to sort names [ 102.672237][ T5629] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./278/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./278/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./278/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./278") = 0 mkdir("./279", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5631 ./strace-static-x86_64: Process 5631 attached [pid 5631] chdir("./279") = 0 [pid 5631] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5631] setpgid(0, 0) = 0 [pid 5631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5631] write(3, "1000", 4) = 4 [pid 5631] close(3) = 0 [pid 5631] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5631] memfd_create("syzkaller", 0) = 3 [pid 5631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5631] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5631] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5631] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5631] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5631] close(3) = 0 [pid 5631] mkdir("./file0", 0777) = 0 [ 102.745940][ T5631] loop0: detected capacity change from 0 to 8192 [ 102.755020][ T5631] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.768270][ T5631] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.777680][ T5631] REISERFS (device loop0): using ordered data mode [ 102.784604][ T5631] reiserfs: using flush barriers [ 102.790388][ T5631] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.807074][ T5631] REISERFS (device loop0): checking transaction log (loop0) [ 102.832096][ T5631] REISERFS (device loop0): Using r5 hash to sort names [pid 5631] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5631] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5631] chdir("./file0") = 0 [pid 5631] ioctl(4, LOOP_CLR_FD) = 0 [pid 5631] close(4) = 0 [pid 5631] creat("./bus", 000) = 4 [pid 5631] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5631] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5631] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5631] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5631] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5631] exit_group(0) = ? [pid 5631] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5631, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./279", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./279/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./279/binderfs") = 0 umount2("./279/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./279/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./279/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./279/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./279/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./279/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./279") = 0 mkdir("./280", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 102.839136][ T5631] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5633 attached , child_tidptr=0x555556cf25d0) = 5633 [pid 5633] chdir("./280") = 0 [pid 5633] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5633] setpgid(0, 0) = 0 [pid 5633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5633] write(3, "1000", 4) = 4 [pid 5633] close(3) = 0 [pid 5633] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5633] memfd_create("syzkaller", 0) = 3 [pid 5633] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5633] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5633] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5633] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5633] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5633] close(3) = 0 [pid 5633] mkdir("./file0", 0777) = 0 [ 102.923394][ T5633] loop0: detected capacity change from 0 to 8192 [ 102.932121][ T5633] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.945468][ T5633] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.954756][ T5633] REISERFS (device loop0): using ordered data mode [ 102.961319][ T5633] reiserfs: using flush barriers [pid 5633] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5633] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5633] chdir("./file0") = 0 [pid 5633] ioctl(4, LOOP_CLR_FD) = 0 [pid 5633] close(4) = 0 [pid 5633] creat("./bus", 000) = 4 [pid 5633] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5633] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5633] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5633] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5633] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5633] exit_group(0) = ? [pid 5633] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5633, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./280", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./280/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./280/binderfs") = 0 [ 102.966778][ T5633] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.983224][ T5633] REISERFS (device loop0): checking transaction log (loop0) [ 103.006569][ T5633] REISERFS (device loop0): Using r5 hash to sort names [ 103.013700][ T5633] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./280/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./280/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./280/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./280/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./280/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./280/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./280") = 0 mkdir("./281", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5635 attached , child_tidptr=0x555556cf25d0) = 5635 [pid 5635] chdir("./281") = 0 [pid 5635] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5635] setpgid(0, 0) = 0 [pid 5635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5635] write(3, "1000", 4) = 4 [pid 5635] close(3) = 0 [pid 5635] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5635] memfd_create("syzkaller", 0) = 3 [pid 5635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5635] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5635] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5635] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5635] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5635] close(3) = 0 [pid 5635] mkdir("./file0", 0777) = 0 [ 103.094515][ T5635] loop0: detected capacity change from 0 to 8192 [ 103.103160][ T5635] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.116757][ T5635] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.125986][ T5635] REISERFS (device loop0): using ordered data mode [ 103.132530][ T5635] reiserfs: using flush barriers [ 103.138222][ T5635] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.154498][ T5635] REISERFS (device loop0): checking transaction log (loop0) [ 103.179453][ T5635] REISERFS (device loop0): Using r5 hash to sort names [pid 5635] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5635] chdir("./file0") = 0 [pid 5635] ioctl(4, LOOP_CLR_FD) = 0 [pid 5635] close(4) = 0 [pid 5635] creat("./bus", 000) = 4 [pid 5635] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5635] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5635] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5635] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5635] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5635] exit_group(0) = ? [pid 5635] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5635, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./281", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./281/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./281/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./281/binderfs") = 0 umount2("./281/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./281/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./281/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./281/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./281/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./281/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./281") = 0 mkdir("./282", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5637 ./strace-static-x86_64: Process 5637 attached [pid 5637] chdir("./282") = 0 [pid 5637] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5637] setpgid(0, 0) = 0 [pid 5637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5637] write(3, "1000", 4) = 4 [pid 5637] close(3) = 0 [pid 5637] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5637] memfd_create("syzkaller", 0) = 3 [pid 5637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [ 103.186620][ T5635] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5637] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5637] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5637] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5637] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5637] close(3) = 0 [pid 5637] mkdir("./file0", 0777) = 0 [ 103.254685][ T5637] loop0: detected capacity change from 0 to 8192 [ 103.263305][ T5637] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.276522][ T5637] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.285927][ T5637] REISERFS (device loop0): using ordered data mode [ 103.292553][ T5637] reiserfs: using flush barriers [pid 5637] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5637] chdir("./file0") = 0 [pid 5637] ioctl(4, LOOP_CLR_FD) = 0 [pid 5637] close(4) = 0 [pid 5637] creat("./bus", 000) = 4 [pid 5637] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5637] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5637] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5637] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5637] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5637] exit_group(0) = ? [pid 5637] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5637, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./282", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./282/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./282/binderfs") = 0 umount2("./282/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./282/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./282/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./282/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./282/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./282/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 103.297994][ T5637] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.314324][ T5637] REISERFS (device loop0): checking transaction log (loop0) [ 103.335890][ T5637] REISERFS (device loop0): Using r5 hash to sort names [ 103.342984][ T5637] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./282") = 0 mkdir("./283", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5639 ./strace-static-x86_64: Process 5639 attached [pid 5639] chdir("./283") = 0 [pid 5639] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5639] setpgid(0, 0) = 0 [pid 5639] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5639] write(3, "1000", 4) = 4 [pid 5639] close(3) = 0 [pid 5639] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5639] memfd_create("syzkaller", 0) = 3 [pid 5639] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5639] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5639] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5639] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5639] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5639] close(3) = 0 [pid 5639] mkdir("./file0", 0777) = 0 [ 103.417156][ T5639] loop0: detected capacity change from 0 to 8192 [ 103.425805][ T5639] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.439622][ T5639] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.448941][ T5639] REISERFS (device loop0): using ordered data mode [ 103.455501][ T5639] reiserfs: using flush barriers [pid 5639] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5639] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5639] chdir("./file0") = 0 [pid 5639] ioctl(4, LOOP_CLR_FD) = 0 [pid 5639] close(4) = 0 [pid 5639] creat("./bus", 000) = 4 [pid 5639] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5639] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5639] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5639] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5639] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5639] exit_group(0) = ? [pid 5639] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5639, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./283", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./283/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./283/binderfs") = 0 umount2("./283/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./283/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./283/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./283/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./283/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 103.461254][ T5639] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.478490][ T5639] REISERFS (device loop0): checking transaction log (loop0) [ 103.500190][ T5639] REISERFS (device loop0): Using r5 hash to sort names [ 103.507191][ T5639] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./283/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./283") = 0 mkdir("./284", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5641 attached , child_tidptr=0x555556cf25d0) = 5641 [pid 5641] chdir("./284") = 0 [pid 5641] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5641] setpgid(0, 0) = 0 [pid 5641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5641] write(3, "1000", 4) = 4 [pid 5641] close(3) = 0 [pid 5641] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5641] memfd_create("syzkaller", 0) = 3 [pid 5641] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5641] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5641] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5641] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5641] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5641] close(3) = 0 [pid 5641] mkdir("./file0", 0777) = 0 [ 103.581409][ T5641] loop0: detected capacity change from 0 to 8192 [ 103.590080][ T5641] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.603075][ T5641] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.612300][ T5641] REISERFS (device loop0): using ordered data mode [ 103.618990][ T5641] reiserfs: using flush barriers [pid 5641] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5641] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5641] chdir("./file0") = 0 [pid 5641] ioctl(4, LOOP_CLR_FD) = 0 [pid 5641] close(4) = 0 [pid 5641] creat("./bus", 000) = 4 [pid 5641] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5641] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5641] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5641] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5641] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5641] exit_group(0) = ? [pid 5641] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5641, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./284", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./284/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./284/binderfs") = 0 umount2("./284/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./284/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./284/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./284/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./284/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./284/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./284") = 0 mkdir("./285", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 103.624529][ T5641] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.640903][ T5641] REISERFS (device loop0): checking transaction log (loop0) [ 103.662248][ T5641] REISERFS (device loop0): Using r5 hash to sort names [ 103.669441][ T5641] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5643 attached , child_tidptr=0x555556cf25d0) = 5643 [pid 5643] chdir("./285") = 0 [pid 5643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5643] setpgid(0, 0) = 0 [pid 5643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5643] write(3, "1000", 4) = 4 [pid 5643] close(3) = 0 [pid 5643] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5643] memfd_create("syzkaller", 0) = 3 [pid 5643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5643] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5643] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5643] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5643] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5643] close(3) = 0 [pid 5643] mkdir("./file0", 0777) = 0 [ 103.740626][ T5643] loop0: detected capacity change from 0 to 8192 [ 103.750040][ T5643] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.763127][ T5643] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.772548][ T5643] REISERFS (device loop0): using ordered data mode [ 103.779183][ T5643] reiserfs: using flush barriers [pid 5643] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5643] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5643] chdir("./file0") = 0 [pid 5643] ioctl(4, LOOP_CLR_FD) = 0 [pid 5643] close(4) = 0 [pid 5643] creat("./bus", 000) = 4 [pid 5643] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5643] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5643] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5643] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5643] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5643] exit_group(0) = ? [pid 5643] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5643, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./285", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./285/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./285/binderfs") = 0 [ 103.784702][ T5643] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.801428][ T5643] REISERFS (device loop0): checking transaction log (loop0) [ 103.824763][ T5643] REISERFS (device loop0): Using r5 hash to sort names [ 103.831856][ T5643] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./285/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./285/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./285/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./285/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./285/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./285/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./285") = 0 mkdir("./286", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5645 ./strace-static-x86_64: Process 5645 attached [pid 5645] chdir("./286") = 0 [pid 5645] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5645] setpgid(0, 0) = 0 [pid 5645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5645] write(3, "1000", 4) = 4 [pid 5645] close(3) = 0 [pid 5645] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5645] memfd_create("syzkaller", 0) = 3 [pid 5645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5645] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5645] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5645] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5645] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5645] close(3) = 0 [pid 5645] mkdir("./file0", 0777) = 0 [ 103.912983][ T5645] loop0: detected capacity change from 0 to 8192 [ 103.921365][ T5645] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.934783][ T5645] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.944132][ T5645] REISERFS (device loop0): using ordered data mode [ 103.950680][ T5645] reiserfs: using flush barriers [pid 5645] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5645] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5645] chdir("./file0") = 0 [pid 5645] ioctl(4, LOOP_CLR_FD) = 0 [pid 5645] close(4) = 0 [pid 5645] creat("./bus", 000) = 4 [pid 5645] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5645] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5645] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5645] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5645] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5645] exit_group(0) = ? [pid 5645] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5645, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./286", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./286/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./286/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./286/binderfs") = 0 umount2("./286/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./286/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./286/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./286/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./286/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./286/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./286") = 0 mkdir("./287", 0777) = 0 [ 103.956267][ T5645] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.972570][ T5645] REISERFS (device loop0): checking transaction log (loop0) [ 103.994328][ T5645] REISERFS (device loop0): Using r5 hash to sort names [ 104.001423][ T5645] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5647 ./strace-static-x86_64: Process 5647 attached [pid 5647] chdir("./287") = 0 [pid 5647] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5647] setpgid(0, 0) = 0 [pid 5647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5647] write(3, "1000", 4) = 4 [pid 5647] close(3) = 0 [pid 5647] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5647] memfd_create("syzkaller", 0) = 3 [pid 5647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5647] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5647] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5647] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5647] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5647] close(3) = 0 [pid 5647] mkdir("./file0", 0777) = 0 [ 104.073896][ T5647] loop0: detected capacity change from 0 to 8192 [ 104.082273][ T5647] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.095505][ T5647] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.104716][ T5647] REISERFS (device loop0): using ordered data mode [ 104.111260][ T5647] reiserfs: using flush barriers [pid 5647] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5647] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5647] chdir("./file0") = 0 [pid 5647] ioctl(4, LOOP_CLR_FD) = 0 [pid 5647] close(4) = 0 [pid 5647] creat("./bus", 000) = 4 [pid 5647] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5647] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5647] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5647] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5647] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5647] exit_group(0) = ? [pid 5647] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5647, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./287", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./287/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./287/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./287/binderfs") = 0 umount2("./287/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./287/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./287/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./287/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./287/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 104.116828][ T5647] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.133192][ T5647] REISERFS (device loop0): checking transaction log (loop0) [ 104.155301][ T5647] REISERFS (device loop0): Using r5 hash to sort names [ 104.162322][ T5647] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./287/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./287") = 0 mkdir("./288", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5649 ./strace-static-x86_64: Process 5649 attached [pid 5649] chdir("./288") = 0 [pid 5649] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5649] setpgid(0, 0) = 0 [pid 5649] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5649] write(3, "1000", 4) = 4 [pid 5649] close(3) = 0 [pid 5649] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5649] memfd_create("syzkaller", 0) = 3 [pid 5649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5649] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5649] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5649] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5649] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5649] close(3) = 0 [pid 5649] mkdir("./file0", 0777) = 0 [ 104.238218][ T5649] loop0: detected capacity change from 0 to 8192 [ 104.246623][ T5649] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.259969][ T5649] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.269245][ T5649] REISERFS (device loop0): using ordered data mode [ 104.275752][ T5649] reiserfs: using flush barriers [pid 5649] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5649] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5649] chdir("./file0") = 0 [pid 5649] ioctl(4, LOOP_CLR_FD) = 0 [pid 5649] close(4) = 0 [pid 5649] creat("./bus", 000) = 4 [pid 5649] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5649] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5649] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5649] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5649] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5649] exit_group(0) = ? [pid 5649] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5649, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./288", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./288/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./288/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./288/binderfs") = 0 umount2("./288/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./288/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./288/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./288/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./288/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./288/file0") = 0 [ 104.281350][ T5649] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.297605][ T5649] REISERFS (device loop0): checking transaction log (loop0) [ 104.321701][ T5649] REISERFS (device loop0): Using r5 hash to sort names [ 104.328694][ T5649] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./288") = 0 mkdir("./289", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5651 attached , child_tidptr=0x555556cf25d0) = 5651 [pid 5651] chdir("./289") = 0 [pid 5651] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5651] setpgid(0, 0) = 0 [pid 5651] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5651] write(3, "1000", 4) = 4 [pid 5651] close(3) = 0 [pid 5651] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5651] memfd_create("syzkaller", 0) = 3 [pid 5651] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5651] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5651] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5651] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5651] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5651] close(3) = 0 [pid 5651] mkdir("./file0", 0777) = 0 [ 104.400829][ T5651] loop0: detected capacity change from 0 to 8192 [ 104.409346][ T5651] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.422417][ T5651] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.431865][ T5651] REISERFS (device loop0): using ordered data mode [ 104.438384][ T5651] reiserfs: using flush barriers [pid 5651] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5651] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5651] chdir("./file0") = 0 [pid 5651] ioctl(4, LOOP_CLR_FD) = 0 [pid 5651] close(4) = 0 [pid 5651] creat("./bus", 000) = 4 [pid 5651] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5651] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5651] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5651] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5651] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5651] exit_group(0) = ? [pid 5651] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5651, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./289", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./289/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./289/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./289/binderfs") = 0 umount2("./289/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./289/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./289/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./289/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./289/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./289/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./289") = 0 mkdir("./290", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 104.443917][ T5651] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.460257][ T5651] REISERFS (device loop0): checking transaction log (loop0) [ 104.481638][ T5651] REISERFS (device loop0): Using r5 hash to sort names [ 104.488622][ T5651] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5653 ./strace-static-x86_64: Process 5653 attached [pid 5653] chdir("./290") = 0 [pid 5653] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5653] setpgid(0, 0) = 0 [pid 5653] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5653] write(3, "1000", 4) = 4 [pid 5653] close(3) = 0 [pid 5653] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5653] memfd_create("syzkaller", 0) = 3 [pid 5653] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5653] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5653] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5653] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5653] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5653] close(3) = 0 [pid 5653] mkdir("./file0", 0777) = 0 [ 104.560543][ T5653] loop0: detected capacity change from 0 to 8192 [ 104.569209][ T5653] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.583209][ T5653] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.592473][ T5653] REISERFS (device loop0): using ordered data mode [ 104.599004][ T5653] reiserfs: using flush barriers [pid 5653] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5653] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5653] chdir("./file0") = 0 [pid 5653] ioctl(4, LOOP_CLR_FD) = 0 [pid 5653] close(4) = 0 [pid 5653] creat("./bus", 000) = 4 [pid 5653] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5653] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5653] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5653] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5653] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5653] exit_group(0) = ? [pid 5653] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5653, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./290", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./290", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./290/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./290/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./290/binderfs") = 0 umount2("./290/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 104.604507][ T5653] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.620842][ T5653] REISERFS (device loop0): checking transaction log (loop0) [ 104.642351][ T5653] REISERFS (device loop0): Using r5 hash to sort names [ 104.649357][ T5653] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./290/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./290/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./290/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./290/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./290/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./290") = 0 mkdir("./291", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5655 ./strace-static-x86_64: Process 5655 attached [pid 5655] chdir("./291") = 0 [pid 5655] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5655] setpgid(0, 0) = 0 [pid 5655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5655] write(3, "1000", 4) = 4 [pid 5655] close(3) = 0 [pid 5655] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5655] memfd_create("syzkaller", 0) = 3 [pid 5655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5655] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5655] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5655] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5655] close(3) = 0 [pid 5655] mkdir("./file0", 0777) = 0 [ 104.723893][ T5655] loop0: detected capacity change from 0 to 8192 [ 104.732754][ T5655] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.745842][ T5655] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.755352][ T5655] REISERFS (device loop0): using ordered data mode [ 104.761977][ T5655] reiserfs: using flush barriers [pid 5655] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5655] chdir("./file0") = 0 [pid 5655] ioctl(4, LOOP_CLR_FD) = 0 [pid 5655] close(4) = 0 [pid 5655] creat("./bus", 000) = 4 [pid 5655] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5655] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5655] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5655] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5655] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5655] exit_group(0) = ? [pid 5655] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5655, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./291", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./291", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./291/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./291/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./291/binderfs") = 0 umount2("./291/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./291/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./291/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./291/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./291/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./291/file0") = 0 [ 104.767533][ T5655] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.784133][ T5655] REISERFS (device loop0): checking transaction log (loop0) [ 104.808029][ T5655] REISERFS (device loop0): Using r5 hash to sort names [ 104.815098][ T5655] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./291") = 0 mkdir("./292", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5657 ./strace-static-x86_64: Process 5657 attached [pid 5657] chdir("./292") = 0 [pid 5657] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5657] setpgid(0, 0) = 0 [pid 5657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5657] write(3, "1000", 4) = 4 [pid 5657] close(3) = 0 [pid 5657] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5657] memfd_create("syzkaller", 0) = 3 [pid 5657] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5657] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5657] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5657] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5657] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5657] close(3) = 0 [pid 5657] mkdir("./file0", 0777) = 0 [ 104.880571][ T5657] loop0: detected capacity change from 0 to 8192 [ 104.888929][ T5657] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.902162][ T5657] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.911373][ T5657] REISERFS (device loop0): using ordered data mode [ 104.917870][ T5657] reiserfs: using flush barriers [pid 5657] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5657] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5657] chdir("./file0") = 0 [pid 5657] ioctl(4, LOOP_CLR_FD) = 0 [pid 5657] close(4) = 0 [pid 5657] creat("./bus", 000) = 4 [pid 5657] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5657] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5657] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5657] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5657] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5657] exit_group(0) = ? [pid 5657] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5657, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- umount2("./292", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./292", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./292/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./292/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./292/binderfs") = 0 umount2("./292/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./292/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./292/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 104.923492][ T5657] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.939731][ T5657] REISERFS (device loop0): checking transaction log (loop0) [ 104.960702][ T5657] REISERFS (device loop0): Using r5 hash to sort names [ 104.967698][ T5657] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./292/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./292/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./292/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./292") = 0 mkdir("./293", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5659 ./strace-static-x86_64: Process 5659 attached [pid 5659] chdir("./293") = 0 [pid 5659] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5659] setpgid(0, 0) = 0 [pid 5659] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5659] write(3, "1000", 4) = 4 [pid 5659] close(3) = 0 [pid 5659] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5659] memfd_create("syzkaller", 0) = 3 [pid 5659] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5659] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5659] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5659] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5659] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5659] close(3) = 0 [pid 5659] mkdir("./file0", 0777) = 0 [ 105.040652][ T5659] loop0: detected capacity change from 0 to 8192 [ 105.049501][ T5659] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.062584][ T5659] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.071807][ T5659] REISERFS (device loop0): using ordered data mode [ 105.078306][ T5659] reiserfs: using flush barriers [pid 5659] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5659] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5659] chdir("./file0") = 0 [pid 5659] ioctl(4, LOOP_CLR_FD) = 0 [pid 5659] close(4) = 0 [pid 5659] creat("./bus", 000) = 4 [pid 5659] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5659] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5659] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5659] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5659] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5659] exit_group(0) = ? [pid 5659] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5659, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./293", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./293", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./293/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./293/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./293/binderfs") = 0 umount2("./293/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./293/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./293/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./293/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./293/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./293/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./293") = 0 mkdir("./294", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 105.083857][ T5659] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.100251][ T5659] REISERFS (device loop0): checking transaction log (loop0) [ 105.121215][ T5659] REISERFS (device loop0): Using r5 hash to sort names [ 105.128225][ T5659] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5661 attached , child_tidptr=0x555556cf25d0) = 5661 [pid 5661] chdir("./294") = 0 [pid 5661] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5661] setpgid(0, 0) = 0 [pid 5661] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5661] write(3, "1000", 4) = 4 [pid 5661] close(3) = 0 [pid 5661] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5661] memfd_create("syzkaller", 0) = 3 [pid 5661] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5661] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5661] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5661] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5661] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5661] close(3) = 0 [pid 5661] mkdir("./file0", 0777) = 0 [ 105.198049][ T5661] loop0: detected capacity change from 0 to 8192 [ 105.206605][ T5661] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.219635][ T5661] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.228916][ T5661] REISERFS (device loop0): using ordered data mode [ 105.235512][ T5661] reiserfs: using flush barriers [pid 5661] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5661] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5661] chdir("./file0") = 0 [pid 5661] ioctl(4, LOOP_CLR_FD) = 0 [pid 5661] close(4) = 0 [pid 5661] creat("./bus", 000) = 4 [pid 5661] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5661] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5661] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5661] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5661] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5661] exit_group(0) = ? [pid 5661] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5661, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./294", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./294", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./294/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./294/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./294/binderfs") = 0 [ 105.241149][ T5661] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.257414][ T5661] REISERFS (device loop0): checking transaction log (loop0) [ 105.281048][ T5661] REISERFS (device loop0): Using r5 hash to sort names [ 105.288054][ T5661] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./294/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./294/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./294/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./294/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./294/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./294/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./294") = 0 mkdir("./295", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5663 attached , child_tidptr=0x555556cf25d0) = 5663 [pid 5663] chdir("./295") = 0 [pid 5663] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5663] setpgid(0, 0) = 0 [pid 5663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5663] write(3, "1000", 4) = 4 [pid 5663] close(3) = 0 [pid 5663] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5663] memfd_create("syzkaller", 0) = 3 [pid 5663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5663] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5663] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5663] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5663] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5663] close(3) = 0 [pid 5663] mkdir("./file0", 0777) = 0 [ 105.369603][ T5663] loop0: detected capacity change from 0 to 8192 [ 105.378715][ T5663] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.391821][ T5663] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.401128][ T5663] REISERFS (device loop0): using ordered data mode [ 105.407629][ T5663] reiserfs: using flush barriers [pid 5663] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5663] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5663] chdir("./file0") = 0 [pid 5663] ioctl(4, LOOP_CLR_FD) = 0 [pid 5663] close(4) = 0 [pid 5663] creat("./bus", 000) = 4 [pid 5663] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5663] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5663] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5663] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5663] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5663] exit_group(0) = ? [pid 5663] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5663, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./295", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./295", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./295/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./295/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./295/binderfs") = 0 umount2("./295/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./295/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./295/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./295/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./295/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./295/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./295") = 0 mkdir("./296", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 105.413164][ T5663] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.429578][ T5663] REISERFS (device loop0): checking transaction log (loop0) [ 105.452148][ T5663] REISERFS (device loop0): Using r5 hash to sort names [ 105.459358][ T5663] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5665 attached [pid 5665] chdir("./296") = 0 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5665 [pid 5665] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5665] setpgid(0, 0) = 0 [pid 5665] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5665] write(3, "1000", 4) = 4 [pid 5665] close(3) = 0 [pid 5665] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5665] memfd_create("syzkaller", 0) = 3 [pid 5665] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5665] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5665] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5665] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5665] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5665] close(3) = 0 [pid 5665] mkdir("./file0", 0777) = 0 [ 105.534473][ T5665] loop0: detected capacity change from 0 to 8192 [ 105.543172][ T5665] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.556382][ T5665] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.566968][ T5665] REISERFS (device loop0): using ordered data mode [ 105.573513][ T5665] reiserfs: using flush barriers [ 105.579204][ T5665] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.595468][ T5665] REISERFS (device loop0): checking transaction log (loop0) [ 105.619095][ T5665] REISERFS (device loop0): Using r5 hash to sort names [pid 5665] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5665] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5665] chdir("./file0") = 0 [pid 5665] ioctl(4, LOOP_CLR_FD) = 0 [pid 5665] close(4) = 0 [pid 5665] creat("./bus", 000) = 4 [pid 5665] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5665] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5665] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5665] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5665] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5665] exit_group(0) = ? [pid 5665] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5665, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./296", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./296", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./296/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./296/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./296/binderfs") = 0 umount2("./296/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./296/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./296/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./296/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./296/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./296/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./296") = 0 mkdir("./297", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 105.626312][ T5665] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5667 attached [pid 5667] chdir("./297") = 0 [pid 5667] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5667] setpgid(0, 0) = 0 [pid 5667] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5667] write(3, "1000", 4) = 4 [pid 5667] close(3) = 0 [pid 5667] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5667] memfd_create("syzkaller", 0) = 3 [pid 5667] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5667 [pid 5667] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5667] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5667] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5667] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5667] close(3) = 0 [pid 5667] mkdir("./file0", 0777) = 0 [ 105.697201][ T5667] loop0: detected capacity change from 0 to 8192 [ 105.706255][ T5667] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.719609][ T5667] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.728831][ T5667] REISERFS (device loop0): using ordered data mode [ 105.735337][ T5667] reiserfs: using flush barriers [pid 5667] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5667] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5667] chdir("./file0") = 0 [pid 5667] ioctl(4, LOOP_CLR_FD) = 0 [pid 5667] close(4) = 0 [pid 5667] creat("./bus", 000) = 4 [pid 5667] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5667] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5667] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5667] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5667] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5667] exit_group(0) = ? [pid 5667] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5667, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- umount2("./297", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./297", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./297/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./297/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./297/binderfs") = 0 umount2("./297/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./297/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./297/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./297/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./297/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./297/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 105.740901][ T5667] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.757125][ T5667] REISERFS (device loop0): checking transaction log (loop0) [ 105.778792][ T5667] REISERFS (device loop0): Using r5 hash to sort names [ 105.785774][ T5667] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./297") = 0 mkdir("./298", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5669 ./strace-static-x86_64: Process 5669 attached [pid 5669] chdir("./298") = 0 [pid 5669] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5669] setpgid(0, 0) = 0 [pid 5669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5669] write(3, "1000", 4) = 4 [pid 5669] close(3) = 0 [pid 5669] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5669] memfd_create("syzkaller", 0) = 3 [pid 5669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5669] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5669] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5669] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5669] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5669] close(3) = 0 [pid 5669] mkdir("./file0", 0777) = 0 [ 105.853319][ T5669] loop0: detected capacity change from 0 to 8192 [ 105.862626][ T5669] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.875885][ T5669] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.885103][ T5669] REISERFS (device loop0): using ordered data mode [ 105.891684][ T5669] reiserfs: using flush barriers [pid 5669] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5669] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5669] chdir("./file0") = 0 [pid 5669] ioctl(4, LOOP_CLR_FD) = 0 [pid 5669] close(4) = 0 [pid 5669] creat("./bus", 000) = 4 [pid 5669] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5669] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5669] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5669] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5669] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5669] exit_group(0) = ? [pid 5669] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5669, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./298", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./298", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./298/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./298/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./298/binderfs") = 0 [ 105.897152][ T5669] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.913689][ T5669] REISERFS (device loop0): checking transaction log (loop0) [ 105.936905][ T5669] REISERFS (device loop0): Using r5 hash to sort names [ 105.943979][ T5669] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./298/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./298/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./298/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./298/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./298/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./298/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./298") = 0 mkdir("./299", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5671 ./strace-static-x86_64: Process 5671 attached [pid 5671] chdir("./299") = 0 [pid 5671] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5671] setpgid(0, 0) = 0 [pid 5671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5671] write(3, "1000", 4) = 4 [pid 5671] close(3) = 0 [pid 5671] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5671] memfd_create("syzkaller", 0) = 3 [pid 5671] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5671] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5671] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5671] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5671] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5671] close(3) = 0 [pid 5671] mkdir("./file0", 0777) = 0 [ 106.020843][ T5671] loop0: detected capacity change from 0 to 8192 [ 106.029396][ T5671] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.042477][ T5671] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.051687][ T5671] REISERFS (device loop0): using ordered data mode [ 106.058205][ T5671] reiserfs: using flush barriers [pid 5671] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5671] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5671] chdir("./file0") = 0 [pid 5671] ioctl(4, LOOP_CLR_FD) = 0 [pid 5671] close(4) = 0 [pid 5671] creat("./bus", 000) = 4 [pid 5671] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5671] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5671] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5671] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5671] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5671] exit_group(0) = ? [pid 5671] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5671, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./299", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./299", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./299/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./299/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./299/binderfs") = 0 umount2("./299/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./299/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./299/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./299/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./299/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./299/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 106.063771][ T5671] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.080027][ T5671] REISERFS (device loop0): checking transaction log (loop0) [ 106.102151][ T5671] REISERFS (device loop0): Using r5 hash to sort names [ 106.109385][ T5671] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./299") = 0 mkdir("./300", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5673 attached , child_tidptr=0x555556cf25d0) = 5673 [pid 5673] chdir("./300") = 0 [pid 5673] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5673] setpgid(0, 0) = 0 [pid 5673] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5673] write(3, "1000", 4) = 4 [pid 5673] close(3) = 0 [pid 5673] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5673] memfd_create("syzkaller", 0) = 3 [pid 5673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5673] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5673] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5673] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5673] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5673] close(3) = 0 [pid 5673] mkdir("./file0", 0777) = 0 [ 106.182728][ T5673] loop0: detected capacity change from 0 to 8192 [ 106.191193][ T5673] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.204244][ T5673] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.213419][ T5673] REISERFS (device loop0): using ordered data mode [ 106.219950][ T5673] reiserfs: using flush barriers [pid 5673] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5673] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5673] chdir("./file0") = 0 [pid 5673] ioctl(4, LOOP_CLR_FD) = 0 [pid 5673] close(4) = 0 [pid 5673] creat("./bus", 000) = 4 [pid 5673] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5673] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5673] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5673] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5673] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5673] exit_group(0) = ? [pid 5673] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5673, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./300", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./300", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./300/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./300/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./300/binderfs") = 0 umount2("./300/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./300/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./300/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./300/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./300/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 [ 106.225546][ T5673] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.241946][ T5673] REISERFS (device loop0): checking transaction log (loop0) [ 106.264314][ T5673] REISERFS (device loop0): Using r5 hash to sort names [ 106.271432][ T5673] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./300/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./300") = 0 mkdir("./301", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5675 ./strace-static-x86_64: Process 5675 attached [pid 5675] chdir("./301") = 0 [pid 5675] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5675] setpgid(0, 0) = 0 [pid 5675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5675] write(3, "1000", 4) = 4 [pid 5675] close(3) = 0 [pid 5675] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5675] memfd_create("syzkaller", 0) = 3 [pid 5675] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5675] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5675] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5675] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5675] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5675] close(3) = 0 [pid 5675] mkdir("./file0", 0777) = 0 [ 106.345507][ T5675] loop0: detected capacity change from 0 to 8192 [ 106.353901][ T5675] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.366923][ T5675] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.376246][ T5675] REISERFS (device loop0): using ordered data mode [ 106.382786][ T5675] reiserfs: using flush barriers [pid 5675] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5675] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5675] chdir("./file0") = 0 [pid 5675] ioctl(4, LOOP_CLR_FD) = 0 [pid 5675] close(4) = 0 [pid 5675] creat("./bus", 000) = 4 [pid 5675] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5675] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5675] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5675] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5675] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5675] exit_group(0) = ? [pid 5675] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5675, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./301", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./301", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./301/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./301/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./301/binderfs") = 0 [ 106.388255][ T5675] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.404588][ T5675] REISERFS (device loop0): checking transaction log (loop0) [ 106.427948][ T5675] REISERFS (device loop0): Using r5 hash to sort names [ 106.435016][ T5675] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./301/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./301/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./301/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./301/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./301/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./301/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./301") = 0 mkdir("./302", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5677 attached , child_tidptr=0x555556cf25d0) = 5677 [pid 5677] chdir("./302") = 0 [pid 5677] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5677] setpgid(0, 0) = 0 [pid 5677] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5677] write(3, "1000", 4) = 4 [pid 5677] close(3) = 0 [pid 5677] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5677] memfd_create("syzkaller", 0) = 3 [pid 5677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5677] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5677] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5677] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5677] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5677] close(3) = 0 [pid 5677] mkdir("./file0", 0777) = 0 [ 106.519785][ T5677] loop0: detected capacity change from 0 to 8192 [ 106.528486][ T5677] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.541834][ T5677] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.551048][ T5677] REISERFS (device loop0): using ordered data mode [ 106.557587][ T5677] reiserfs: using flush barriers [pid 5677] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5677] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5677] chdir("./file0") = 0 [pid 5677] ioctl(4, LOOP_CLR_FD) = 0 [pid 5677] close(4) = 0 [pid 5677] creat("./bus", 000) = 4 [pid 5677] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5677] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5677] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5677] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5677] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5677] exit_group(0) = ? [pid 5677] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5677, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./302", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./302", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./302/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./302/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./302/binderfs") = 0 umount2("./302/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./302/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./302/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./302/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./302/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 [ 106.563480][ T5677] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.579811][ T5677] REISERFS (device loop0): checking transaction log (loop0) [ 106.602152][ T5677] REISERFS (device loop0): Using r5 hash to sort names [ 106.609183][ T5677] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(4) = 0 rmdir("./302/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./302") = 0 mkdir("./303", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5679 attached , child_tidptr=0x555556cf25d0) = 5679 [pid 5679] chdir("./303") = 0 [pid 5679] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5679] setpgid(0, 0) = 0 [pid 5679] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5679] write(3, "1000", 4) = 4 [pid 5679] close(3) = 0 [pid 5679] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5679] memfd_create("syzkaller", 0) = 3 [pid 5679] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5679] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5679] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5679] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5679] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5679] close(3) = 0 [pid 5679] mkdir("./file0", 0777) = 0 [ 106.684001][ T5679] loop0: detected capacity change from 0 to 8192 [ 106.692543][ T5679] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.705560][ T5679] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.714921][ T5679] REISERFS (device loop0): using ordered data mode [ 106.721501][ T5679] reiserfs: using flush barriers [pid 5679] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5679] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5679] chdir("./file0") = 0 [pid 5679] ioctl(4, LOOP_CLR_FD) = 0 [pid 5679] close(4) = 0 [pid 5679] creat("./bus", 000) = 4 [pid 5679] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5679] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5679] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5679] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5679] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5679] exit_group(0) = ? [pid 5679] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5679, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./303", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./303", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./303/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./303/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./303/binderfs") = 0 [ 106.726943][ T5679] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.743250][ T5679] REISERFS (device loop0): checking transaction log (loop0) [ 106.765524][ T5679] REISERFS (device loop0): Using r5 hash to sort names [ 106.772552][ T5679] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./303/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./303/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./303/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./303/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./303/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./303/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./303") = 0 mkdir("./304", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5681 attached , child_tidptr=0x555556cf25d0) = 5681 [pid 5681] chdir("./304") = 0 [pid 5681] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5681] setpgid(0, 0) = 0 [pid 5681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5681] write(3, "1000", 4) = 4 [pid 5681] close(3) = 0 [pid 5681] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5681] memfd_create("syzkaller", 0) = 3 [pid 5681] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5681] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5681] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5681] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5681] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5681] close(3) = 0 [pid 5681] mkdir("./file0", 0777) = 0 [ 106.852607][ T5681] loop0: detected capacity change from 0 to 8192 [ 106.861284][ T5681] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.874365][ T5681] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.883678][ T5681] REISERFS (device loop0): using ordered data mode [ 106.890206][ T5681] reiserfs: using flush barriers [pid 5681] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5681] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5681] chdir("./file0") = 0 [pid 5681] ioctl(4, LOOP_CLR_FD) = 0 [pid 5681] close(4) = 0 [pid 5681] creat("./bus", 000) = 4 [pid 5681] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5681] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5681] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5681] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5681] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5681] exit_group(0) = ? [pid 5681] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5681, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./304", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./304", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./304/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./304/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./304/binderfs") = 0 umount2("./304/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./304/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./304/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./304/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./304/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./304/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./304") = 0 mkdir("./305", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 106.895932][ T5681] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.912274][ T5681] REISERFS (device loop0): checking transaction log (loop0) [ 106.933143][ T5681] REISERFS (device loop0): Using r5 hash to sort names [ 106.940337][ T5681] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5683 attached , child_tidptr=0x555556cf25d0) = 5683 [pid 5683] chdir("./305") = 0 [pid 5683] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5683] setpgid(0, 0) = 0 [pid 5683] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5683] write(3, "1000", 4) = 4 [pid 5683] close(3) = 0 [pid 5683] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5683] memfd_create("syzkaller", 0) = 3 [pid 5683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5683] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5683] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5683] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5683] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5683] close(3) = 0 [pid 5683] mkdir("./file0", 0777) = 0 [ 107.008667][ T5683] loop0: detected capacity change from 0 to 8192 [ 107.017333][ T5683] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.030530][ T5683] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.039857][ T5683] REISERFS (device loop0): using ordered data mode [ 107.046458][ T5683] reiserfs: using flush barriers [pid 5683] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5683] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5683] chdir("./file0") = 0 [pid 5683] ioctl(4, LOOP_CLR_FD) = 0 [pid 5683] close(4) = 0 [pid 5683] creat("./bus", 000) = 4 [pid 5683] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5683] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5683] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5683] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5683] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5683] exit_group(0) = ? [pid 5683] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5683, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./305", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./305", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./305/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./305/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./305/binderfs") = 0 [ 107.052015][ T5683] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.068280][ T5683] REISERFS (device loop0): checking transaction log (loop0) [ 107.089273][ T5683] REISERFS (device loop0): Using r5 hash to sort names [ 107.096357][ T5683] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./305/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./305/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./305/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./305/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./305/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./305/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./305") = 0 mkdir("./306", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5685 attached [pid 5685] chdir("./306" [pid 5064] <... clone resumed>, child_tidptr=0x555556cf25d0) = 5685 [pid 5685] <... chdir resumed>) = 0 [pid 5685] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5685] setpgid(0, 0) = 0 [pid 5685] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5685] write(3, "1000", 4) = 4 [pid 5685] close(3) = 0 [pid 5685] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5685] memfd_create("syzkaller", 0) = 3 [pid 5685] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5685] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5685] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5685] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5685] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5685] close(3) = 0 [pid 5685] mkdir("./file0", 0777) = 0 [ 107.173299][ T5685] loop0: detected capacity change from 0 to 8192 [ 107.181661][ T5685] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.194674][ T5685] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.203875][ T5685] REISERFS (device loop0): using ordered data mode [ 107.210455][ T5685] reiserfs: using flush barriers [pid 5685] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5685] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5685] chdir("./file0") = 0 [pid 5685] ioctl(4, LOOP_CLR_FD) = 0 [pid 5685] close(4) = 0 [pid 5685] creat("./bus", 000) = 4 [pid 5685] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5685] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5685] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5685] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5685] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5685] exit_group(0) = ? [pid 5685] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5685, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./306", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./306", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./306/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./306/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./306/binderfs") = 0 umount2("./306/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./306/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./306/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./306/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./306/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./306/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./306") = 0 [ 107.216003][ T5685] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.232311][ T5685] REISERFS (device loop0): checking transaction log (loop0) [ 107.253510][ T5685] REISERFS (device loop0): Using r5 hash to sort names [ 107.260703][ T5685] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. mkdir("./307", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5687 attached , child_tidptr=0x555556cf25d0) = 5687 [pid 5687] chdir("./307") = 0 [pid 5687] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5687] setpgid(0, 0) = 0 [pid 5687] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5687] write(3, "1000", 4) = 4 [pid 5687] close(3) = 0 [pid 5687] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5687] memfd_create("syzkaller", 0) = 3 [pid 5687] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5687] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5687] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5687] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5687] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5687] close(3) = 0 [pid 5687] mkdir("./file0", 0777) = 0 [ 107.335515][ T5687] loop0: detected capacity change from 0 to 8192 [ 107.344313][ T5687] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.357419][ T5687] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.366798][ T5687] REISERFS (device loop0): using ordered data mode [ 107.373342][ T5687] reiserfs: using flush barriers [pid 5687] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5687] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5687] chdir("./file0") = 0 [pid 5687] ioctl(4, LOOP_CLR_FD) = 0 [pid 5687] close(4) = 0 [pid 5687] creat("./bus", 000) = 4 [pid 5687] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5687] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5687] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5687] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5687] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5687] exit_group(0) = ? [pid 5687] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5687, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./307", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./307", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./307/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./307/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./307/binderfs") = 0 [ 107.379205][ T5687] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.395614][ T5687] REISERFS (device loop0): checking transaction log (loop0) [ 107.418078][ T5687] REISERFS (device loop0): Using r5 hash to sort names [ 107.425240][ T5687] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./307/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./307/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./307/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./307/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./307/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./307/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./307") = 0 mkdir("./308", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5689 attached , child_tidptr=0x555556cf25d0) = 5689 [pid 5689] chdir("./308") = 0 [pid 5689] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5689] setpgid(0, 0) = 0 [pid 5689] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5689] write(3, "1000", 4) = 4 [pid 5689] close(3) = 0 [pid 5689] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5689] memfd_create("syzkaller", 0) = 3 [pid 5689] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5689] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5689] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5689] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5689] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5689] close(3) = 0 [pid 5689] mkdir("./file0", 0777) = 0 [ 107.507381][ T5689] loop0: detected capacity change from 0 to 8192 [ 107.516411][ T5689] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.529707][ T5689] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.538948][ T5689] REISERFS (device loop0): using ordered data mode [ 107.545460][ T5689] reiserfs: using flush barriers [pid 5689] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5689] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5689] chdir("./file0") = 0 [pid 5689] ioctl(4, LOOP_CLR_FD) = 0 [pid 5689] close(4) = 0 [pid 5689] creat("./bus", 000) = 4 [pid 5689] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5689] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5689] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5689] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5689] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5689] exit_group(0) = ? [pid 5689] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5689, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./308", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./308", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./308/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./308/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./308/binderfs") = 0 [ 107.551054][ T5689] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.567275][ T5689] REISERFS (device loop0): checking transaction log (loop0) [ 107.588492][ T5689] REISERFS (device loop0): Using r5 hash to sort names [ 107.595615][ T5689] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./308/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./308/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./308/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./308/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./308/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./308/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./308") = 0 mkdir("./309", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5691 ./strace-static-x86_64: Process 5691 attached [pid 5691] chdir("./309") = 0 [pid 5691] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5691] setpgid(0, 0) = 0 [pid 5691] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5691] write(3, "1000", 4) = 4 [pid 5691] close(3) = 0 [pid 5691] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5691] memfd_create("syzkaller", 0) = 3 [pid 5691] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5691] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5691] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5691] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5691] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5691] close(3) = 0 [pid 5691] mkdir("./file0", 0777) = 0 [ 107.668471][ T5691] loop0: detected capacity change from 0 to 8192 [ 107.677177][ T5691] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.690331][ T5691] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.699576][ T5691] REISERFS (device loop0): using ordered data mode [ 107.706085][ T5691] reiserfs: using flush barriers [pid 5691] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5691] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5691] chdir("./file0") = 0 [pid 5691] ioctl(4, LOOP_CLR_FD) = 0 [pid 5691] close(4) = 0 [pid 5691] creat("./bus", 000) = 4 [pid 5691] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5691] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5691] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5691] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5691] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5691] exit_group(0) = ? [pid 5691] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5691, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./309", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./309", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./309/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./309/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./309/binderfs") = 0 umount2("./309/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./309/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./309/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./309/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./309/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./309/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./309") = 0 mkdir("./310", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 107.711679][ T5691] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.728081][ T5691] REISERFS (device loop0): checking transaction log (loop0) [ 107.749374][ T5691] REISERFS (device loop0): Using r5 hash to sort names [ 107.756406][ T5691] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cf25d0) = 5693 ./strace-static-x86_64: Process 5693 attached [pid 5693] chdir("./310") = 0 [pid 5693] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5693] setpgid(0, 0) = 0 [pid 5693] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5693] write(3, "1000", 4) = 4 [pid 5693] close(3) = 0 [pid 5693] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5693] memfd_create("syzkaller", 0) = 3 [pid 5693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffac5ba3000 [pid 5693] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5693] munmap(0x7ffac5ba3000, 4194304) = 0 [pid 5693] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5693] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5693] close(3) = 0 [pid 5693] mkdir("./file0", 0777) = 0 [ 107.823121][ T5693] loop0: detected capacity change from 0 to 8192 [ 107.831799][ T5693] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.844811][ T5693] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.854060][ T5693] REISERFS (device loop0): using ordered data mode [ 107.860584][ T5693] reiserfs: using flush barriers [pid 5693] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = 0 [pid 5693] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5693] chdir("./file0") = 0 [pid 5693] ioctl(4, LOOP_CLR_FD) = 0 [pid 5693] close(4) = 0 [pid 5693] creat("./bus", 000) = 4 [pid 5693] write(4, "\x00\x00\x00\x00\x18\x00\x00\xfa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32) = 32 [pid 5693] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [pid 5693] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5693] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5693] write(-1, 0x20000080, 296) = -1 EBADF (Bad file descriptor) [pid 5693] exit_group(0) = ? [pid 5693] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5693, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./310", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./310", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556cf3620 /* 4 entries */, 32768) = 112 umount2("./310/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./310/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./310/binderfs") = 0 [ 107.866326][ T5693] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.882701][ T5693] REISERFS (device loop0): checking transaction log (loop0) [ 107.904833][ T5693] REISERFS (device loop0): Using r5 hash to sort names [ 107.911911][ T5693] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./310/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./310/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./310/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./310/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./310/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556cfb660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556cfb660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./310/file0") = 0 getdents64(3, 0x555556cf3620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./310") = 0