./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor132937474 <...> syzkaller syzkaller login: [ 62.189150][ T26] kauditd_printk_skb: 42 callbacks suppressed [ 62.189165][ T26] audit: type=1400 audit(1687027106.138:77): avc: denied { transition } for pid=4852 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 62.217945][ T26] audit: type=1400 audit(1687027106.138:78): avc: denied { noatsecure } for pid=4852 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 62.238005][ T26] audit: type=1400 audit(1687027106.168:79): avc: denied { write } for pid=4852 comm="sh" path="pipe:[29850]" dev="pipefs" ino=29850 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 62.260934][ T26] audit: type=1400 audit(1687027106.168:80): avc: denied { rlimitinh } for pid=4852 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 62.286688][ T26] audit: type=1400 audit(1687027106.168:81): avc: denied { siginh } for pid=4852 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 63.089201][ T26] audit: type=1400 audit(1687027107.038:82): avc: denied { read } for pid=4430 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 Warning: Permanently added '10.128.1.172' (ECDSA) to the list of known hosts. execve("./syz-executor132937474", ["./syz-executor132937474"], 0x7ffeff8d4e60 /* 10 vars */) = 0 brk(NULL) = 0x5555563ff000 brk(0x5555563ffc40) = 0x5555563ffc40 arch_prctl(ARCH_SET_FS, 0x5555563ff300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor132937474", 4096) = 27 brk(0x555556420c40) = 0x555556420c40 brk(0x555556421000) = 0x555556421000 mprotect(0x7f09259f9000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5003 ./strace-static-x86_64: Process 5003 attached [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] getpid() = 5003 [pid 5003] mkdir("./syzkaller.AdbmNu", 0700 [pid 5002] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5004 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5005 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5004 attached [pid 5003] chmod("./syzkaller.AdbmNu", 0777 [pid 5004] getpid( [pid 5003] <... chmod resumed>) = 0 [pid 5004] <... getpid resumed>) = 5004 [pid 5004] mkdir("./syzkaller.xKDw5A", 0700 [pid 5003] chdir("./syzkaller.AdbmNu"./strace-static-x86_64: Process 5005 attached [pid 5002] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5006 [pid 5004] <... mkdir resumed>) = 0 [pid 5004] chmod("./syzkaller.xKDw5A", 0777 [pid 5003] <... chdir resumed>) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] <... chmod resumed>) = 0 [pid 5004] chdir("./syzkaller.xKDw5A" [pid 5003] mkdir("./0", 0777 [pid 5004] <... chdir resumed>) = 0 [pid 5003] <... mkdir resumed>) = 0 [pid 5004] mkdir("./0", 0777 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5005] getpid( [pid 5004] <... mkdir resumed>) = 0 [pid 5002] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5007 [ 80.742039][ T26] audit: type=1400 audit(1687027124.688:83): avc: denied { write } for pid=4999 comm="strace-static-x" path="pipe:[29949]" dev="pipefs" ino=29949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 80.770935][ T26] audit: type=1400 audit(1687027124.718:84): avc: denied { execmem } for pid=5002 comm="syz-executor132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... openat resumed>) = 3 [pid 5002] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5008 ./strace-static-x86_64: Process 5007 attached [pid 5007] getpid(./strace-static-x86_64: Process 5006 attached [pid 5006] getpid(./strace-static-x86_64: Process 5008 attached [pid 5007] <... getpid resumed>) = 5007 [pid 5007] mkdir("./syzkaller.N84AbN", 0700 [pid 5008] getpid( [pid 5007] <... mkdir resumed>) = 0 [pid 5006] <... getpid resumed>) = 5006 [pid 5006] mkdir("./syzkaller.Nw41kI", 0700 [pid 5008] <... getpid resumed>) = 5008 [pid 5006] <... mkdir resumed>) = 0 [pid 5008] mkdir("./syzkaller.oTZjoR", 0700) = 0 [pid 5007] chmod("./syzkaller.N84AbN", 0777) = 0 [pid 5006] chmod("./syzkaller.Nw41kI", 0777) = 0 [pid 5008] chmod("./syzkaller.oTZjoR", 0777) = 0 [pid 5007] chdir("./syzkaller.N84AbN") = 0 [pid 5007] mkdir("./0", 0777 [pid 5006] chdir("./syzkaller.Nw41kI") = 0 [pid 5007] <... mkdir resumed>) = 0 [pid 5008] chdir("./syzkaller.oTZjoR") = 0 [pid 5006] mkdir("./0", 0777 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5005] <... getpid resumed>) = 5005 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5008] mkdir("./0", 0777 [pid 5006] <... mkdir resumed>) = 0 [pid 5008] <... mkdir resumed>) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5008] <... openat resumed>) = 3 [pid 5006] <... openat resumed>) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5008] close(3 [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5008] <... close resumed>) = 0 [ 80.807738][ T26] audit: type=1400 audit(1687027124.758:85): avc: denied { read write } for pid=5003 comm="syz-executor132" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 80.834107][ T26] audit: type=1400 audit(1687027124.758:86): avc: denied { open } for pid=5003 comm="syz-executor132" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] mkdir("./syzkaller.FsJKlD", 0700 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5004] <... openat resumed>) = 3 [pid 5007] <... openat resumed>) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5009 [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] <... mkdir resumed>) = 0 [pid 5003] close(3 [pid 5005] chmod("./syzkaller.FsJKlD", 0777 [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5003] <... close resumed>) = 0 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5010 [pid 5005] <... chmod resumed>) = 0 [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] chdir("./syzkaller.FsJKlD" [pid 5004] close(3) = 0 [pid 5005] <... chdir resumed>) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5011 [pid 5005] mkdir("./0", 0777) = 0 [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5012 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5009 attached [pid 5009] chdir("./0" [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5014 ./strace-static-x86_64: Process 5012 attached ./strace-static-x86_64: Process 5014 attached ./strace-static-x86_64: Process 5011 attached [pid 5012] chdir("./0" [pid 5009] <... chdir resumed>) = 0 [pid 5012] <... chdir resumed>) = 0 [pid 5012] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5013 attached ./strace-static-x86_64: Process 5010 attached [pid 5014] chdir("./0" [pid 5012] <... prctl resumed>) = 0 [pid 5011] chdir("./0" [pid 5009] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5013 [pid 5014] <... chdir resumed>) = 0 [pid 5012] setpgid(0, 0 [pid 5011] <... chdir resumed>) = 0 [pid 5014] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5012] <... setpgid resumed>) = 0 [pid 5011] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5014] <... prctl resumed>) = 0 [pid 5014] setpgid(0, 0 [pid 5013] chdir("./0" [pid 5012] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5011] <... prctl resumed>) = 0 [pid 5010] chdir("./0" [pid 5009] <... prctl resumed>) = 0 [pid 5014] <... setpgid resumed>) = 0 [pid 5013] <... chdir resumed>) = 0 [pid 5010] <... chdir resumed>) = 0 [pid 5009] setpgid(0, 0 [pid 5013] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5011] setpgid(0, 0 [pid 5010] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5009] <... setpgid resumed>) = 0 [pid 5014] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5013] <... prctl resumed>) = 0 [pid 5012] <... openat resumed>) = 3 [pid 5011] <... setpgid resumed>) = 0 [pid 5010] <... prctl resumed>) = 0 [pid 5009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5014] <... openat resumed>) = 3 [pid 5013] setpgid(0, 0 [pid 5012] write(3, "1000", 4 [pid 5011] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5010] setpgid(0, 0 [pid 5009] <... openat resumed>) = 3 [pid 5014] write(3, "1000", 4 [pid 5013] <... setpgid resumed>) = 0 [pid 5012] <... write resumed>) = 4 [pid 5011] <... openat resumed>) = 3 [pid 5010] <... setpgid resumed>) = 0 [pid 5009] write(3, "1000", 4 [pid 5014] <... write resumed>) = 4 [pid 5013] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5012] close(3 [pid 5011] write(3, "1000", 4 [pid 5010] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5009] <... write resumed>) = 4 [pid 5014] close(3 [pid 5013] <... openat resumed>) = 3 [pid 5012] <... close resumed>) = 0 [pid 5011] <... write resumed>) = 4 [pid 5010] <... openat resumed>) = 3 [pid 5009] close(3 [pid 5014] <... close resumed>) = 0 [pid 5013] write(3, "1000", 4 [pid 5012] symlink("/dev/binderfs", "./binderfs" [pid 5011] close(3 [pid 5010] write(3, "1000", 4 [pid 5009] <... close resumed>) = 0 [pid 5014] symlink("/dev/binderfs", "./binderfs" [pid 5013] <... write resumed>) = 4 [pid 5010] <... write resumed>) = 4 [pid 5009] symlink("/dev/binderfs", "./binderfs" [pid 5014] <... symlink resumed>) = 0 [pid 5013] close(3 [pid 5012] <... symlink resumed>) = 0 [pid 5011] <... close resumed>) = 0 [pid 5010] close(3 [pid 5009] <... symlink resumed>) = 0 [pid 5014] memfd_create("syzkaller", 0 [pid 5013] <... close resumed>) = 0 [pid 5012] memfd_create("syzkaller", 0 [pid 5011] symlink("/dev/binderfs", "./binderfs" [pid 5010] <... close resumed>) = 0 [ 80.881785][ T26] audit: type=1400 audit(1687027124.788:87): avc: denied { ioctl } for pid=5006 comm="syz-executor132" path="/dev/loop3" dev="devtmpfs" ino=651 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 5009] memfd_create("syzkaller", 0 [pid 5013] symlink("/dev/binderfs", "./binderfs" [pid 5010] symlink("/dev/binderfs", "./binderfs" [pid 5009] <... memfd_create resumed>) = 3 [pid 5013] <... symlink resumed>) = 0 [pid 5010] <... symlink resumed>) = 0 [pid 5009] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5013] memfd_create("syzkaller", 0 [pid 5010] memfd_create("syzkaller", 0 [pid 5009] <... mmap resumed>) = 0x7f091d53c000 [pid 5014] <... memfd_create resumed>) = 3 [pid 5013] <... memfd_create resumed>) = 3 [pid 5012] <... memfd_create resumed>) = 3 [pid 5011] <... symlink resumed>) = 0 [pid 5010] <... memfd_create resumed>) = 3 [pid 5014] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5013] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5012] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5010] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5014] <... mmap resumed>) = 0x7f091d53c000 [pid 5013] <... mmap resumed>) = 0x7f091d53c000 [pid 5012] <... mmap resumed>) = 0x7f091d53c000 [pid 5011] memfd_create("syzkaller", 0 [pid 5010] <... mmap resumed>) = 0x7f091d53c000 [pid 5011] <... memfd_create resumed>) = 3 [pid 5011] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 80.935092][ T5014] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5014 'syz-executor132' [pid 5009] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5013] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5014] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5012] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5011] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5010] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5013] <... write resumed>) = 4194304 [pid 5010] <... write resumed>) = 4194304 [pid 5013] munmap(0x7f091d53c000, 4194304 [pid 5009] <... write resumed>) = 4194304 [pid 5013] <... munmap resumed>) = 0 [pid 5009] munmap(0x7f091d53c000, 4194304 [pid 5013] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5013] ioctl(4, LOOP_SET_FD, 3 [pid 5010] munmap(0x7f091d53c000, 4194304 [pid 5009] <... munmap resumed>) = 0 [pid 5014] <... write resumed>) = 4194304 [pid 5011] <... write resumed>) = 4194304 [pid 5010] <... munmap resumed>) = 0 [pid 5009] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5014] munmap(0x7f091d53c000, 4194304 [pid 5012] <... write resumed>) = 4194304 [pid 5011] munmap(0x7f091d53c000, 4194304 [pid 5009] <... openat resumed>) = 4 [pid 5010] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5009] ioctl(4, LOOP_SET_FD, 3 [pid 5014] <... munmap resumed>) = 0 [pid 5013] <... ioctl resumed>) = 0 [pid 5012] munmap(0x7f091d53c000, 4194304 [pid 5011] <... munmap resumed>) = 0 [pid 5010] <... openat resumed>) = 4 [pid 5014] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5013] close(3 [pid 5012] <... munmap resumed>) = 0 [pid 5011] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5009] <... ioctl resumed>) = 0 [pid 5014] <... openat resumed>) = 4 [pid 5013] <... close resumed>) = 0 [pid 5012] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5011] <... openat resumed>) = 4 [pid 5009] close(3 [ 81.300474][ T5013] loop4: detected capacity change from 0 to 8192 [ 81.318629][ T5009] loop3: detected capacity change from 0 to 8192 [ 81.326474][ T26] audit: type=1400 audit(1687027125.278:88): avc: denied { append } for pid=4430 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [pid 5014] ioctl(4, LOOP_SET_FD, 3 [pid 5013] mkdir("./file0", 0777 [pid 5012] <... openat resumed>) = 4 [ 81.330778][ T5014] loop2: detected capacity change from 0 to 8192 [ 81.349518][ T26] audit: type=1400 audit(1687027125.278:89): avc: denied { open } for pid=4430 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 81.357813][ T5011] loop0: detected capacity change from 0 to 8192 [pid 5011] ioctl(4, LOOP_SET_FD, 3 [pid 5009] <... close resumed>) = 0 [pid 5014] <... ioctl resumed>) = 0 [pid 5013] <... mkdir resumed>) = 0 [pid 5012] ioctl(4, LOOP_SET_FD, 3 [pid 5010] ioctl(4, LOOP_SET_FD, 3 [pid 5009] mkdir("./file0", 0777 [pid 5014] close(3 [pid 5013] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5009] <... mkdir resumed>) = 0 [pid 5014] <... close resumed>) = 0 [pid 5009] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5014] mkdir("./file0", 0777) = 0 [pid 5014] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5011] <... ioctl resumed>) = 0 [pid 5011] close(3) = 0 [pid 5011] mkdir("./file0", 0777 [pid 5010] <... ioctl resumed>) = 0 [ 81.377946][ T26] audit: type=1400 audit(1687027125.278:90): avc: denied { getattr } for pid=4430 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 81.385856][ T5012] loop1: detected capacity change from 0 to 8192 [ 81.414857][ T5010] loop5: detected capacity change from 0 to 8192 [ 81.424890][ T26] audit: type=1400 audit(1687027125.368:91): avc: denied { mounton } for pid=5013 comm="syz-executor132" path="/root/syzkaller.N84AbN/0/file0" dev="sda1" ino=1945 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [pid 5012] <... ioctl resumed>) = 0 [pid 5011] <... mkdir resumed>) = 0 [pid 5010] close(3) = 0 [pid 5010] mkdir("./file0", 0777) = 0 [pid 5010] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5012] close(3) = 0 [pid 5012] mkdir("./file0", 0777) = 0 [ 81.428497][ T5014] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.464949][ T5013] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.465692][ T5014] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 81.479057][ T5009] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5012] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [ 81.488460][ T5014] REISERFS (device loop2): using ordered data mode [ 81.501042][ T5009] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 81.511967][ T5012] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.516307][ T5010] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.542130][ T5010] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 81.545303][ T5011] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.551935][ T5010] REISERFS (device loop5): using ordered data mode [ 81.566456][ T5014] reiserfs: using flush barriers [ 81.570747][ T5010] reiserfs: using flush barriers [ 81.572819][ T5013] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 81.577991][ T5014] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.581085][ T5010] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.590945][ T5014] REISERFS (device loop2): checking transaction log (loop2) [ 81.622346][ T5013] REISERFS (device loop4): using ordered data mode [ 81.637559][ T5009] REISERFS (device loop3): using ordered data mode [ 81.645187][ T5012] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 81.655141][ T5011] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.665334][ T5009] reiserfs: using flush barriers [ 81.670738][ T5012] REISERFS (device loop1): using ordered data mode [ 81.679371][ T5013] reiserfs: using flush barriers [ 81.688391][ T5009] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.690582][ T5010] REISERFS (device loop5): checking transaction log (loop5) [ 81.707636][ T5011] REISERFS (device loop0): using ordered data mode [ 81.723350][ T5012] reiserfs: using flush barriers [ 81.734782][ T5013] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.743899][ T5009] REISERFS (device loop3): checking transaction log (loop3) [ 81.755318][ T5012] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.775436][ T5011] reiserfs: using flush barriers [ 81.779910][ T5014] REISERFS (device loop2): Using r5 hash to sort names [ 81.782380][ T5013] REISERFS (device loop4): checking transaction log (loop4) [ 81.795175][ T5011] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.814315][ T5012] REISERFS (device loop1): checking transaction log (loop1) [ 81.815775][ T5014] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 81.839747][ T5011] REISERFS (device loop0): checking transaction log (loop0) [pid 5011] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5014] <... mount resumed>) = 0 [pid 5014] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5014] chdir("./file0") = 0 [pid 5014] ioctl(4, LOOP_CLR_FD) = 0 [pid 5014] close(4) = 0 [ 81.936672][ T26] audit: type=1400 audit(1687027125.888:92): avc: denied { mount } for pid=5014 comm="syz-executor132" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [pid 5014] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5014] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5014] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5014] exit_group(0) = ? [pid 5014] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5014, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=31 /* 0.31 s */} --- [pid 5005] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 82.033633][ T5012] REISERFS (device loop1): Using r5 hash to sort names [ 82.046546][ T5013] REISERFS (device loop4): Using r5 hash to sort names [ 82.057134][ T5010] REISERFS (device loop5): Using r5 hash to sort names [ 82.059200][ T5012] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./0/binderfs") = 0 [pid 5005] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5013] <... mount resumed>) = 0 [pid 5012] <... mount resumed>) = 0 [pid 5012] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5013] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5012] <... openat resumed>) = 3 [pid 5013] <... openat resumed>) = 3 [pid 5012] chdir("./file0" [pid 5010] <... mount resumed>) = 0 [pid 5013] chdir("./file0" [pid 5012] <... chdir resumed>) = 0 [pid 5011] <... mount resumed>) = 0 [pid 5013] <... chdir resumed>) = 0 [pid 5012] ioctl(4, LOOP_CLR_FD [pid 5011] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5010] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5013] ioctl(4, LOOP_CLR_FD [pid 5012] <... ioctl resumed>) = 0 [pid 5011] <... openat resumed>) = 3 [pid 5010] <... openat resumed>) = 3 [pid 5013] <... ioctl resumed>) = 0 [pid 5012] close(4 [pid 5011] chdir("./file0" [pid 5010] chdir("./file0" [pid 5013] close(4 [pid 5012] <... close resumed>) = 0 [pid 5011] <... chdir resumed>) = 0 [pid 5010] <... chdir resumed>) = 0 [pid 5013] <... close resumed>) = 0 [pid 5012] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5011] ioctl(4, LOOP_CLR_FD [pid 5010] ioctl(4, LOOP_CLR_FD [pid 5013] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5012] <... openat resumed>) = 4 [pid 5011] <... ioctl resumed>) = 0 [pid 5010] <... ioctl resumed>) = 0 [ 82.078751][ T5013] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 82.099825][ T5011] REISERFS (device loop0): Using r5 hash to sort names [ 82.107351][ T5010] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 82.117481][ T5011] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5013] <... openat resumed>) = 4 [pid 5012] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5011] close(4 [pid 5010] close(4 [pid 5013] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5012] <... mmap resumed>) = 0x20000000 [pid 5011] <... close resumed>) = 0 [pid 5010] <... close resumed>) = 0 [pid 5013] <... mmap resumed>) = 0x20000000 [pid 5012] ioctl(4, FS_IOC_GETVERSION [pid 5011] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5010] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5013] ioctl(4, FS_IOC_GETVERSION [pid 5012] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5011] <... openat resumed>) = 4 [pid 5010] <... openat resumed>) = 4 [pid 5013] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5012] exit_group(0 [pid 5011] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5010] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5013] exit_group(0 [pid 5012] <... exit_group resumed>) = ? [pid 5011] <... mmap resumed>) = 0x20000000 [pid 5010] <... mmap resumed>) = 0x20000000 [pid 5013] <... exit_group resumed>) = ? [pid 5012] +++ exited with 0 +++ [pid 5011] ioctl(4, FS_IOC_GETVERSION [pid 5010] ioctl(4, FS_IOC_GETVERSION [pid 5013] +++ exited with 0 +++ [pid 5011] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5010] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5012, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5011] exit_group(0 [pid 5010] exit_group(0 [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5013, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5011] <... exit_group resumed>) = ? [pid 5010] <... exit_group resumed>) = ? [pid 5011] +++ exited with 0 +++ [pid 5010] +++ exited with 0 +++ [pid 5004] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5011, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5010, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] restart_syscall(<... resuming interrupted clone ...> [pid 5008] restart_syscall(<... resuming interrupted clone ...> [pid 5007] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... openat resumed>) = 3 [pid 5003] <... restart_syscall resumed>) = 0 [pid 5008] <... restart_syscall resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5004] fstat(3, [pid 5007] fstat(3, [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, [pid 5003] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] getdents64(3, [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... openat resumed>) = 3 [pid 5008] <... openat resumed>) = 3 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./0/binderfs", [pid 5003] fstat(3, [pid 5008] fstat(3, [pid 5007] lstat("./0/binderfs", [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./0/binderfs" [pid 5003] getdents64(3, [pid 5008] getdents64(3, [pid 5007] unlink("./0/binderfs" [pid 5004] <... unlink resumed>) = 0 [pid 5003] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] <... unlink resumed>) = 0 [pid 5004] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./0/binderfs", [pid 5008] lstat("./0/binderfs", [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./0/binderfs" [pid 5008] unlink("./0/binderfs" [pid 5003] <... unlink resumed>) = 0 [pid 5003] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... unlink resumed>) = 0 [ 82.201114][ T5009] REISERFS (device loop3): Using r5 hash to sort names [pid 5008] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5009] <... mount resumed>) = 0 [pid 5009] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5009] chdir("./file0") = 0 [pid 5009] ioctl(4, LOOP_CLR_FD) = 0 [pid 5009] close(4) = 0 [pid 5009] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 82.243729][ T5009] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5009] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5009] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5009] exit_group(0) = ? [pid 5009] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5009, si_uid=0, si_status=0, si_utime=0, si_stime=32 /* 0.32 s */} --- [pid 5006] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./0/binderfs") = 0 [pid 5006] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = 0 [pid 5003] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./0/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./0") = 0 [pid 5003] mkdir("./1", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5026 ./strace-static-x86_64: Process 5026 attached [pid 5026] chdir("./1") = 0 [pid 5005] <... umount2 resumed>) = 0 [pid 5005] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... umount2 resumed>) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] lstat("./0/file0", [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] lstat("./0/file0", [pid 5005] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... openat resumed>) = 4 [pid 5008] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] fstat(4, [pid 5008] <... openat resumed>) = 4 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] fstat(4, [pid 5005] getdents64(4, [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4 [pid 5005] close(4 [pid 5008] <... close resumed>) = 0 [pid 5008] rmdir("./0/file0" [pid 5005] <... close resumed>) = 0 [pid 5008] <... rmdir resumed>) = 0 [pid 5005] rmdir("./0/file0" [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5005] <... rmdir resumed>) = 0 [pid 5008] rmdir("./0" [pid 5005] getdents64(3, [pid 5008] <... rmdir resumed>) = 0 [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] mkdir("./1", 0777 [pid 5005] close(3 [pid 5008] <... mkdir resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5005] rmdir("./0" [pid 5008] <... openat resumed>) = 3 [pid 5005] <... rmdir resumed>) = 0 [pid 5005] mkdir("./1", 0777 [pid 5026] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5026] <... prctl resumed>) = 0 [pid 5008] <... ioctl resumed>) = 0 [pid 5005] <... mkdir resumed>) = 0 [pid 5026] setpgid(0, 0 [pid 5008] close(3 [pid 5026] <... setpgid resumed>) = 0 [pid 5008] <... close resumed>) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5026] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] <... openat resumed>) = 3 [pid 5026] <... openat resumed>) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5026] write(3, "1000", 4 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5027 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5026] <... write resumed>) = 4 [pid 5005] close(3 [pid 5026] close(3) = 0 [pid 5005] <... close resumed>) = 0 [pid 5026] symlink("/dev/binderfs", "./binderfs" [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5027 attached [pid 5026] <... symlink resumed>) = 0 [pid 5027] chdir("./1" [pid 5026] memfd_create("syzkaller", 0 [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5028 [pid 5027] <... chdir resumed>) = 0 [pid 5026] <... memfd_create resumed>) = 3 [pid 5027] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5026] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5027] <... prctl resumed>) = 0 [pid 5026] <... mmap resumed>) = 0x7f091d53c000 ./strace-static-x86_64: Process 5028 attached [pid 5028] chdir("./1" [pid 5027] setpgid(0, 0 [pid 5028] <... chdir resumed>) = 0 [pid 5027] <... setpgid resumed>) = 0 [pid 5028] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5027] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5028] <... prctl resumed>) = 0 [pid 5027] <... openat resumed>) = 3 [pid 5028] setpgid(0, 0 [pid 5027] write(3, "1000", 4 [pid 5028] <... setpgid resumed>) = 0 [pid 5027] <... write resumed>) = 4 [pid 5028] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5027] close(3 [pid 5028] <... openat resumed>) = 3 [pid 5027] <... close resumed>) = 0 [pid 5028] write(3, "1000", 4 [pid 5027] symlink("/dev/binderfs", "./binderfs" [pid 5028] <... write resumed>) = 4 [pid 5027] <... symlink resumed>) = 0 [pid 5028] close(3 [pid 5027] memfd_create("syzkaller", 0 [pid 5028] <... close resumed>) = 0 [pid 5027] <... memfd_create resumed>) = 3 [pid 5028] symlink("/dev/binderfs", "./binderfs" [pid 5027] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5028] <... symlink resumed>) = 0 [pid 5027] <... mmap resumed>) = 0x7f091d53c000 [pid 5028] memfd_create("syzkaller", 0) = 3 [pid 5028] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5007] <... umount2 resumed>) = 0 [pid 5007] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5007] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4) = 0 [pid 5007] rmdir("./0/file0") = 0 [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./0") = 0 [pid 5007] mkdir("./1", 0777) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5006] <... umount2 resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5031 ./strace-static-x86_64: Process 5031 attached [pid 5031] chdir("./1") = 0 [pid 5031] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5031] setpgid(0, 0) = 0 [pid 5031] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5031] write(3, "1000", 4 [pid 5026] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5031] <... write resumed>) = 4 [pid 5031] close(3) = 0 [pid 5031] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5028] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5006] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... umount2 resumed>) = 0 [pid 5031] memfd_create("syzkaller", 0) = 3 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5027] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5006] lstat("./0/file0", [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5031] <... mmap resumed>) = 0x7f091d53c000 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] lstat("./0/file0", [pid 5006] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... openat resumed>) = 4 [pid 5004] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] fstat(4, [pid 5004] <... openat resumed>) = 4 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] fstat(4, [pid 5006] getdents64(4, [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, [pid 5006] getdents64(4, [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] getdents64(4, [pid 5006] close(4 [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] <... close resumed>) = 0 [pid 5004] close(4 [pid 5006] rmdir("./0/file0" [pid 5004] <... close resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5004] rmdir("./0/file0" [pid 5006] getdents64(3, [pid 5004] <... rmdir resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] getdents64(3, [pid 5006] close(3 [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] <... close resumed>) = 0 [pid 5004] close(3 [pid 5006] rmdir("./0" [pid 5004] <... close resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5004] rmdir("./0" [pid 5006] mkdir("./1", 0777 [pid 5004] <... rmdir resumed>) = 0 [pid 5006] <... mkdir resumed>) = 0 [pid 5004] mkdir("./1", 0777 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5004] <... mkdir resumed>) = 0 [pid 5006] <... openat resumed>) = 3 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5004] <... openat resumed>) = 3 [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5006] close(3 [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5006] <... close resumed>) = 0 [pid 5004] close(3 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] <... close resumed>) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5032 [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5033 ./strace-static-x86_64: Process 5033 attached ./strace-static-x86_64: Process 5032 attached [pid 5033] chdir("./1") = 0 [pid 5032] chdir("./1") = 0 [pid 5032] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5033] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5032] <... prctl resumed>) = 0 [pid 5033] <... prctl resumed>) = 0 [pid 5033] setpgid(0, 0 [pid 5032] setpgid(0, 0 [pid 5033] <... setpgid resumed>) = 0 [pid 5032] <... setpgid resumed>) = 0 [pid 5032] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5033] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5032] <... openat resumed>) = 3 [pid 5033] <... openat resumed>) = 3 [pid 5032] write(3, "1000", 4 [pid 5033] write(3, "1000", 4 [pid 5032] <... write resumed>) = 4 [pid 5033] <... write resumed>) = 4 [pid 5032] close(3 [pid 5033] close(3 [pid 5032] <... close resumed>) = 0 [pid 5033] <... close resumed>) = 0 [pid 5032] symlink("/dev/binderfs", "./binderfs" [pid 5033] symlink("/dev/binderfs", "./binderfs" [pid 5032] <... symlink resumed>) = 0 [pid 5033] <... symlink resumed>) = 0 [pid 5032] memfd_create("syzkaller", 0 [pid 5033] memfd_create("syzkaller", 0 [pid 5032] <... memfd_create resumed>) = 3 [pid 5033] <... memfd_create resumed>) = 3 [pid 5032] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5031] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5033] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5032] <... mmap resumed>) = 0x7f091d53c000 [pid 5033] <... mmap resumed>) = 0x7f091d53c000 [pid 5028] <... write resumed>) = 4194304 [pid 5028] munmap(0x7f091d53c000, 4194304) = 0 [pid 5028] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5028] ioctl(4, LOOP_SET_FD, 3 [pid 5027] <... write resumed>) = 4194304 [pid 5028] <... ioctl resumed>) = 0 [pid 5033] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5028] close(3 [pid 5026] <... write resumed>) = 4194304 [pid 5026] munmap(0x7f091d53c000, 4194304 [pid 5028] <... close resumed>) = 0 [pid 5032] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5028] mkdir("./file0", 0777 [pid 5027] munmap(0x7f091d53c000, 4194304 [pid 5026] <... munmap resumed>) = 0 [pid 5027] <... munmap resumed>) = 0 [pid 5026] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5028] <... mkdir resumed>) = 0 [ 82.926942][ T5028] loop2: detected capacity change from 0 to 8192 [pid 5026] ioctl(4, LOOP_SET_FD, 3 [pid 5028] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5027] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5027] ioctl(4, LOOP_SET_FD, 3 [pid 5026] <... ioctl resumed>) = 0 [pid 5026] close(3) = 0 [pid 5026] mkdir("./file0", 0777) = 0 [pid 5026] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5027] <... ioctl resumed>) = 0 [pid 5027] close(3) = 0 [pid 5027] mkdir("./file0", 0777) = 0 [ 82.967552][ T5026] loop0: detected capacity change from 0 to 8192 [ 82.979184][ T5027] loop5: detected capacity change from 0 to 8192 [ 82.984483][ T5028] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5027] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5033] <... write resumed>) = 4194304 [pid 5033] munmap(0x7f091d53c000, 4194304) = 0 [pid 5033] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5032] <... write resumed>) = 4194304 [ 83.014185][ T5028] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 83.028988][ T5026] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.042446][ T5027] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5033] ioctl(4, LOOP_SET_FD, 3 [pid 5032] munmap(0x7f091d53c000, 4194304) = 0 [pid 5031] <... write resumed>) = 4194304 [ 83.066401][ T5027] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 83.069374][ T5028] REISERFS (device loop2): using ordered data mode [ 83.077156][ T5027] REISERFS (device loop5): using ordered data mode [ 83.085322][ T5026] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.089326][ T5033] loop1: detected capacity change from 0 to 8192 [ 83.098147][ T5026] REISERFS (device loop0): using ordered data mode [ 83.110437][ T5028] reiserfs: using flush barriers [pid 5032] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5031] munmap(0x7f091d53c000, 4194304 [pid 5032] <... openat resumed>) = 4 [pid 5033] <... ioctl resumed>) = 0 [pid 5032] ioctl(4, LOOP_SET_FD, 3 [pid 5031] <... munmap resumed>) = 0 [pid 5033] close(3) = 0 [ 83.112156][ T5026] reiserfs: using flush barriers [ 83.117032][ T5027] reiserfs: using flush barriers [ 83.127321][ T5026] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.131224][ T5028] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.145855][ T5026] REISERFS (device loop0): checking transaction log (loop0) [pid 5033] mkdir("./file0", 0777) = 0 [pid 5033] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5031] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5031] ioctl(4, LOOP_SET_FD, 3 [pid 5032] <... ioctl resumed>) = 0 [pid 5032] close(3) = 0 [pid 5032] mkdir("./file0", 0777) = 0 [pid 5032] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5031] <... ioctl resumed>) = 0 [pid 5031] close(3) = 0 [ 83.160356][ T5032] loop3: detected capacity change from 0 to 8192 [ 83.176404][ T5027] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.189762][ T5028] REISERFS (device loop2): checking transaction log (loop2) [ 83.194487][ T5031] loop4: detected capacity change from 0 to 8192 [pid 5031] mkdir("./file0", 0777) = 0 [ 83.213664][ T5033] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.226885][ T5027] REISERFS (device loop5): checking transaction log (loop5) [ 83.229776][ T5032] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.266265][ T5031] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.275821][ T5033] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 83.284865][ T5031] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 83.302162][ T5031] REISERFS (device loop4): using ordered data mode [ 83.308523][ T5032] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 83.345169][ T5031] reiserfs: using flush barriers [ 83.348627][ T5033] REISERFS (device loop1): using ordered data mode [ 83.361218][ T5033] reiserfs: using flush barriers [ 83.365198][ T5026] REISERFS (device loop0): Using r5 hash to sort names [ 83.367563][ T5032] REISERFS (device loop3): using ordered data mode [ 83.373333][ T5026] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 83.379597][ T5032] reiserfs: using flush barriers [pid 5031] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5026] <... mount resumed>) = 0 [pid 5026] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5026] chdir("./file0") = 0 [pid 5026] ioctl(4, LOOP_CLR_FD) = 0 [ 83.389944][ T5033] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.413516][ T5032] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.414021][ T5031] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5026] close(4) = 0 [pid 5026] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5026] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5026] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5026] exit_group(0) = ? [pid 5026] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5026, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5003] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 83.430144][ T5032] REISERFS (device loop3): checking transaction log (loop3) [ 83.456904][ T5033] REISERFS (device loop1): checking transaction log (loop1) [pid 5003] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./1/binderfs") = 0 [ 83.550544][ T5027] REISERFS (device loop5): Using r5 hash to sort names [ 83.564677][ T5031] REISERFS (device loop4): checking transaction log (loop4) [ 83.576172][ T5028] REISERFS (device loop2): Using r5 hash to sort names [pid 5003] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5027] <... mount resumed>) = 0 [pid 5027] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5027] chdir("./file0") = 0 [pid 5027] ioctl(4, LOOP_CLR_FD) = 0 [pid 5027] close(4) = 0 [pid 5027] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 83.599055][ T5027] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 83.610787][ T5028] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5027] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5027] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5027] exit_group(0) = ? [pid 5027] +++ exited with 0 +++ [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5027, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5008] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5008] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5028] <... mount resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5028] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5008] fstat(3, [pid 5028] <... openat resumed>) = 3 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5028] chdir("./file0" [pid 5008] getdents64(3, [pid 5028] <... chdir resumed>) = 0 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5028] ioctl(4, LOOP_CLR_FD [pid 5008] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5028] <... ioctl resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5028] close(4 [pid 5008] lstat("./1/binderfs", [pid 5028] <... close resumed>) = 0 [pid 5008] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5028] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5008] unlink("./1/binderfs" [pid 5028] <... openat resumed>) = 4 [pid 5008] <... unlink resumed>) = 0 [pid 5028] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5028] <... mmap resumed>) = 0x20000000 [pid 5028] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5028] exit_group(0) = ? [pid 5028] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5028, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5005] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5005] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [ 83.727805][ T5033] REISERFS (device loop1): Using r5 hash to sort names [ 83.759958][ T5033] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 83.771172][ T5032] REISERFS (device loop3): Using r5 hash to sort names [pid 5005] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./1/binderfs") = 0 [pid 5005] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5033] <... mount resumed>) = 0 [pid 5032] <... mount resumed>) = 0 [pid 5033] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5032] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5033] <... openat resumed>) = 3 [pid 5032] <... openat resumed>) = 3 [pid 5031] <... mount resumed>) = 0 [pid 5033] chdir("./file0" [pid 5032] chdir("./file0" [pid 5031] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5033] <... chdir resumed>) = 0 [pid 5032] <... chdir resumed>) = 0 [pid 5033] ioctl(4, LOOP_CLR_FD [pid 5032] ioctl(4, LOOP_CLR_FD [pid 5031] <... openat resumed>) = 3 [pid 5033] <... ioctl resumed>) = 0 [pid 5032] <... ioctl resumed>) = 0 [pid 5033] close(4 [pid 5032] close(4 [pid 5031] chdir("./file0" [pid 5033] <... close resumed>) = 0 [pid 5033] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5032] <... close resumed>) = 0 [pid 5031] <... chdir resumed>) = 0 [pid 5033] <... openat resumed>) = 4 [pid 5032] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5031] ioctl(4, LOOP_CLR_FD [pid 5033] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5032] <... openat resumed>) = 4 [pid 5031] <... ioctl resumed>) = 0 [pid 5033] <... mmap resumed>) = 0x20000000 [pid 5032] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5031] close(4 [pid 5032] <... mmap resumed>) = 0x20000000 [pid 5031] <... close resumed>) = 0 [pid 5033] ioctl(4, FS_IOC_GETVERSION [pid 5031] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5033] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5032] ioctl(4, FS_IOC_GETVERSION [pid 5031] <... openat resumed>) = 4 [pid 5005] <... umount2 resumed>) = 0 [pid 5005] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5033] exit_group(0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5032] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 83.794812][ T5032] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 83.813281][ T5031] REISERFS (device loop4): Using r5 hash to sort names [ 83.821839][ T5031] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5031] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5005] lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5031] <... mmap resumed>) = 0x20000000 [pid 5032] exit_group(0 [pid 5033] <... exit_group resumed>) = ? [pid 5031] ioctl(4, FS_IOC_GETVERSION [pid 5032] <... exit_group resumed>) = ? [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5033] +++ exited with 0 +++ [pid 5032] +++ exited with 0 +++ [pid 5031] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5005] <... openat resumed>) = 4 [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5032, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5005] fstat(4, [pid 5031] exit_group(0 [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5033, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5031] <... exit_group resumed>) = ? [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, [pid 5006] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5031] +++ exited with 0 +++ [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5031, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5006] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] close(4 [pid 5006] fstat(3, [pid 5005] <... close resumed>) = 0 [pid 5007] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] rmdir("./1/file0" [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] getdents64(3, [pid 5005] <... rmdir resumed>) = 0 [pid 5007] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] getdents64(3, [pid 5004] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... openat resumed>) = 3 [pid 5006] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] fstat(3, [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] close(3 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] lstat("./1/binderfs", [pid 5005] <... close resumed>) = 0 [pid 5007] getdents64(3, [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] rmdir("./1" [pid 5004] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] unlink("./1/binderfs" [pid 5005] <... rmdir resumed>) = 0 [pid 5003] <... umount2 resumed>) = 0 [pid 5007] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... unlink resumed>) = 0 [pid 5005] mkdir("./2", 0777 [pid 5004] <... openat resumed>) = 3 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... mkdir resumed>) = 0 [pid 5004] fstat(3, [pid 5007] lstat("./1/binderfs", [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] unlink("./1/binderfs" [pid 5004] getdents64(3, [pid 5007] <... unlink resumed>) = 0 [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] lstat("./1/file0", [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./1/binderfs", [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] unlink("./1/binderfs" [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... unlink resumed>) = 0 [pid 5003] <... openat resumed>) = 4 [pid 5004] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./1/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./1") = 0 [pid 5003] mkdir("./2", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5040 [pid 5005] <... openat resumed>) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5041 ./strace-static-x86_64: Process 5040 attached [pid 5040] chdir("./2") = 0 [pid 5040] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5040] setpgid(0, 0) = 0 [pid 5040] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5040] write(3, "1000", 4) = 4 [pid 5040] close(3./strace-static-x86_64: Process 5041 attached [pid 5041] chdir("./2" [pid 5040] <... close resumed>) = 0 [pid 5041] <... chdir resumed>) = 0 [pid 5040] symlink("/dev/binderfs", "./binderfs" [pid 5041] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5040] <... symlink resumed>) = 0 [pid 5041] <... prctl resumed>) = 0 [pid 5040] memfd_create("syzkaller", 0 [pid 5041] setpgid(0, 0 [pid 5040] <... memfd_create resumed>) = 3 [pid 5041] <... setpgid resumed>) = 0 [pid 5040] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5041] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5040] <... mmap resumed>) = 0x7f091d53c000 [pid 5041] <... openat resumed>) = 3 [pid 5041] write(3, "1000", 4) = 4 [pid 5041] close(3) = 0 [pid 5041] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5041] memfd_create("syzkaller", 0) = 3 [pid 5041] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5004] <... umount2 resumed>) = 0 [pid 5004] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] <... umount2 resumed>) = 0 [pid 5004] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5008] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] rmdir("./1/file0") = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./1/file0", [pid 5004] getdents64(3, [pid 5008] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] close(3 [pid 5008] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... close resumed>) = 0 [pid 5008] <... openat resumed>) = 4 [pid 5004] rmdir("./1" [pid 5008] fstat(4, [pid 5004] <... rmdir resumed>) = 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, [pid 5004] mkdir("./2", 0777) = 0 [pid 5008] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5008] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./1/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./1") = 0 [pid 5008] mkdir("./2", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3 [pid 5040] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] <... close resumed>) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5042 ./strace-static-x86_64: Process 5042 attached [pid 5042] chdir("./2") = 0 [pid 5042] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5041] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5042] <... prctl resumed>) = 0 [pid 5042] setpgid(0, 0) = 0 [pid 5042] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5042] write(3, "1000", 4) = 4 [pid 5042] close(3) = 0 [pid 5042] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5042] memfd_create("syzkaller", 0) = 3 [pid 5004] <... openat resumed>) = 3 [pid 5042] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5042] <... mmap resumed>) = 0x7f091d53c000 [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5043 ./strace-static-x86_64: Process 5043 attached [pid 5043] chdir("./2") = 0 [pid 5007] <... umount2 resumed>) = 0 [pid 5043] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5007] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... umount2 resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5043] <... prctl resumed>) = 0 [pid 5043] setpgid(0, 0 [pid 5007] lstat("./1/file0", [pid 5043] <... setpgid resumed>) = 0 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5043] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5007] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5043] <... openat resumed>) = 3 [pid 5043] write(3, "1000", 4 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5043] <... write resumed>) = 4 [pid 5007] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5043] close(3 [pid 5007] <... openat resumed>) = 4 [pid 5006] lstat("./1/file0", [pid 5043] <... close resumed>) = 0 [pid 5007] fstat(4, [pid 5043] symlink("/dev/binderfs", "./binderfs" [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5043] <... symlink resumed>) = 0 [pid 5006] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] getdents64(4, [pid 5043] memfd_create("syzkaller", 0 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5043] <... memfd_create resumed>) = 3 [pid 5007] getdents64(4, [pid 5006] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5043] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] <... openat resumed>) = 4 [pid 5043] <... mmap resumed>) = 0x7f091d53c000 [pid 5007] close(4 [pid 5006] fstat(4, [pid 5007] <... close resumed>) = 0 [pid 5007] rmdir("./1/file0" [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5006] getdents64(4, [pid 5042] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] getdents64(3, [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] getdents64(4, [pid 5007] close(3 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] <... close resumed>) = 0 [pid 5006] close(4 [pid 5007] rmdir("./1" [pid 5006] <... close resumed>) = 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5006] rmdir("./1/file0" [pid 5007] mkdir("./2", 0777 [pid 5006] <... rmdir resumed>) = 0 [pid 5007] <... mkdir resumed>) = 0 [pid 5006] getdents64(3, [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5006] close(3 [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5006] <... close resumed>) = 0 [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5006] rmdir("./1" [pid 5043] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] close(3 [pid 5006] <... rmdir resumed>) = 0 [pid 5007] <... close resumed>) = 0 [pid 5006] mkdir("./2", 0777 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] <... mkdir resumed>) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5044 ./strace-static-x86_64: Process 5044 attached [pid 5006] <... openat resumed>) = 3 [pid 5044] chdir("./2" [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5044] <... chdir resumed>) = 0 [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5044] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5006] close(3 [pid 5044] <... prctl resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5044] setpgid(0, 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5044] <... setpgid resumed>) = 0 [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5045 [pid 5044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5044] write(3, "1000", 4./strace-static-x86_64: Process 5045 attached ) = 4 [pid 5044] close(3 [pid 5045] chdir("./2" [pid 5044] <... close resumed>) = 0 [pid 5044] symlink("/dev/binderfs", "./binderfs" [pid 5041] <... write resumed>) = 4194304 [pid 5045] <... chdir resumed>) = 0 [pid 5044] <... symlink resumed>) = 0 [pid 5041] munmap(0x7f091d53c000, 4194304 [pid 5040] <... write resumed>) = 4194304 [pid 5045] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5044] memfd_create("syzkaller", 0 [pid 5040] munmap(0x7f091d53c000, 4194304 [pid 5045] <... prctl resumed>) = 0 [pid 5044] <... memfd_create resumed>) = 3 [pid 5045] setpgid(0, 0 [pid 5044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5041] <... munmap resumed>) = 0 [pid 5045] <... setpgid resumed>) = 0 [pid 5044] <... mmap resumed>) = 0x7f091d53c000 [pid 5041] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5040] <... munmap resumed>) = 0 [pid 5045] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5041] <... openat resumed>) = 4 [pid 5045] write(3, "1000", 4 [pid 5041] ioctl(4, LOOP_SET_FD, 3 [pid 5045] <... write resumed>) = 4 [pid 5040] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5040] ioctl(4, LOOP_SET_FD, 3 [pid 5045] close(3) = 0 [pid 5045] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5045] memfd_create("syzkaller", 0 [pid 5041] <... ioctl resumed>) = 0 [pid 5045] <... memfd_create resumed>) = 3 [pid 5045] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5041] close(3 [pid 5045] <... mmap resumed>) = 0x7f091d53c000 [pid 5041] <... close resumed>) = 0 [pid 5041] mkdir("./file0", 0777) = 0 [pid 5041] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5040] <... ioctl resumed>) = 0 [pid 5040] close(3) = 0 [pid 5040] mkdir("./file0", 0777) = 0 [ 84.435429][ T5041] loop2: detected capacity change from 0 to 8192 [ 84.438834][ T5040] loop0: detected capacity change from 0 to 8192 [pid 5040] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5042] <... write resumed>) = 4194304 [ 84.495227][ T5041] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.514519][ T5041] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 84.529180][ T5040] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5044] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5042] munmap(0x7f091d53c000, 4194304) = 0 [pid 5042] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5042] ioctl(4, LOOP_SET_FD, 3 [pid 5043] <... write resumed>) = 4194304 [pid 5043] munmap(0x7f091d53c000, 4194304) = 0 [pid 5043] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5045] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5043] <... openat resumed>) = 4 [pid 5042] <... ioctl resumed>) = 0 [pid 5043] ioctl(4, LOOP_SET_FD, 3 [ 84.529403][ T5041] REISERFS (device loop2): using ordered data mode [ 84.555257][ T5042] loop5: detected capacity change from 0 to 8192 [ 84.555660][ T5040] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.585396][ T5041] reiserfs: using flush barriers [pid 5042] close(3) = 0 [pid 5042] mkdir("./file0", 0777) = 0 [pid 5042] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5043] <... ioctl resumed>) = 0 [pid 5043] close(3) = 0 [pid 5043] mkdir("./file0", 0777) = 0 [ 84.598241][ T5043] loop1: detected capacity change from 0 to 8192 [ 84.605574][ T5042] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.614986][ T5041] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.631255][ T5040] REISERFS (device loop0): using ordered data mode [ 84.642404][ T5041] REISERFS (device loop2): checking transaction log (loop2) [ 84.656571][ T5043] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.674569][ T5040] reiserfs: using flush barriers [ 84.691888][ T5042] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 84.696736][ T5040] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.701237][ T5042] REISERFS (device loop5): using ordered data mode [ 84.723766][ T5042] reiserfs: using flush barriers [ 84.732893][ T5042] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.738577][ T5043] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 84.758442][ T5043] REISERFS (device loop1): using ordered data mode [ 84.777683][ T5043] reiserfs: using flush barriers [pid 5043] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5044] <... write resumed>) = 4194304 [pid 5044] munmap(0x7f091d53c000, 4194304) = 0 [ 84.785112][ T5043] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.786170][ T5040] REISERFS (device loop0): checking transaction log (loop0) [ 84.824930][ T5041] REISERFS (device loop2): Using r5 hash to sort names [ 84.832195][ T5041] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5044] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5044] ioctl(4, LOOP_SET_FD, 3 [pid 5041] <... mount resumed>) = 0 [pid 5041] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5041] chdir("./file0") = 0 [pid 5041] ioctl(4, LOOP_CLR_FD) = 0 [pid 5041] close(4) = 0 [pid 5041] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5041] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5041] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5041] exit_group(0) = ? [pid 5045] <... write resumed>) = 4194304 [pid 5045] munmap(0x7f091d53c000, 4194304 [pid 5044] <... ioctl resumed>) = 0 [pid 5045] <... munmap resumed>) = 0 [pid 5044] close(3) = 0 [pid 5044] mkdir("./file0", 0777) = 0 [pid 5041] +++ exited with 0 +++ [pid 5044] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5041, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5045] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5005] restart_syscall(<... resuming interrupted clone ...> [pid 5045] <... openat resumed>) = 4 [pid 5005] <... restart_syscall resumed>) = 0 [ 84.844769][ T5042] REISERFS (device loop5): checking transaction log (loop5) [ 84.846856][ T5044] loop4: detected capacity change from 0 to 8192 [ 84.871550][ T5043] REISERFS (device loop1): checking transaction log (loop1) [pid 5045] ioctl(4, LOOP_SET_FD, 3 [pid 5005] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5045] <... ioctl resumed>) = 0 [pid 5005] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5045] close(3) = 0 [pid 5045] mkdir("./file0", 0777) = 0 [pid 5045] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./2/binderfs") = 0 [ 84.910695][ T5045] loop3: detected capacity change from 0 to 8192 [ 84.931756][ T5044] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.988285][ T5044] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 84.995139][ T5040] REISERFS (device loop0): Using r5 hash to sort names [ 84.997980][ T5044] REISERFS (device loop4): using ordered data mode [ 85.011061][ T5044] reiserfs: using flush barriers [ 85.018053][ T5044] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5005] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5040] <... mount resumed>) = 0 [pid 5040] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5040] chdir("./file0") = 0 [pid 5040] ioctl(4, LOOP_CLR_FD) = 0 [pid 5040] close(4) = 0 [pid 5040] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 85.019110][ T5040] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 85.037497][ T5045] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5040] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5040] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5040] exit_group(0) = ? [pid 5040] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5040, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=20 /* 0.20 s */} --- [ 85.091600][ T5044] REISERFS (device loop4): checking transaction log (loop4) [ 85.111957][ T5045] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 85.121983][ T5045] REISERFS (device loop3): using ordered data mode [ 85.131275][ T5045] reiserfs: using flush barriers [pid 5003] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./2/binderfs") = 0 [ 85.142511][ T5045] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.222447][ T5042] REISERFS (device loop5): Using r5 hash to sort names [ 85.235269][ T5045] REISERFS (device loop3): checking transaction log (loop3) [ 85.251267][ T5042] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5003] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... umount2 resumed>) = 0 [pid 5042] <... mount resumed>) = 0 [pid 5042] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5042] chdir("./file0") = 0 [pid 5042] ioctl(4, LOOP_CLR_FD) = 0 [pid 5042] close(4) = 0 [pid 5042] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5042] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5042] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5042] exit_group(0) = ? [ 85.287183][ T5043] REISERFS (device loop1): Using r5 hash to sort names [pid 5042] +++ exited with 0 +++ [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5042, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5008] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5008] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./2/binderfs") = 0 [pid 5005] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./2/file0", [pid 5044] <... mount resumed>) = 0 [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5044] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5005] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5044] <... openat resumed>) = 3 [pid 5044] chdir("./file0" [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5043] <... mount resumed>) = 0 [pid 5005] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5043] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5044] <... chdir resumed>) = 0 [pid 5043] <... openat resumed>) = 3 [pid 5005] fstat(4, [pid 5044] ioctl(4, LOOP_CLR_FD [pid 5043] chdir("./file0" [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5044] <... ioctl resumed>) = 0 [pid 5043] <... chdir resumed>) = 0 [pid 5005] getdents64(4, [pid 5043] ioctl(4, LOOP_CLR_FD [pid 5044] close(4 [pid 5043] <... ioctl resumed>) = 0 [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5044] <... close resumed>) = 0 [pid 5005] getdents64(4, [pid 5044] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5043] close(4 [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5044] <... openat resumed>) = 4 [pid 5043] <... close resumed>) = 0 [pid 5005] close(4 [ 85.335328][ T5043] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 85.344547][ T5044] REISERFS (device loop4): Using r5 hash to sort names [ 85.353801][ T5044] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5044] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5043] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5005] <... close resumed>) = 0 [pid 5044] <... mmap resumed>) = 0x20000000 [pid 5043] <... openat resumed>) = 4 [pid 5005] rmdir("./2/file0" [pid 5044] ioctl(4, FS_IOC_GETVERSION [pid 5043] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5044] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5043] <... mmap resumed>) = 0x20000000 [pid 5005] <... rmdir resumed>) = 0 [pid 5044] exit_group(0 [pid 5043] ioctl(4, FS_IOC_GETVERSION [pid 5005] getdents64(3, [pid 5044] <... exit_group resumed>) = ? [pid 5043] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5044] +++ exited with 0 +++ [pid 5043] exit_group(0 [pid 5005] close(3 [pid 5043] <... exit_group resumed>) = ? [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5044, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5043] +++ exited with 0 +++ [pid 5007] restart_syscall(<... resuming interrupted clone ...> [pid 5005] <... close resumed>) = 0 [pid 5007] <... restart_syscall resumed>) = 0 [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5043, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5005] rmdir("./2" [pid 5007] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... umount2 resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... rmdir resumed>) = 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] mkdir("./3", 0777 [pid 5004] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... openat resumed>) = 3 [pid 5005] <... mkdir resumed>) = 0 [pid 5004] <... openat resumed>) = 3 [pid 5008] lstat("./2/file0", [pid 5007] fstat(3, [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5004] fstat(3, [pid 5008] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] <... openat resumed>) = 3 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] getdents64(3, [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5004] getdents64(3, [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] close(3 [pid 5004] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... openat resumed>) = 4 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... close resumed>) = 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] fstat(4, [pid 5007] lstat("./2/binderfs", [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] lstat("./2/binderfs", [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] getdents64(4, [pid 5007] unlink("./2/binderfs" [pid 5004] unlink("./2/binderfs" [pid 5008] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] <... unlink resumed>) = 0 [pid 5004] <... unlink resumed>) = 0 [pid 5008] getdents64(4, [pid 5007] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5052 [pid 5004] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./2/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 ./strace-static-x86_64: Process 5052 attached [pid 5008] rmdir("./2" [pid 5052] chdir("./3" [pid 5008] <... rmdir resumed>) = 0 [pid 5052] <... chdir resumed>) = 0 [pid 5008] mkdir("./3", 0777 [pid 5052] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] <... mkdir resumed>) = 0 [pid 5003] <... umount2 resumed>) = 0 [pid 5052] <... prctl resumed>) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5052] setpgid(0, 0 [pid 5003] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... setpgid resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] lstat("./2/file0", [pid 5052] write(3, "1000", 4) = 4 [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5052] close(3) = 0 [pid 5003] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5052] memfd_create("syzkaller", 0) = 3 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5003] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./2/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./2") = 0 [pid 5003] mkdir("./3", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5053 ./strace-static-x86_64: Process 5053 attached [pid 5053] chdir("./3") = 0 [pid 5053] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5053] setpgid(0, 0) = 0 [pid 5053] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5053] write(3, "1000", 4) = 4 [pid 5053] close(3) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5053] symlink("/dev/binderfs", "./binderfs" [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5053] <... symlink resumed>) = 0 [pid 5053] memfd_create("syzkaller", 0 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5054 [pid 5053] <... memfd_create resumed>) = 3 [pid 5053] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 5054 attached ) = 0x7f091d53c000 [pid 5054] chdir("./3") = 0 [pid 5054] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5054] setpgid(0, 0) = 0 [pid 5054] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5054] write(3, "1000", 4) = 4 [pid 5054] close(3) = 0 [pid 5054] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5054] memfd_create("syzkaller", 0) = 3 [pid 5054] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5007] <... umount2 resumed>) = 0 [pid 5007] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./2/file0", [pid 5052] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5007] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4) = 0 [pid 5007] rmdir("./2/file0") = 0 [ 85.571762][ T5045] REISERFS (device loop3): Using r5 hash to sort names [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./2") = 0 [pid 5007] mkdir("./3", 0777) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5045] <... mount resumed>) = 0 [ 85.624742][ T5045] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5045] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5045] chdir("./file0") = 0 [pid 5045] ioctl(4, LOOP_CLR_FD) = 0 [pid 5045] close(4) = 0 [pid 5045] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5045] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5045] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5045] exit_group(0) = ? [pid 5045] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5045, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5006] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./2/binderfs") = 0 [pid 5006] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5053] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5054] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5004] <... umount2 resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5055 [pid 5004] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5055 attached [pid 5004] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5055] chdir("./3") = 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5055] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5004] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5055] setpgid(0, 0) = 0 [pid 5004] <... openat resumed>) = 4 [pid 5055] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5004] fstat(4, [pid 5055] write(3, "1000", 4 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5055] <... write resumed>) = 4 [pid 5004] getdents64(4, [pid 5055] close(3 [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5055] <... close resumed>) = 0 [pid 5004] getdents64(4, [pid 5055] symlink("/dev/binderfs", "./binderfs" [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5055] <... symlink resumed>) = 0 [pid 5004] close(4 [pid 5055] memfd_create("syzkaller", 0 [pid 5004] <... close resumed>) = 0 [pid 5055] <... memfd_create resumed>) = 3 [pid 5004] rmdir("./2/file0" [pid 5055] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5055] <... mmap resumed>) = 0x7f091d53c000 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./2") = 0 [pid 5004] mkdir("./3", 0777) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5056 ./strace-static-x86_64: Process 5056 attached [pid 5056] chdir("./3" [pid 5052] <... write resumed>) = 4194304 [pid 5056] <... chdir resumed>) = 0 [pid 5056] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5056] setpgid(0, 0) = 0 [pid 5056] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5056] write(3, "1000", 4) = 4 [pid 5056] close(3) = 0 [pid 5056] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5056] memfd_create("syzkaller", 0) = 3 [pid 5056] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5052] munmap(0x7f091d53c000, 4194304) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5052] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5052] close(3) = 0 [ 85.870278][ T5052] loop2: detected capacity change from 0 to 8192 [pid 5053] <... write resumed>) = 4194304 [pid 5052] mkdir("./file0", 0777) = 0 [pid 5052] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5055] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5053] munmap(0x7f091d53c000, 4194304) = 0 [pid 5053] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 85.947697][ T5052] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.977592][ T5053] loop0: detected capacity change from 0 to 8192 [pid 5053] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5006] <... umount2 resumed>) = 0 [pid 5053] close(3) = 0 [pid 5053] mkdir("./file0", 0777 [pid 5054] <... write resumed>) = 4194304 [pid 5006] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5053] <... mkdir resumed>) = 0 [pid 5053] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5054] munmap(0x7f091d53c000, 4194304 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 86.084914][ T5053] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.112246][ T5052] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5006] getdents64(4, [pid 5056] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5054] <... munmap resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5054] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5006] getdents64(4, [pid 5054] <... openat resumed>) = 4 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5054] ioctl(4, LOOP_SET_FD, 3 [pid 5006] close(4 [pid 5054] <... ioctl resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5006] rmdir("./2/file0") = 0 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [ 86.168451][ T5053] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.195930][ T5054] loop5: detected capacity change from 0 to 8192 [pid 5056] <... write resumed>) = 4194304 [pid 5006] close(3 [pid 5056] munmap(0x7f091d53c000, 4194304 [pid 5054] close(3 [pid 5006] <... close resumed>) = 0 [pid 5006] rmdir("./2" [pid 5056] <... munmap resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5056] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5054] <... close resumed>) = 0 [pid 5006] mkdir("./3", 0777 [pid 5056] <... openat resumed>) = 4 [pid 5054] mkdir("./file0", 0777 [pid 5006] <... mkdir resumed>) = 0 [pid 5056] ioctl(4, LOOP_SET_FD, 3 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5054] <... mkdir resumed>) = 0 [pid 5006] <... openat resumed>) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3 [pid 5056] <... ioctl resumed>) = 0 [pid 5054] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5006] <... close resumed>) = 0 [pid 5056] close(3 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5056] <... close resumed>) = 0 [pid 5056] mkdir("./file0", 0777 [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5060 [ 86.220024][ T5052] REISERFS (device loop2): using ordered data mode [ 86.226729][ T5052] reiserfs: using flush barriers [ 86.244047][ T5052] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.262809][ T5056] loop1: detected capacity change from 0 to 8192 ./strace-static-x86_64: Process 5060 attached [pid 5056] <... mkdir resumed>) = 0 [pid 5060] chdir("./3") = 0 [pid 5055] <... write resumed>) = 4194304 [pid 5060] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5056] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5060] <... prctl resumed>) = 0 [pid 5060] setpgid(0, 0) = 0 [pid 5060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5055] munmap(0x7f091d53c000, 4194304 [pid 5060] write(3, "1000", 4 [pid 5055] <... munmap resumed>) = 0 [pid 5060] <... write resumed>) = 4 [pid 5060] close(3) = 0 [ 86.279054][ T5053] REISERFS (device loop0): using ordered data mode [ 86.280279][ T5054] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.314872][ T5056] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5060] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5055] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5060] memfd_create("syzkaller", 0 [pid 5055] <... openat resumed>) = 4 [pid 5060] <... memfd_create resumed>) = 3 [pid 5055] ioctl(4, LOOP_SET_FD, 3 [pid 5060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 86.325130][ T5053] reiserfs: using flush barriers [ 86.337371][ T5052] REISERFS (device loop2): checking transaction log (loop2) [ 86.340473][ T5055] loop4: detected capacity change from 0 to 8192 [ 86.351444][ T5056] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 86.364896][ T5054] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5055] <... ioctl resumed>) = 0 [pid 5055] close(3) = 0 [pid 5055] mkdir("./file0", 0777) = 0 [ 86.394392][ T5053] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.396728][ T5056] REISERFS (device loop1): using ordered data mode [ 86.417254][ T5056] reiserfs: using flush barriers [ 86.446719][ T5056] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.450552][ T5055] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.464282][ T5054] REISERFS (device loop5): using ordered data mode [pid 5055] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [ 86.493076][ T5054] reiserfs: using flush barriers [ 86.499066][ T5056] REISERFS (device loop1): checking transaction log (loop1) [ 86.508458][ T5054] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.531712][ T5053] REISERFS (device loop0): checking transaction log (loop0) [ 86.576371][ T5054] REISERFS (device loop5): checking transaction log (loop5) [ 86.601414][ T5055] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5060] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5056] <... mount resumed>) = 0 [pid 5056] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5056] chdir("./file0" [ 86.641633][ T5056] REISERFS (device loop1): Using r5 hash to sort names [ 86.661773][ T5056] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 86.675971][ T5055] REISERFS (device loop4): using ordered data mode [pid 5060] <... write resumed>) = 4194304 [pid 5056] <... chdir resumed>) = 0 [pid 5060] munmap(0x7f091d53c000, 4194304 [pid 5056] ioctl(4, LOOP_CLR_FD [pid 5060] <... munmap resumed>) = 0 [pid 5056] <... ioctl resumed>) = 0 [pid 5060] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5056] close(4 [pid 5060] <... openat resumed>) = 4 [pid 5056] <... close resumed>) = 0 [pid 5060] ioctl(4, LOOP_SET_FD, 3 [ 86.696205][ T5055] reiserfs: using flush barriers [ 86.706746][ T5052] REISERFS (device loop2): Using r5 hash to sort names [ 86.717271][ T5052] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 86.726584][ T5055] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5056] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5060] <... ioctl resumed>) = 0 [pid 5056] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5060] close(3) = 0 [pid 5056] <... mmap resumed>) = 0x20000000 [pid 5052] <... mount resumed>) = 0 [pid 5060] mkdir("./file0", 0777 [pid 5056] ioctl(4, FS_IOC_GETVERSION [pid 5052] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5060] <... mkdir resumed>) = 0 [pid 5056] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5052] <... openat resumed>) = 3 [pid 5060] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5056] exit_group(0 [pid 5052] chdir("./file0" [pid 5056] <... exit_group resumed>) = ? [pid 5052] <... chdir resumed>) = 0 [pid 5056] +++ exited with 0 +++ [pid 5052] ioctl(4, LOOP_CLR_FD) = 0 [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5056, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5052] close(4) = 0 [pid 5004] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, [ 86.749421][ T5060] loop3: detected capacity change from 0 to 8192 [ 86.770082][ T5055] REISERFS (device loop4): checking transaction log (loop4) [pid 5052] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./3/binderfs") = 0 [pid 5052] <... openat resumed>) = 4 [pid 5004] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5052] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5052] exit_group(0) = ? [pid 5052] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5052, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5005] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 86.824483][ T5060] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./3/binderfs") = 0 [ 86.902157][ T5060] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 86.935007][ T5060] REISERFS (device loop3): using ordered data mode [ 86.941568][ T5060] reiserfs: using flush barriers [ 86.953109][ T5054] REISERFS (device loop5): Using r5 hash to sort names [ 86.966744][ T5053] REISERFS (device loop0): Using r5 hash to sort names [ 86.975596][ T5060] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.985752][ T5054] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5005] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5053] <... mount resumed>) = 0 [ 87.001043][ T5053] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 87.033171][ T5055] REISERFS (device loop4): Using r5 hash to sort names [ 87.041036][ T5060] REISERFS (device loop3): checking transaction log (loop3) [pid 5053] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5053] chdir("./file0") = 0 [pid 5053] ioctl(4, LOOP_CLR_FD) = 0 [pid 5055] <... mount resumed>) = 0 [pid 5053] close(4 [pid 5055] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5053] <... close resumed>) = 0 [pid 5053] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5053] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5053] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5053] exit_group(0) = ? [pid 5053] +++ exited with 0 +++ [pid 5055] <... openat resumed>) = 3 [pid 5055] chdir("./file0" [pid 5054] <... mount resumed>) = 0 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5053, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=26 /* 0.26 s */} --- [pid 5055] <... chdir resumed>) = 0 [pid 5054] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5054] chdir("./file0") = 0 [pid 5054] ioctl(4, LOOP_CLR_FD) = 0 [pid 5054] close(4) = 0 [pid 5054] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5054] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [ 87.050675][ T5055] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5055] ioctl(4, LOOP_CLR_FD [pid 5003] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5055] <... ioctl resumed>) = 0 [pid 5055] close(4 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5055] <... close resumed>) = 0 [pid 5003] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5055] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5054] ioctl(4, FS_IOC_GETVERSION [pid 5003] <... openat resumed>) = 3 [pid 5055] <... openat resumed>) = 4 [pid 5054] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5003] fstat(3, [pid 5055] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5055] <... mmap resumed>) = 0x20000000 [pid 5054] exit_group(0 [pid 5055] ioctl(4, FS_IOC_GETVERSION [pid 5003] getdents64(3, [pid 5055] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5054] <... exit_group resumed>) = ? [pid 5003] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5055] exit_group(0 [pid 5054] +++ exited with 0 +++ [pid 5003] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5055] <... exit_group resumed>) = ? [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5054, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5055] +++ exited with 0 +++ [pid 5003] lstat("./3/binderfs", [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5055, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] unlink("./3/binderfs" [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] <... unlink resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5003] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] getdents64(3, [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] <... openat resumed>) = 3 [pid 5008] lstat("./3/binderfs", [pid 5007] fstat(3, [pid 5008] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] unlink("./3/binderfs" [pid 5007] getdents64(3, [pid 5008] <... unlink resumed>) = 0 [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./3/binderfs") = 0 [pid 5007] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... umount2 resumed>) = 0 [pid 5004] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5004] rmdir("./3/file0") = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./3") = 0 [pid 5004] mkdir("./4", 0777) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5064 ./strace-static-x86_64: Process 5064 attached [pid 5064] chdir("./4") = 0 [pid 5064] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] <... umount2 resumed>) = 0 [pid 5064] <... prctl resumed>) = 0 [pid 5064] setpgid(0, 0) = 0 [pid 5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5064] write(3, "1000", 4) = 4 [pid 5064] close(3) = 0 [pid 5064] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5064] memfd_create("syzkaller", 0) = 3 [pid 5064] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5005] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./3/file0") = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./3") = 0 [pid 5005] mkdir("./4", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5065 attached [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5065 [pid 5065] chdir("./4" [pid 5008] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, [pid 5065] <... chdir resumed>) = 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5065] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5065] <... prctl resumed>) = 0 [pid 5008] close(4 [pid 5065] setpgid(0, 0 [pid 5008] <... close resumed>) = 0 [pid 5065] <... setpgid resumed>) = 0 [pid 5008] rmdir("./3/file0" [pid 5065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] <... rmdir resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [ 87.398191][ T5060] REISERFS (device loop3): Using r5 hash to sort names [pid 5008] getdents64(3, [pid 5065] write(3, "1000", 4) = 4 [pid 5065] close(3) = 0 [pid 5065] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5065] memfd_create("syzkaller", 0) = 3 [pid 5065] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5008] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./3") = 0 [pid 5008] mkdir("./4", 0777) = 0 [ 87.445934][ T5060] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5064] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5060] <... mount resumed>) = 0 [pid 5060] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5060] chdir("./file0") = 0 [pid 5060] ioctl(4, LOOP_CLR_FD) = 0 [pid 5060] close(4 [pid 5008] <... openat resumed>) = 3 [pid 5003] <... umount2 resumed>) = 0 [pid 5060] <... close resumed>) = 0 [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5060] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5003] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5060] <... openat resumed>) = 4 [pid 5008] close(3 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] <... close resumed>) = 0 [pid 5003] lstat("./3/file0", [pid 5060] <... mmap resumed>) = 0x20000000 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] ioctl(4, FS_IOC_GETVERSION [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5060] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5066 [pid 5003] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5066 attached [pid 5060] exit_group(0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5066] chdir("./4" [pid 5060] <... exit_group resumed>) = ? [pid 5003] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] <... chdir resumed>) = 0 [pid 5060] +++ exited with 0 +++ [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5003] <... openat resumed>) = 4 [pid 5066] <... prctl resumed>) = 0 [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5060, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5003] fstat(4, [pid 5066] setpgid(0, 0 [pid 5006] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5066] <... setpgid resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5006] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] getdents64(4, [pid 5066] <... openat resumed>) = 3 [pid 5006] <... openat resumed>) = 3 [pid 5066] write(3, "1000", 4 [pid 5006] fstat(3, [pid 5003] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5066] <... write resumed>) = 4 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, [pid 5066] close(3 [pid 5006] getdents64(3, [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5066] <... close resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] close(4 [pid 5066] symlink("/dev/binderfs", "./binderfs" [pid 5065] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5006] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... close resumed>) = 0 [pid 5066] <... symlink resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] rmdir("./3/file0" [pid 5066] memfd_create("syzkaller", 0 [pid 5006] lstat("./3/binderfs", [pid 5066] <... memfd_create resumed>) = 3 [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] <... rmdir resumed>) = 0 [pid 5066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5006] unlink("./3/binderfs" [pid 5003] getdents64(3, [pid 5066] <... mmap resumed>) = 0x7f091d53c000 [pid 5006] <... unlink resumed>) = 0 [pid 5003] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] close(3) = 0 [pid 5003] rmdir("./3" [pid 5007] <... umount2 resumed>) = 0 [pid 5007] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... rmdir resumed>) = 0 [pid 5003] mkdir("./4", 0777 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./3/file0", [pid 5003] <... mkdir resumed>) = 0 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5007] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] <... openat resumed>) = 3 [pid 5007] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5007] <... openat resumed>) = 4 [pid 5007] fstat(4, [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] close(3 [pid 5007] getdents64(4, [pid 5003] <... close resumed>) = 0 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4 [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5067 [pid 5007] <... close resumed>) = 0 [pid 5007] rmdir("./3/file0") = 0 [pid 5007] getdents64(3, ./strace-static-x86_64: Process 5067 attached 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5067] chdir("./4" [pid 5066] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] close(3 [pid 5067] <... chdir resumed>) = 0 [pid 5007] <... close resumed>) = 0 [pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5007] rmdir("./3" [pid 5067] <... prctl resumed>) = 0 [pid 5067] setpgid(0, 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5067] <... setpgid resumed>) = 0 [pid 5007] mkdir("./4", 0777 [pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5007] <... mkdir resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5067] write(3, "1000", 4 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] <... write resumed>) = 4 [pid 5007] <... openat resumed>) = 3 [pid 5067] close(3 [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5067] <... close resumed>) = 0 [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5067] symlink("/dev/binderfs", "./binderfs" [pid 5007] close(3 [pid 5067] <... symlink resumed>) = 0 [pid 5007] <... close resumed>) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] memfd_create("syzkaller", 0) = 3 [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5068 [pid 5067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 ./strace-static-x86_64: Process 5068 attached [pid 5068] chdir("./4") = 0 [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5068] setpgid(0, 0) = 0 [pid 5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5068] write(3, "1000", 4) = 4 [pid 5068] close(3) = 0 [pid 5068] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5068] memfd_create("syzkaller", 0) = 3 [pid 5064] <... write resumed>) = 4194304 [pid 5064] munmap(0x7f091d53c000, 4194304 [pid 5068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5064] <... munmap resumed>) = 0 [pid 5064] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5064] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5065] <... write resumed>) = 4194304 [pid 5064] close(3) = 0 [pid 5067] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5064] mkdir("./file0", 0777) = 0 [ 87.835912][ T5064] loop1: detected capacity change from 0 to 8192 [pid 5064] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5065] munmap(0x7f091d53c000, 4194304) = 0 [pid 5065] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5065] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5065] close(3) = 0 [pid 5065] mkdir("./file0", 0777) = 0 [ 87.889488][ T5064] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.916394][ T5065] loop2: detected capacity change from 0 to 8192 [pid 5065] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5068] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5066] <... write resumed>) = 4194304 [pid 5066] munmap(0x7f091d53c000, 4194304) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 87.942787][ T5065] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5066] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5066] close(3) = 0 [ 87.994324][ T5066] loop5: detected capacity change from 0 to 8192 [ 87.997783][ T5064] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 88.010007][ T5065] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 88.010177][ T5065] REISERFS (device loop2): using ordered data mode [ 88.026246][ T5065] reiserfs: using flush barriers [pid 5066] mkdir("./file0", 0777) = 0 [pid 5066] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5006] <... umount2 resumed>) = 0 [ 88.032809][ T5065] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.054379][ T5064] REISERFS (device loop1): using ordered data mode [ 88.061126][ T5064] reiserfs: using flush barriers [ 88.066490][ T5066] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.080883][ T5066] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5006] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] <... write resumed>) = 4194304 [pid 5006] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] munmap(0x7f091d53c000, 4194304 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5067] <... munmap resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5006] fstat(4, [pid 5067] <... openat resumed>) = 4 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... write resumed>) = 4194304 [pid 5067] ioctl(4, LOOP_SET_FD, 3 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [ 88.081031][ T5064] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.106616][ T5065] REISERFS (device loop2): checking transaction log (loop2) [ 88.106833][ T5066] REISERFS (device loop5): using ordered data mode [ 88.137833][ T5064] REISERFS (device loop1): checking transaction log (loop1) [pid 5068] munmap(0x7f091d53c000, 4194304 [pid 5006] close(4) = 0 [pid 5006] rmdir("./3/file0") = 0 [pid 5006] getdents64(3, [pid 5068] <... munmap resumed>) = 0 [pid 5067] <... ioctl resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3) = 0 [pid 5006] rmdir("./3") = 0 [pid 5006] mkdir("./4", 0777) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] close(3 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5068] <... openat resumed>) = 4 [pid 5067] <... close resumed>) = 0 [pid 5006] <... openat resumed>) = 3 [pid 5068] ioctl(4, LOOP_SET_FD, 3 [pid 5067] mkdir("./file0", 0777 [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5068] <... ioctl resumed>) = 0 [pid 5067] <... mkdir resumed>) = 0 [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3 [ 88.145605][ T5067] loop0: detected capacity change from 0 to 8192 [ 88.154912][ T5066] reiserfs: using flush barriers [ 88.161239][ T5066] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.186364][ T5068] loop4: detected capacity change from 0 to 8192 [pid 5067] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5006] close(3 [pid 5068] <... close resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5068] mkdir("./file0", 0777 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... mkdir resumed>) = 0 [pid 5068] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5073 ./strace-static-x86_64: Process 5073 attached [pid 5073] chdir("./4") = 0 [ 88.200556][ T5066] REISERFS (device loop5): checking transaction log (loop5) [ 88.232681][ T5067] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] setpgid(0, 0) = 0 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5073] write(3, "1000", 4) = 4 [pid 5073] close(3) = 0 [pid 5073] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5073] memfd_create("syzkaller", 0) = 3 [pid 5073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 88.253216][ T5068] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.304730][ T5068] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 88.315461][ T5068] REISERFS (device loop4): using ordered data mode [ 88.323128][ T5068] reiserfs: using flush barriers [ 88.324430][ T5067] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.344088][ T5068] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.386714][ T5067] REISERFS (device loop0): using ordered data mode [ 88.393276][ T5067] reiserfs: using flush barriers [ 88.425129][ T5068] REISERFS (device loop4): checking transaction log (loop4) [pid 5073] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5065] <... mount resumed>) = 0 [pid 5065] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5073] munmap(0x7f091d53c000, 4194304 [pid 5065] chdir("./file0") = 0 [pid 5065] ioctl(4, LOOP_CLR_FD) = 0 [pid 5065] close(4) = 0 [pid 5065] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5073] <... munmap resumed>) = 0 [ 88.464847][ T5065] REISERFS (device loop2): Using r5 hash to sort names [ 88.472082][ T5065] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 88.481584][ T5067] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5065] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5065] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5065] exit_group(0 [pid 5073] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5065] <... exit_group resumed>) = ? [pid 5073] <... openat resumed>) = 4 [pid 5065] +++ exited with 0 +++ [pid 5073] ioctl(4, LOOP_SET_FD, 3 [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5065, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5005] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 88.529569][ T5066] REISERFS (device loop5): Using r5 hash to sort names [ 88.538092][ T5064] REISERFS (device loop1): Using r5 hash to sort names [ 88.552019][ T5067] REISERFS (device loop0): checking transaction log (loop0) [ 88.555184][ T5073] loop3: detected capacity change from 0 to 8192 [pid 5064] <... mount resumed>) = 0 [pid 5005] getdents64(3, [pid 5073] <... ioctl resumed>) = 0 [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5073] close(3) = 0 [pid 5073] mkdir("./file0", 0777 [pid 5005] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... mkdir resumed>) = 0 [pid 5073] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./4/binderfs" [pid 5064] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5005] <... unlink resumed>) = 0 [pid 5005] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5064] <... openat resumed>) = 3 [pid 5066] <... mount resumed>) = 0 [pid 5064] chdir("./file0") = 0 [pid 5064] ioctl(4, LOOP_CLR_FD) = 0 [pid 5066] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5064] close(4) = 0 [pid 5064] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5066] chdir("./file0" [pid 5064] <... openat resumed>) = 4 [pid 5066] <... chdir resumed>) = 0 [pid 5066] ioctl(4, LOOP_CLR_FD) = 0 [pid 5066] close(4) = 0 [pid 5066] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5064] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5066] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5064] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5064] exit_group(0 [pid 5066] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5064] <... exit_group resumed>) = ? [pid 5066] exit_group(0 [pid 5064] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5064, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5066] <... exit_group resumed>) = ? [pid 5004] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5066] +++ exited with 0 +++ [pid 5004] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5066, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5004] <... openat resumed>) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] getdents64(3, [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... openat resumed>) = 3 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] fstat(3, [pid 5004] lstat("./4/binderfs", [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] getdents64(3, [pid 5004] unlink("./4/binderfs" [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [ 88.594614][ T5066] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 88.604396][ T5064] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 88.625663][ T5073] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5008] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... unlink resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./4/binderfs") = 0 [ 88.702327][ T5073] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 88.750168][ T5073] REISERFS (device loop3): using ordered data mode [ 88.797922][ T5068] REISERFS (device loop4): Using r5 hash to sort names [ 88.804068][ T5073] reiserfs: using flush barriers [ 88.834279][ T5068] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5008] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... mount resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5068] chdir("./file0") = 0 [pid 5068] ioctl(4, LOOP_CLR_FD) = 0 [pid 5068] close(4) = 0 [pid 5068] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 88.841997][ T5073] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5068] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5068] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5068] exit_group(0) = ? [pid 5068] +++ exited with 0 +++ [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5068, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5007] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5007] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./4/binderfs") = 0 [ 88.937709][ T5073] REISERFS (device loop3): checking transaction log (loop3) [ 88.970195][ T5067] REISERFS (device loop0): Using r5 hash to sort names [pid 5007] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... umount2 resumed>) = 0 [pid 5005] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./4/file0") = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./4") = 0 [pid 5005] mkdir("./5", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 89.009573][ T5067] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5067] <... mount resumed>) = 0 [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5076 [pid 5004] <... umount2 resumed>) = 0 [pid 5004] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5076 attached [pid 5067] <... openat resumed>) = 3 [pid 5008] <... umount2 resumed>) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5004] rmdir("./4/file0") = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./4") = 0 [pid 5004] mkdir("./5", 0777 [pid 5067] chdir("./file0" [pid 5004] <... mkdir resumed>) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... chdir resumed>) = 0 [pid 5076] chdir("./5" [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5077 [pid 5008] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] ioctl(4, LOOP_CLR_FD [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... ioctl resumed>) = 0 [pid 5076] <... chdir resumed>) = 0 [pid 5067] close(4 [pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] <... close resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5067] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5076] <... prctl resumed>) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5077 attached [pid 5008] close(4 [pid 5077] chdir("./5" [pid 5076] setpgid(0, 0 [pid 5067] <... openat resumed>) = 4 [pid 5008] <... close resumed>) = 0 [pid 5077] <... chdir resumed>) = 0 [pid 5008] rmdir("./4/file0" [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] <... rmdir resumed>) = 0 [pid 5077] <... prctl resumed>) = 0 [pid 5008] getdents64(3, [pid 5077] setpgid(0, 0 [pid 5008] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5077] <... setpgid resumed>) = 0 [pid 5008] close(3 [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] <... close resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5008] rmdir("./4" [pid 5077] write(3, "1000", 4 [pid 5008] <... rmdir resumed>) = 0 [pid 5077] <... write resumed>) = 4 [pid 5008] mkdir("./5", 0777 [pid 5077] close(3 [pid 5076] <... setpgid resumed>) = 0 [pid 5067] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] <... mkdir resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] symlink("/dev/binderfs", "./binderfs" [pid 5067] <... mmap resumed>) = 0x20000000 [pid 5008] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 3 [pid 5077] <... symlink resumed>) = 0 [pid 5076] write(3, "1000", 4 [pid 5067] ioctl(4, FS_IOC_GETVERSION [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5077] memfd_create("syzkaller", 0 [pid 5076] <... write resumed>) = 4 [pid 5067] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5077] <... memfd_create resumed>) = 3 [pid 5008] close(3 [pid 5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5008] <... close resumed>) = 0 [pid 5077] <... mmap resumed>) = 0x7f091d53c000 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] close(3 [pid 5067] exit_group(0 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5078 [pid 5076] <... close resumed>) = 0 [pid 5067] <... exit_group resumed>) = ? [pid 5076] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5078 attached [pid 5078] chdir("./5" [pid 5067] +++ exited with 0 +++ [pid 5078] <... chdir resumed>) = 0 [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5076] <... symlink resumed>) = 0 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5067, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5078] setpgid(0, 0 [pid 5076] memfd_create("syzkaller", 0 [pid 5003] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... setpgid resumed>) = 0 [pid 5076] <... memfd_create resumed>) = 3 [pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5076] <... mmap resumed>) = 0x7f091d53c000 [pid 5078] write(3, "1000", 4 [pid 5003] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... write resumed>) = 4 [pid 5078] close(3) = 0 [pid 5078] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] memfd_create("syzkaller", 0) = 3 [pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5003] <... openat resumed>) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./4/binderfs") = 0 [pid 5003] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] <... umount2 resumed>) = 0 [pid 5007] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5007] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] close(4) = 0 [pid 5007] rmdir("./4/file0") = 0 [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./4") = 0 [pid 5007] mkdir("./5", 0777) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 89.363806][ T5073] REISERFS (device loop3): Using r5 hash to sort names [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5079 ./strace-static-x86_64: Process 5079 attached [pid 5079] chdir("./5") = 0 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5079] setpgid(0, 0) = 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5079] write(3, "1000", 4) = 4 [pid 5079] close(3) = 0 [pid 5079] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5079] memfd_create("syzkaller", 0) = 3 [pid 5079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5003] <... umount2 resumed>) = 0 [pid 5003] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] <... mount resumed>) = 0 [ 89.425911][ T5073] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5073] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5073] chdir("./file0" [pid 5003] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... chdir resumed>) = 0 [pid 5073] ioctl(4, LOOP_CLR_FD) = 0 [pid 5003] <... openat resumed>) = 4 [pid 5073] close(4) = 0 [pid 5003] fstat(4, [pid 5073] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5003] getdents64(4, [pid 5073] ioctl(4, FS_IOC_GETVERSION [pid 5003] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5073] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5073] exit_group(0 [pid 5003] getdents64(4, [pid 5073] <... exit_group resumed>) = ? [pid 5073] +++ exited with 0 +++ [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5003] close(4) = 0 [pid 5003] rmdir("./4/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] close(3 [pid 5006] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] <... close resumed>) = 0 [pid 5006] <... openat resumed>) = 3 [pid 5003] rmdir("./4" [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... rmdir resumed>) = 0 [pid 5006] getdents64(3, [pid 5003] mkdir("./5", 0777 [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... mkdir resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./4/binderfs", [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5006] unlink("./4/binderfs" [pid 5076] <... write resumed>) = 4194304 [pid 5006] <... unlink resumed>) = 0 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5076] munmap(0x7f091d53c000, 4194304 [pid 5006] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5077] <... write resumed>) = 4194304 [pid 5077] munmap(0x7f091d53c000, 4194304 [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5080 [pid 5077] <... munmap resumed>) = 0 [pid 5076] <... munmap resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5076] ioctl(4, LOOP_SET_FD, 3 [pid 5077] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5080 attached [pid 5080] chdir("./5") = 0 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5078] <... write resumed>) = 4194304 [pid 5076] <... ioctl resumed>) = 0 [pid 5080] <... prctl resumed>) = 0 [pid 5078] munmap(0x7f091d53c000, 4194304 [pid 5076] close(3 [pid 5080] setpgid(0, 0) = 0 [pid 5078] <... munmap resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5080] write(3, "1000", 4 [pid 5078] <... openat resumed>) = 4 [ 89.592951][ T5077] loop1: detected capacity change from 0 to 8192 [ 89.593530][ T5076] loop2: detected capacity change from 0 to 8192 [pid 5076] mkdir("./file0", 0777 [pid 5080] <... write resumed>) = 4 [pid 5078] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] mkdir("./file0", 0777 [pid 5080] close(3 [pid 5077] <... mkdir resumed>) = 0 [pid 5077] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5078] <... ioctl resumed>) = 0 [pid 5076] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5080] <... close resumed>) = 0 [pid 5080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] memfd_create("syzkaller", 0) = 3 [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5078] close(3) = 0 [pid 5078] mkdir("./file0", 0777) = 0 [ 89.656737][ T5078] loop5: detected capacity change from 0 to 8192 [ 89.675438][ T5076] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.706110][ T5077] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5078] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5079] <... write resumed>) = 4194304 [pid 5079] munmap(0x7f091d53c000, 4194304) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 89.750785][ T5078] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.764063][ T5076] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 89.773727][ T5076] REISERFS (device loop2): using ordered data mode [ 89.781754][ T5076] reiserfs: using flush barriers [ 89.787330][ T5077] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5079] ioctl(4, LOOP_SET_FD, 3) = 0 [ 89.806844][ T5079] loop4: detected capacity change from 0 to 8192 [ 89.816604][ T5078] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 89.826208][ T5077] REISERFS (device loop1): using ordered data mode [ 89.828963][ T5078] REISERFS (device loop5): using ordered data mode [ 89.834426][ T5076] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5079] close(3) = 0 [pid 5079] mkdir("./file0", 0777) = 0 [pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5079] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5006] <... umount2 resumed>) = 0 [pid 5006] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 89.840893][ T5078] reiserfs: using flush barriers [ 89.863682][ T5077] reiserfs: using flush barriers [ 89.865012][ T5078] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.885827][ T5078] REISERFS (device loop5): checking transaction log (loop5) [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] close(4) = 0 [pid 5006] rmdir("./4/file0") = 0 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3) = 0 [pid 5006] rmdir("./4") = 0 [pid 5006] mkdir("./5", 0777) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5085 ./strace-static-x86_64: Process 5085 attached [ 89.904817][ T5079] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.910597][ T5076] REISERFS (device loop2): checking transaction log (loop2) [ 89.920133][ T5077] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5085] chdir("./5") = 0 [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5085] setpgid(0, 0) = 0 [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 89.995000][ T5079] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 90.000938][ T5077] REISERFS (device loop1): checking transaction log (loop1) [pid 5085] write(3, "1000", 4) = 4 [pid 5085] close(3) = 0 [pid 5076] <... mount resumed>) = 0 [pid 5085] symlink("/dev/binderfs", "./binderfs" [pid 5076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... symlink resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5085] memfd_create("syzkaller", 0 [pid 5076] chdir("./file0" [pid 5085] <... memfd_create resumed>) = 3 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... chdir resumed>) = 0 [pid 5085] <... mmap resumed>) = 0x7f091d53c000 [pid 5076] ioctl(4, LOOP_CLR_FD) = 0 [pid 5076] close(4) = 0 [ 90.048958][ T5076] REISERFS (device loop2): Using r5 hash to sort names [ 90.064260][ T5076] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 90.066858][ T5079] REISERFS (device loop4): using ordered data mode [pid 5076] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5076] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5076] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5076] exit_group(0) = ? [pid 5076] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5005] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5005] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] <... write resumed>) = 4194304 [pid 5005] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5080] munmap(0x7f091d53c000, 4194304 [ 90.130386][ T5078] REISERFS (device loop5): Using r5 hash to sort names [ 90.162441][ T5079] reiserfs: using flush barriers [pid 5005] unlink("./5/binderfs" [pid 5080] <... munmap resumed>) = 0 [pid 5005] <... unlink resumed>) = 0 [pid 5005] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5080] ioctl(4, LOOP_SET_FD, 3 [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... mount resumed>) = 0 [ 90.172046][ T5078] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 90.191530][ T5080] loop0: detected capacity change from 0 to 8192 [ 90.199878][ T5079] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.219486][ T5077] REISERFS (device loop1): Using r5 hash to sort names [pid 5080] close(3 [pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... close resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5080] mkdir("./file0", 0777 [pid 5078] chdir("./file0" [pid 5080] <... mkdir resumed>) = 0 [pid 5078] <... chdir resumed>) = 0 [pid 5080] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5078] ioctl(4, LOOP_CLR_FD) = 0 [pid 5078] close(4) = 0 [pid 5078] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5078] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5078] ioctl(4, FS_IOC_GETVERSION [pid 5077] <... mount resumed>) = 0 [pid 5078] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5078] exit_group(0 [pid 5077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... exit_group resumed>) = ? [pid 5078] +++ exited with 0 +++ [pid 5077] <... openat resumed>) = 3 [ 90.220444][ T5079] REISERFS (device loop4): checking transaction log (loop4) [ 90.236716][ T5077] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 90.262452][ T5080] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5077] chdir("./file0") = 0 [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5077] ioctl(4, LOOP_CLR_FD [pid 5008] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... ioctl resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] close(4 [pid 5008] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... close resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5085] <... write resumed>) = 4194304 [pid 5077] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5008] fstat(3, [pid 5077] <... openat resumed>) = 4 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5077] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] getdents64(3, [pid 5077] <... mmap resumed>) = 0x20000000 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] ioctl(4, FS_IOC_GETVERSION [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5008] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5077] exit_group(0 [pid 5008] unlink("./5/binderfs") = 0 [pid 5008] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... exit_group resumed>) = ? [pid 5077] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5085] munmap(0x7f091d53c000, 4194304) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5085] ioctl(4, LOOP_SET_FD, 3 [pid 5004] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./5/binderfs") = 0 [pid 5004] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... mount resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 90.352052][ T5080] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.368308][ T5079] REISERFS (device loop4): Using r5 hash to sort names [ 90.379372][ T5085] loop3: detected capacity change from 0 to 8192 [ 90.385101][ T5079] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5079] chdir("./file0") = 0 [pid 5079] ioctl(4, LOOP_CLR_FD) = 0 [pid 5079] close(4 [pid 5085] <... ioctl resumed>) = 0 [pid 5085] close(3) = 0 [pid 5085] mkdir("./file0", 0777 [pid 5079] <... close resumed>) = 0 [pid 5004] <... umount2 resumed>) = 0 [pid 5079] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5004] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 4 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5004] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5079] <... mmap resumed>) = 0x20000000 [pid 5004] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] ioctl(4, FS_IOC_GETVERSION [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5004] <... openat resumed>) = 4 [pid 5004] fstat(4, [pid 5079] exit_group(0 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5079] <... exit_group resumed>) = ? [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4 [pid 5079] +++ exited with 0 +++ [pid 5004] <... close resumed>) = 0 [ 90.424639][ T5080] REISERFS (device loop0): using ordered data mode [ 90.431350][ T5080] reiserfs: using flush barriers [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5004] rmdir("./5/file0") = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5004] getdents64(3, [pid 5085] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5007] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... close resumed>) = 0 [pid 5007] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] rmdir("./5" [pid 5007] <... openat resumed>) = 3 [pid 5004] <... rmdir resumed>) = 0 [pid 5007] fstat(3, [pid 5004] mkdir("./6", 0777 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... mkdir resumed>) = 0 [pid 5007] getdents64(3, [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./5/binderfs") = 0 [pid 5007] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] <... umount2 resumed>) = 0 [pid 5008] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 90.511983][ T5080] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.528921][ T5085] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5005] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] lstat("./5/file0", [pid 5008] <... openat resumed>) = 4 [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] fstat(4, [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] getdents64(4, [pid 5005] <... openat resumed>) = 4 [pid 5008] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] fstat(4, [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] close(4 [pid 5005] getdents64(4, [pid 5008] <... close resumed>) = 0 [pid 5008] rmdir("./5/file0" [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] <... rmdir resumed>) = 0 [pid 5005] getdents64(4, [pid 5008] getdents64(3, [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3 [pid 5005] close(4 [pid 5008] <... close resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5008] rmdir("./5" [pid 5005] rmdir("./5/file0" [pid 5008] <... rmdir resumed>) = 0 [pid 5008] mkdir("./6", 0777 [pid 5005] <... rmdir resumed>) = 0 [pid 5008] <... mkdir resumed>) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [ 90.554720][ T5080] REISERFS (device loop0): checking transaction log (loop0) [pid 5005] getdents64(3, [pid 5008] <... openat resumed>) = 3 [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5005] close(3 [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] <... close resumed>) = 0 [pid 5008] close(3 [pid 5005] rmdir("./5" [pid 5008] <... close resumed>) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] <... rmdir resumed>) = 0 [pid 5005] mkdir("./6", 0777 [pid 5004] <... openat resumed>) = 3 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5088 [pid 5005] <... mkdir resumed>) = 0 [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5088 attached [pid 5005] <... openat resumed>) = 3 [pid 5004] close(3 [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5004] <... close resumed>) = 0 [pid 5088] chdir("./6" [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... chdir resumed>) = 0 [pid 5005] close(3 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] <... close resumed>) = 0 [pid 5088] <... prctl resumed>) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5089 [pid 5088] setpgid(0, 0) = 0 [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5090 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5007] <... umount2 resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5088] write(3, "1000", 4 [pid 5007] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5088] <... write resumed>) = 4 ./strace-static-x86_64: Process 5089 attached [pid 5088] close(3 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... close resumed>) = 0 [ 90.592505][ T5085] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5088] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5090 attached [pid 5089] chdir("./6" [pid 5088] <... symlink resumed>) = 0 [pid 5007] lstat("./5/file0", [pid 5090] chdir("./6" [pid 5089] <... chdir resumed>) = 0 [pid 5088] memfd_create("syzkaller", 0 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... chdir resumed>) = 0 [pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... memfd_create resumed>) = 3 [pid 5007] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... prctl resumed>) = 0 [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... prctl resumed>) = 0 [pid 5089] setpgid(0, 0 [pid 5088] <... mmap resumed>) = 0x7f091d53c000 [pid 5007] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] setpgid(0, 0 [pid 5089] <... setpgid resumed>) = 0 [pid 5007] <... openat resumed>) = 4 [pid 5090] <... setpgid resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5007] fstat(4, [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... openat resumed>) = 3 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5089] write(3, "1000", 4 [pid 5007] getdents64(4, [pid 5090] write(3, "1000", 4 [pid 5089] <... write resumed>) = 4 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5090] <... write resumed>) = 4 [pid 5089] close(3 [pid 5007] getdents64(4, [pid 5090] close(3 [pid 5089] <... close resumed>) = 0 [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5090] <... close resumed>) = 0 [pid 5089] symlink("/dev/binderfs", "./binderfs" [pid 5007] close(4 [pid 5090] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... symlink resumed>) = 0 [pid 5007] <... close resumed>) = 0 [ 90.661206][ T5085] REISERFS (device loop3): using ordered data mode [pid 5089] memfd_create("syzkaller", 0 [pid 5007] rmdir("./5/file0" [pid 5089] <... memfd_create resumed>) = 3 [pid 5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5090] <... symlink resumed>) = 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5090] memfd_create("syzkaller", 0 [pid 5007] getdents64(3, [pid 5090] <... memfd_create resumed>) = 3 [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5007] close(3 [pid 5090] <... mmap resumed>) = 0x7f091d53c000 [ 90.720960][ T5085] reiserfs: using flush barriers [ 90.739501][ T5085] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5007] <... close resumed>) = 0 [pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] rmdir("./5") = 0 [pid 5007] mkdir("./6", 0777) = 0 [ 90.780079][ T5085] REISERFS (device loop3): checking transaction log (loop3) [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5091 ./strace-static-x86_64: Process 5091 attached [pid 5088] <... write resumed>) = 4194304 [pid 5091] chdir("./6" [pid 5088] munmap(0x7f091d53c000, 4194304 [pid 5091] <... chdir resumed>) = 0 [pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5091] setpgid(0, 0) = 0 [pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... munmap resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5088] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] write(3, "1000", 4 [pid 5088] <... openat resumed>) = 4 [pid 5091] <... write resumed>) = 4 [pid 5088] ioctl(4, LOOP_SET_FD, 3 [ 90.883966][ T5080] REISERFS (device loop0): Using r5 hash to sort names [ 90.891439][ T5080] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] close(3) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5091] symlink("/dev/binderfs", "./binderfs" [pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5088] close(3 [pid 5091] <... symlink resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5080] <... mount resumed>) = 0 [pid 5091] memfd_create("syzkaller", 0 [pid 5088] mkdir("./file0", 0777 [pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5091] <... memfd_create resumed>) = 3 [pid 5088] <... mkdir resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5091] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5080] chdir("./file0" [pid 5091] <... mmap resumed>) = 0x7f091d53c000 [pid 5080] <... chdir resumed>) = 0 [pid 5080] ioctl(4, LOOP_CLR_FD) = 0 [pid 5080] close(4) = 0 [pid 5080] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 90.935693][ T5088] loop5: detected capacity change from 0 to 8192 [pid 5089] <... write resumed>) = 4194304 [pid 5080] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5080] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5080] exit_group(0) = ? [pid 5080] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5003] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5003] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] munmap(0x7f091d53c000, 4194304 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 90.989217][ T5088] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.003468][ T5085] REISERFS (device loop3): Using r5 hash to sort names [ 91.026683][ T5085] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5003] unlink("./5/binderfs" [pid 5089] <... munmap resumed>) = 0 [pid 5003] <... unlink resumed>) = 0 [pid 5003] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5089] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5089] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5089] close(3) = 0 [pid 5089] mkdir("./file0", 0777) = 0 [pid 5089] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5085] <... mount resumed>) = 0 [ 91.035595][ T5088] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 91.068616][ T5088] REISERFS (device loop5): using ordered data mode [ 91.072064][ T5089] loop1: detected capacity change from 0 to 8192 [pid 5091] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5085] chdir("./file0") = 0 [pid 5085] ioctl(4, LOOP_CLR_FD) = 0 [pid 5085] close(4) = 0 [pid 5085] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5085] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5085] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5085] exit_group(0) = ? [pid 5085] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=16 /* 0.16 s */} --- [ 91.092754][ T5089] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5006] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5006] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 91.140242][ T5088] reiserfs: using flush barriers [pid 5006] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./5/binderfs") = 0 [pid 5006] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] <... write resumed>) = 4194304 [pid 5090] munmap(0x7f091d53c000, 4194304) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 91.166830][ T5089] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 91.195517][ T5089] REISERFS (device loop1): using ordered data mode [ 91.226461][ T5089] reiserfs: using flush barriers [ 91.231700][ T5088] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.231968][ T5090] loop2: detected capacity change from 0 to 8192 [pid 5090] ioctl(4, LOOP_SET_FD, 3 [pid 5091] <... write resumed>) = 4194304 [ 91.264973][ T5089] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5091] munmap(0x7f091d53c000, 4194304) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5090] close(3 [pid 5091] ioctl(4, LOOP_SET_FD, 3 [pid 5090] <... close resumed>) = 0 [ 91.307990][ T5088] REISERFS (device loop5): checking transaction log (loop5) [ 91.312661][ T5089] REISERFS (device loop1): checking transaction log (loop1) [pid 5090] mkdir("./file0", 0777) = 0 [pid 5090] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5091] <... ioctl resumed>) = 0 [pid 5091] close(3) = 0 [pid 5091] mkdir("./file0", 0777) = 0 [ 91.351438][ T5091] loop4: detected capacity change from 0 to 8192 [ 91.391770][ T5090] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.406639][ T5091] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5091] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5089] <... mount resumed>) = 0 [pid 5003] <... umount2 resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5003] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 3 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 91.465158][ T5089] REISERFS (device loop1): Using r5 hash to sort names [ 91.474543][ T5089] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 91.484275][ T5090] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 91.491052][ T5091] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 91.493616][ T5090] REISERFS (device loop2): using ordered data mode [ 91.509790][ T5090] reiserfs: using flush barriers [pid 5089] chdir("./file0") = 0 [pid 5006] <... umount2 resumed>) = 0 [pid 5003] lstat("./5/file0", [pid 5089] ioctl(4, LOOP_CLR_FD [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5003] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5089] close(4 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... close resumed>) = 0 [pid 5006] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 91.516622][ T5090] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.533614][ T5090] REISERFS (device loop2): checking transaction log (loop2) [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... openat resumed>) = 4 [pid 5089] <... openat resumed>) = 4 [pid 5003] fstat(4, [pid 5089] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5089] <... mmap resumed>) = 0x20000000 [pid 5006] lstat("./5/file0", [pid 5003] getdents64(4, [pid 5089] ioctl(4, FS_IOC_GETVERSION [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5089] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5006] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, [pid 5089] exit_group(0 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, [pid 5089] <... exit_group resumed>) = ? [pid 5006] getdents64(4, [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5089] +++ exited with 0 +++ [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] close(4 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5003] <... close resumed>) = 0 [pid 5006] close(4) = 0 [pid 5006] rmdir("./5/file0") = 0 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [ 91.599294][ T5091] REISERFS (device loop4): using ordered data mode [ 91.616231][ T5091] reiserfs: using flush barriers [pid 5006] close(3) = 0 [pid 5006] rmdir("./5" [pid 5004] restart_syscall(<... resuming interrupted clone ...> [pid 5003] rmdir("./5/file0" [pid 5006] <... rmdir resumed>) = 0 [pid 5004] <... restart_syscall resumed>) = 0 [pid 5006] mkdir("./6", 0777 [pid 5003] <... rmdir resumed>) = 0 [pid 5006] <... mkdir resumed>) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3) = 0 [pid 5003] getdents64(3, [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5096 [pid 5004] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] close(3 [pid 5004] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] <... close resumed>) = 0 [pid 5004] <... openat resumed>) = 3 [pid 5003] rmdir("./5"./strace-static-x86_64: Process 5096 attached [pid 5004] fstat(3, [pid 5003] <... rmdir resumed>) = 0 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5096] chdir("./6" [pid 5003] mkdir("./6", 0777 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] <... mkdir resumed>) = 0 [pid 5004] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5096] <... chdir resumed>) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5096] <... prctl resumed>) = 0 [pid 5090] <... mount resumed>) = 0 [pid 5004] lstat("./6/binderfs", [pid 5003] <... openat resumed>) = 3 [pid 5096] setpgid(0, 0 [pid 5090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5096] <... setpgid resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5004] unlink("./6/binderfs" [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] chdir("./file0" [ 91.633799][ T5091] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.658150][ T5091] REISERFS (device loop4): checking transaction log (loop4) [ 91.666598][ T5090] REISERFS (device loop2): Using r5 hash to sort names [ 91.675105][ T5090] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5004] <... unlink resumed>) = 0 [pid 5003] close(3 [pid 5096] <... openat resumed>) = 3 [pid 5090] <... chdir resumed>) = 0 [pid 5004] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... close resumed>) = 0 [pid 5096] write(3, "1000", 4 [pid 5090] ioctl(4, LOOP_CLR_FD [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5096] <... write resumed>) = 4 [pid 5090] <... ioctl resumed>) = 0 [pid 5096] close(3 [pid 5090] close(4 [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5097 [pid 5096] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 ./strace-static-x86_64: Process 5097 attached [pid 5096] symlink("/dev/binderfs", "./binderfs" [pid 5090] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5097] chdir("./6" [pid 5096] <... symlink resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5097] <... chdir resumed>) = 0 [pid 5096] memfd_create("syzkaller", 0 [pid 5090] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5096] <... memfd_create resumed>) = 3 [pid 5090] <... mmap resumed>) = 0x20000000 [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] ioctl(4, FS_IOC_GETVERSION [pid 5096] <... mmap resumed>) = 0x7f091d53c000 [pid 5090] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5097] <... prctl resumed>) = 0 [pid 5090] exit_group(0 [pid 5097] setpgid(0, 0 [pid 5090] <... exit_group resumed>) = ? [pid 5097] <... setpgid resumed>) = 0 [pid 5090] +++ exited with 0 +++ [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5097] <... openat resumed>) = 3 [pid 5097] write(3, "1000", 4) = 4 [pid 5005] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] close(3 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5097] <... close resumed>) = 0 [pid 5005] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5097] symlink("/dev/binderfs", "./binderfs" [pid 5005] <... openat resumed>) = 3 [pid 5097] <... symlink resumed>) = 0 [pid 5005] fstat(3, [pid 5097] memfd_create("syzkaller", 0 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5097] <... memfd_create resumed>) = 3 [pid 5005] getdents64(3, [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5097] <... mmap resumed>) = 0x7f091d53c000 [pid 5005] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./6/binderfs") = 0 [pid 5005] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5088] <... mount resumed>) = 0 [ 91.779337][ T5088] REISERFS (device loop5): Using r5 hash to sort names [ 91.800907][ T5088] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5088] chdir("./file0") = 0 [pid 5088] ioctl(4, LOOP_CLR_FD) = 0 [pid 5088] close(4 [pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5088] <... close resumed>) = 0 [pid 5088] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5088] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5088] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5088] exit_group(0) = ? [pid 5088] +++ exited with 0 +++ [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5008] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5008] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./6/binderfs") = 0 [pid 5008] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... umount2 resumed>) = 0 [pid 5005] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./6/file0") = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./6") = 0 [pid 5005] mkdir("./7", 0777) = 0 [ 91.956178][ T899] cfg80211: failed to load regulatory.db [ 91.981077][ T5091] REISERFS (device loop4): Using r5 hash to sort names [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5091] <... mount resumed>) = 0 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5091] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5005] close(3 [pid 5091] <... openat resumed>) = 3 [pid 5005] <... close resumed>) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] chdir("./file0" [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5098 [pid 5091] <... chdir resumed>) = 0 [pid 5091] ioctl(4, LOOP_CLR_FD) = 0 [pid 5091] close(4) = 0 [pid 5091] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5091] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5091] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 92.004515][ T5091] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5091] exit_group(0) = ? [pid 5091] +++ exited with 0 +++ [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5007] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5098 attached ) = -1 EINVAL (Invalid argument) [pid 5098] chdir("./7" [pid 5007] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5098] <... chdir resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5004] <... umount2 resumed>) = 0 [pid 5098] <... prctl resumed>) = 0 [pid 5007] fstat(3, [pid 5098] setpgid(0, 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5098] <... setpgid resumed>) = 0 [pid 5007] getdents64(3, [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] lstat("./6/file0", [pid 5098] <... openat resumed>) = 3 [pid 5007] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5098] write(3, "1000", 4 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5098] <... write resumed>) = 4 [pid 5007] lstat("./6/binderfs", [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5098] close(3 [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5098] <... close resumed>) = 0 [pid 5007] unlink("./6/binderfs" [pid 5004] <... openat resumed>) = 4 [pid 5098] symlink("/dev/binderfs", "./binderfs" [pid 5007] <... unlink resumed>) = 0 [pid 5004] fstat(4, [pid 5098] <... symlink resumed>) = 0 [pid 5007] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5098] memfd_create("syzkaller", 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5098] <... memfd_create resumed>) = 3 [pid 5004] close(4) = 0 [pid 5004] rmdir("./6/file0" [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5098] <... mmap resumed>) = 0x7f091d53c000 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./6") = 0 [pid 5004] mkdir("./7", 0777) = 0 [pid 5096] <... write resumed>) = 4194304 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5097] <... write resumed>) = 4194304 [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5097] munmap(0x7f091d53c000, 4194304 [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5099 ./strace-static-x86_64: Process 5099 attached [pid 5099] chdir("./7") = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5099] setpgid(0, 0) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5097] <... munmap resumed>) = 0 [pid 5099] <... openat resumed>) = 3 [pid 5097] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5099] write(3, "1000", 4) = 4 [pid 5099] close(3) = 0 [pid 5099] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5099] memfd_create("syzkaller", 0 [pid 5097] <... openat resumed>) = 4 [pid 5099] <... memfd_create resumed>) = 3 [pid 5097] ioctl(4, LOOP_SET_FD, 3 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5096] munmap(0x7f091d53c000, 4194304) = 0 [pid 5096] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5097] <... ioctl resumed>) = 0 [pid 5097] close(3 [pid 5096] ioctl(4, LOOP_SET_FD, 3 [pid 5097] <... close resumed>) = 0 [pid 5097] mkdir("./file0", 0777) = 0 [ 92.192856][ T5097] loop0: detected capacity change from 0 to 8192 [ 92.226350][ T5096] loop3: detected capacity change from 0 to 8192 [pid 5097] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5008] <... umount2 resumed>) = 0 [pid 5096] <... ioctl resumed>) = 0 [pid 5096] close(3) = 0 [pid 5096] mkdir("./file0", 0777) = 0 [pid 5096] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5008] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./6/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./6") = 0 [ 92.266481][ T5097] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.301806][ T5096] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5008] mkdir("./7", 0777 [pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5098] <... write resumed>) = 4194304 [pid 5008] <... mkdir resumed>) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5098] munmap(0x7f091d53c000, 4194304 [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5098] <... munmap resumed>) = 0 [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5098] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5008] close(3 [pid 5099] <... write resumed>) = 4194304 [pid 5098] <... openat resumed>) = 4 [pid 5008] <... close resumed>) = 0 [pid 5098] ioctl(4, LOOP_SET_FD, 3 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5099] munmap(0x7f091d53c000, 4194304 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5102 [ 92.368055][ T5097] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.392559][ T5096] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 92.402394][ T5096] REISERFS (device loop3): using ordered data mode [ 92.404260][ T5098] loop2: detected capacity change from 0 to 8192 [pid 5099] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5102 attached [pid 5099] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5007] <... umount2 resumed>) = 0 [pid 5102] chdir("./7") = 0 [pid 5099] <... openat resumed>) = 4 [pid 5007] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5102] setpgid(0, 0) = 0 [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5102] write(3, "1000", 4) = 4 [pid 5102] close(3) = 0 [pid 5102] symlink("/dev/binderfs", "./binderfs") = 0 [ 92.409279][ T5096] reiserfs: using flush barriers [ 92.425107][ T5096] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.430350][ T5097] REISERFS (device loop0): using ordered data mode [ 92.448742][ T5097] reiserfs: using flush barriers [pid 5102] memfd_create("syzkaller", 0) = 3 [pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5099] ioctl(4, LOOP_SET_FD, 3 [pid 5098] <... ioctl resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5098] close(3) = 0 [pid 5098] mkdir("./file0", 0777) = 0 [pid 5098] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5007] lstat("./6/file0", [pid 5099] <... ioctl resumed>) = 0 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5099] close(3 [pid 5007] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5099] <... close resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 92.455173][ T5097] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.474317][ T5097] REISERFS (device loop0): checking transaction log (loop0) [ 92.485704][ T5099] loop1: detected capacity change from 0 to 8192 [ 92.498967][ T5098] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5099] mkdir("./file0", 0777 [pid 5007] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5099] <... mkdir resumed>) = 0 [pid 5007] <... openat resumed>) = 4 [pid 5099] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5007] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4) = 0 [pid 5007] rmdir("./6/file0") = 0 [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [ 92.534680][ T5096] REISERFS (device loop3): checking transaction log (loop3) [ 92.559920][ T5099] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.563642][ T5098] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5007] close(3) = 0 [pid 5007] rmdir("./6") = 0 [pid 5007] mkdir("./7", 0777) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 92.598449][ T5098] REISERFS (device loop2): using ordered data mode [ 92.611344][ T5098] reiserfs: using flush barriers [ 92.620502][ T5099] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 92.634008][ T5098] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5105 ./strace-static-x86_64: Process 5105 attached [pid 5105] chdir("./7") = 0 [pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5105] setpgid(0, 0) = 0 [pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5097] <... mount resumed>) = 0 [pid 5105] write(3, "1000", 4) = 4 [pid 5105] close(3) = 0 [pid 5105] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5105] memfd_create("syzkaller", 0 [pid 5097] chdir("./file0" [pid 5105] <... memfd_create resumed>) = 3 [pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 92.671793][ T5097] REISERFS (device loop0): Using r5 hash to sort names [ 92.679631][ T5097] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 92.690887][ T5099] REISERFS (device loop1): using ordered data mode [ 92.697964][ T5099] reiserfs: using flush barriers [ 92.705418][ T5098] REISERFS (device loop2): checking transaction log (loop2) [pid 5097] <... chdir resumed>) = 0 [pid 5097] ioctl(4, LOOP_CLR_FD) = 0 [pid 5097] close(4) = 0 [pid 5097] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5097] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5097] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5097] exit_group(0) = ? [pid 5097] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5003] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./6/binderfs") = 0 [pid 5003] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5096] <... mount resumed>) = 0 [pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 92.709803][ T5099] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.729479][ T5096] REISERFS (device loop3): Using r5 hash to sort names [ 92.748370][ T5096] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5096] chdir("./file0") = 0 [pid 5096] ioctl(4, LOOP_CLR_FD) = 0 [pid 5096] close(4) = 0 [pid 5096] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5096] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5096] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5096] exit_group(0 [pid 5102] <... write resumed>) = 4194304 [pid 5096] <... exit_group resumed>) = ? [pid 5096] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5006] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5102] munmap(0x7f091d53c000, 4194304 [pid 5003] <... umount2 resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... openat resumed>) = 3 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] fstat(3, [pid 5003] lstat("./6/file0", [pid 5102] <... munmap resumed>) = 0 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, [pid 5102] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5003] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5102] <... openat resumed>) = 4 [pid 5006] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] fstat(4, [pid 5102] ioctl(4, LOOP_SET_FD, 3 [pid 5006] lstat("./6/binderfs", [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] getdents64(4, [pid 5006] unlink("./6/binderfs" [pid 5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5006] <... unlink resumed>) = 0 [pid 5003] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./6/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [ 92.831437][ T5099] REISERFS (device loop1): checking transaction log (loop1) [ 92.870973][ T5102] loop5: detected capacity change from 0 to 8192 [pid 5003] close(3 [pid 5102] <... ioctl resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5102] close(3 [pid 5003] rmdir("./6") = 0 [pid 5003] mkdir("./7", 0777) = 0 [pid 5102] <... close resumed>) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5102] mkdir("./file0", 0777) = 0 [pid 5102] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5006] <... umount2 resumed>) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5107 attached ) = -1 EINVAL (Invalid argument) [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5107 [pid 5107] chdir("./7" [pid 5006] lstat("./6/file0", [pid 5107] <... chdir resumed>) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 92.949998][ T5102] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5006] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... prctl resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] setpgid(0, 0 [pid 5006] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5107] <... setpgid resumed>) = 0 [pid 5006] <... openat resumed>) = 4 [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5006] fstat(4, [pid 5107] <... openat resumed>) = 3 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5107] write(3, "1000", 4 [pid 5006] getdents64(4, [pid 5107] <... write resumed>) = 4 [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5107] close(3 [pid 5006] getdents64(4, [pid 5107] <... close resumed>) = 0 [pid 5105] <... write resumed>) = 4194304 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5107] symlink("/dev/binderfs", "./binderfs" [pid 5105] munmap(0x7f091d53c000, 4194304 [pid 5006] close(4 [pid 5107] <... symlink resumed>) = 0 [pid 5006] <... close resumed>) = 0 [ 93.041403][ T5102] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 93.052549][ T5102] REISERFS (device loop5): using ordered data mode [ 93.060401][ T5102] reiserfs: using flush barriers [ 93.061953][ T5098] REISERFS (device loop2): Using r5 hash to sort names [ 93.073295][ T5102] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5107] memfd_create("syzkaller", 0 [pid 5105] <... munmap resumed>) = 0 [pid 5006] rmdir("./6/file0" [pid 5107] <... memfd_create resumed>) = 3 [pid 5105] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5006] <... rmdir resumed>) = 0 [pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5105] <... openat resumed>) = 4 [pid 5006] getdents64(3, [pid 5107] <... mmap resumed>) = 0x7f091d53c000 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5105] ioctl(4, LOOP_SET_FD, 3 [pid 5098] <... mount resumed>) = 0 [pid 5006] close(3 [pid 5105] <... ioctl resumed>) = 0 [pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5006] <... close resumed>) = 0 [pid 5006] rmdir("./6") = 0 [pid 5098] <... openat resumed>) = 3 [pid 5006] mkdir("./7", 0777 [pid 5105] close(3 [pid 5098] chdir("./file0" [pid 5006] <... mkdir resumed>) = 0 [pid 5105] <... close resumed>) = 0 [pid 5098] <... chdir resumed>) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5105] mkdir("./file0", 0777 [pid 5098] ioctl(4, LOOP_CLR_FD [pid 5006] <... openat resumed>) = 3 [pid 5098] <... ioctl resumed>) = 0 [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5105] <... mkdir resumed>) = 0 [pid 5098] close(4 [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5105] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5098] <... close resumed>) = 0 [ 93.127725][ T5098] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 93.139408][ T5102] REISERFS (device loop5): checking transaction log (loop5) [ 93.147345][ T5105] loop4: detected capacity change from 0 to 8192 [ 93.155350][ T5099] REISERFS (device loop1): Using r5 hash to sort names [ 93.162533][ T5099] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5006] close(3 [pid 5099] <... mount resumed>) = 0 [pid 5098] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5006] <... close resumed>) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5109 [pid 5099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5098] <... openat resumed>) = 4 [pid 5099] <... openat resumed>) = 3 [pid 5098] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5099] chdir("./file0" [pid 5098] <... mmap resumed>) = 0x20000000 [pid 5099] <... chdir resumed>) = 0 [pid 5098] ioctl(4, FS_IOC_GETVERSION./strace-static-x86_64: Process 5109 attached [pid 5099] ioctl(4, LOOP_CLR_FD [pid 5098] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5109] chdir("./7" [pid 5099] <... ioctl resumed>) = 0 [pid 5098] exit_group(0 [pid 5109] <... chdir resumed>) = 0 [pid 5099] close(4 [pid 5098] <... exit_group resumed>) = ? [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5099] <... close resumed>) = 0 [pid 5109] <... prctl resumed>) = 0 [pid 5109] setpgid(0, 0 [pid 5098] +++ exited with 0 +++ [pid 5109] <... setpgid resumed>) = 0 [pid 5099] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5109] <... openat resumed>) = 3 [pid 5099] <... openat resumed>) = 4 [ 93.192981][ T5105] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5005] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] write(3, "1000", 4 [pid 5107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5099] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] <... write resumed>) = 4 [pid 5005] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] close(3 [pid 5005] <... openat resumed>) = 3 [pid 5109] <... close resumed>) = 0 [pid 5005] fstat(3, [pid 5109] symlink("/dev/binderfs", "./binderfs" [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5109] <... symlink resumed>) = 0 [pid 5005] getdents64(3, [pid 5109] memfd_create("syzkaller", 0 [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5109] <... memfd_create resumed>) = 3 [pid 5099] <... mmap resumed>) = 0x20000000 [pid 5005] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5099] ioctl(4, FS_IOC_GETVERSION [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] <... mmap resumed>) = 0x7f091d53c000 [pid 5099] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5005] lstat("./7/binderfs", [pid 5099] exit_group(0 [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5099] <... exit_group resumed>) = ? [pid 5005] unlink("./7/binderfs") = 0 [pid 5005] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5099] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5004] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 93.242535][ T5105] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5004] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./7/binderfs") = 0 [ 93.318686][ T5105] REISERFS (device loop4): using ordered data mode [ 93.329921][ T5102] REISERFS (device loop5): Using r5 hash to sort names [ 93.336728][ T5105] reiserfs: using flush barriers [pid 5004] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5004] <... umount2 resumed>) = 0 [pid 5102] <... mount resumed>) = 0 [pid 5004] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5102] <... openat resumed>) = 3 [pid 5004] lstat("./7/file0", [pid 5102] chdir("./file0" [ 93.365430][ T5102] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 93.378433][ T5105] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5102] <... chdir resumed>) = 0 [pid 5004] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5102] ioctl(4, LOOP_CLR_FD [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5102] <... ioctl resumed>) = 0 [pid 5004] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5102] close(4) = 0 [pid 5004] <... openat resumed>) = 4 [pid 5102] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5004] fstat(4, [pid 5102] <... openat resumed>) = 4 [pid 5102] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5107] <... write resumed>) = 4194304 [pid 5102] <... mmap resumed>) = 0x20000000 [pid 5004] getdents64(4, [pid 5102] ioctl(4, FS_IOC_GETVERSION [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5102] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5004] getdents64(4, [pid 5102] exit_group(0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5102] <... exit_group resumed>) = ? [pid 5004] close(4 [pid 5102] +++ exited with 0 +++ [pid 5004] <... close resumed>) = 0 [pid 5004] rmdir("./7/file0" [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- [pid 5107] munmap(0x7f091d53c000, 4194304 [pid 5004] <... rmdir resumed>) = 0 [pid 5008] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3 [pid 5008] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... close resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] rmdir("./7" [pid 5008] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] <... rmdir resumed>) = 0 [pid 5008] fstat(3, [pid 5004] mkdir("./8", 0777 [pid 5107] <... munmap resumed>) = 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5004] <... mkdir resumed>) = 0 [pid 5107] <... openat resumed>) = 4 [pid 5008] getdents64(3, [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5107] ioctl(4, LOOP_SET_FD, 3 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./7/binderfs" [pid 5107] <... ioctl resumed>) = 0 [pid 5008] <... unlink resumed>) = 0 [pid 5107] close(3 [pid 5008] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... close resumed>) = 0 [pid 5107] mkdir("./file0", 0777) = 0 [ 93.498341][ T5107] loop0: detected capacity change from 0 to 8192 [ 93.504300][ T5105] REISERFS (device loop4): checking transaction log (loop4) [pid 5107] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5004] <... openat resumed>) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5111 ./strace-static-x86_64: Process 5111 attached [pid 5111] chdir("./8" [pid 5005] <... umount2 resumed>) = 0 [pid 5111] <... chdir resumed>) = 0 [pid 5005] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./7/file0", [pid 5111] <... prctl resumed>) = 0 [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 93.544446][ T5107] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5005] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] setpgid(0, 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, [pid 5111] <... setpgid resumed>) = 0 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5111] <... openat resumed>) = 3 [pid 5005] close(4) = 0 [pid 5005] rmdir("./7/file0" [pid 5111] write(3, "1000", 4 [pid 5109] <... write resumed>) = 4194304 [pid 5005] <... rmdir resumed>) = 0 [pid 5111] <... write resumed>) = 4 [pid 5109] munmap(0x7f091d53c000, 4194304 [pid 5111] close(3 [pid 5005] getdents64(3, [pid 5111] <... close resumed>) = 0 [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3 [pid 5111] symlink("/dev/binderfs", "./binderfs" [pid 5109] <... munmap resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5111] <... symlink resumed>) = 0 [pid 5005] rmdir("./7" [pid 5111] memfd_create("syzkaller", 0 [pid 5109] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5005] <... rmdir resumed>) = 0 [pid 5111] <... memfd_create resumed>) = 3 [pid 5109] <... openat resumed>) = 4 [pid 5005] mkdir("./8", 0777 [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 93.595553][ T5107] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.605653][ T5107] REISERFS (device loop0): using ordered data mode [ 93.612271][ T5107] reiserfs: using flush barriers [ 93.625137][ T5107] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5109] ioctl(4, LOOP_SET_FD, 3 [pid 5005] <... mkdir resumed>) = 0 [pid 5111] <... mmap resumed>) = 0x7f091d53c000 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5005] close(3) = 0 [ 93.671370][ T5109] loop3: detected capacity change from 0 to 8192 [ 93.677656][ T5107] REISERFS (device loop0): checking transaction log (loop0) [ 93.706174][ T5105] REISERFS (device loop4): Using r5 hash to sort names [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5112 ./strace-static-x86_64: Process 5112 attached [pid 5112] chdir("./8") = 0 [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5112] setpgid(0, 0) = 0 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5112] write(3, "1000", 4) = 4 [pid 5112] close(3) = 0 [pid 5109] <... ioctl resumed>) = 0 [pid 5112] symlink("/dev/binderfs", "./binderfs" [pid 5109] close(3 [pid 5112] <... symlink resumed>) = 0 [pid 5112] memfd_create("syzkaller", 0 [pid 5109] <... close resumed>) = 0 [pid 5112] <... memfd_create resumed>) = 3 [pid 5109] mkdir("./file0", 0777 [pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5109] <... mkdir resumed>) = 0 [pid 5112] <... mmap resumed>) = 0x7f091d53c000 [ 93.713383][ T5105] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5109] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5105] <... mount resumed>) = 0 [pid 5105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5105] chdir("./file0") = 0 [pid 5105] ioctl(4, LOOP_CLR_FD) = 0 [pid 5105] close(4) = 0 [ 93.747261][ T5109] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5105] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5105] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5111] <... write resumed>) = 4194304 [pid 5105] <... mmap resumed>) = 0x20000000 [pid 5105] ioctl(4, FS_IOC_GETVERSION [pid 5111] munmap(0x7f091d53c000, 4194304) = 0 [pid 5105] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5105] exit_group(0) = ? [pid 5111] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5111] <... openat resumed>) = 4 [pid 5105] +++ exited with 0 +++ [pid 5111] ioctl(4, LOOP_SET_FD, 3 [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [ 93.824862][ T5109] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 93.834641][ T5109] REISERFS (device loop3): using ordered data mode [ 93.841701][ T5109] reiserfs: using flush barriers [ 93.851727][ T5109] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5007] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5007] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 93.870433][ T5111] loop1: detected capacity change from 0 to 8192 [pid 5007] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./7/binderfs") = 0 [pid 5007] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5112] <... write resumed>) = 4194304 [pid 5112] munmap(0x7f091d53c000, 4194304 [pid 5111] <... ioctl resumed>) = 0 [pid 5111] close(3) = 0 [pid 5111] mkdir("./file0", 0777) = 0 [pid 5112] <... munmap resumed>) = 0 [pid 5111] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [ 93.942181][ T5109] REISERFS (device loop3): checking transaction log (loop3) [ 93.974010][ T5111] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5112] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5112] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5112] close(3) = 0 [pid 5112] mkdir("./file0", 0777 [pid 5008] <... umount2 resumed>) = 0 [ 93.994566][ T5107] REISERFS (device loop0): Using r5 hash to sort names [ 94.001759][ T5107] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 94.014877][ T5112] loop2: detected capacity change from 0 to 8192 [ 94.031367][ T5111] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5112] <... mkdir resumed>) = 0 [pid 5008] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5112] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] <... mount resumed>) = 0 [pid 5008] lstat("./7/file0", [pid 5007] <... umount2 resumed>) = 0 [pid 5107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5008] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... openat resumed>) = 3 [pid 5008] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] chdir("./file0" [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./7/file0", [pid 5107] <... chdir resumed>) = 0 [pid 5008] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5107] ioctl(4, LOOP_CLR_FD [pid 5008] <... openat resumed>) = 4 [pid 5007] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... ioctl resumed>) = 0 [pid 5008] fstat(4, [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 94.042034][ T5111] REISERFS (device loop1): using ordered data mode [ 94.049308][ T5111] reiserfs: using flush barriers [ 94.056612][ T5112] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.074343][ T5111] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5107] close(4 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5107] <... close resumed>) = 0 [pid 5008] getdents64(4, [pid 5007] <... openat resumed>) = 4 [pid 5107] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5008] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] fstat(4, [pid 5107] <... openat resumed>) = 4 [pid 5008] getdents64(4, [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5107] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] getdents64(4, [pid 5107] <... mmap resumed>) = 0x20000000 [pid 5008] close(4 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5107] ioctl(4, FS_IOC_GETVERSION [pid 5008] <... close resumed>) = 0 [pid 5007] getdents64(4, [pid 5107] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5008] rmdir("./7/file0" [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5107] exit_group(0 [pid 5008] <... rmdir resumed>) = 0 [pid 5007] close(4 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./7" [pid 5107] <... exit_group resumed>) = ? [pid 5008] <... rmdir resumed>) = 0 [pid 5007] <... close resumed>) = 0 [pid 5107] +++ exited with 0 +++ [pid 5007] rmdir("./7/file0" [pid 5109] <... mount resumed>) = 0 [pid 5008] mkdir("./8", 0777 [pid 5007] <... rmdir resumed>) = 0 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=24 /* 0.24 s */} --- [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./7" [pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5008] <... mkdir resumed>) = 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5109] <... openat resumed>) = 3 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5007] mkdir("./8", 0777) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5008] <... openat resumed>) = 3 [pid 5007] <... openat resumed>) = 3 [pid 5109] chdir("./file0" [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5109] <... chdir resumed>) = 0 [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5003] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5116 [pid 5109] ioctl(4, LOOP_CLR_FD [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 94.147214][ T5112] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 94.151686][ T5109] REISERFS (device loop3): Using r5 hash to sort names [ 94.163813][ T5109] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 94.174862][ T5112] REISERFS (device loop2): using ordered data mode [ 94.182804][ T5112] reiserfs: using flush barriers [pid 5008] close(3 [pid 5003] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] <... ioctl resumed>) = 0 [pid 5008] <... close resumed>) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] fstat(3, ./strace-static-x86_64: Process 5117 attached ./strace-static-x86_64: Process 5116 attached [pid 5109] close(4 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5117 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] chdir("./8" [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5117] <... chdir resumed>) = 0 [pid 5116] chdir("./8" [pid 5109] <... close resumed>) = 0 [pid 5003] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5003] unlink("./7/binderfs" [pid 5117] <... prctl resumed>) = 0 [pid 5116] <... chdir resumed>) = 0 [pid 5109] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5003] <... unlink resumed>) = 0 [pid 5003] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] setpgid(0, 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5117] <... setpgid resumed>) = 0 [pid 5116] <... prctl resumed>) = 0 [pid 5109] <... openat resumed>) = 4 [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5116] setpgid(0, 0 [pid 5109] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5117] <... openat resumed>) = 3 [pid 5116] <... setpgid resumed>) = 0 [pid 5117] write(3, "1000", 4 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5109] <... mmap resumed>) = 0x20000000 [pid 5117] <... write resumed>) = 4 [pid 5116] <... openat resumed>) = 3 [ 94.195517][ T5111] REISERFS (device loop1): checking transaction log (loop1) [ 94.212202][ T5112] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5109] ioctl(4, FS_IOC_GETVERSION [pid 5117] close(3 [pid 5116] write(3, "1000", 4 [pid 5109] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5117] <... close resumed>) = 0 [pid 5116] <... write resumed>) = 4 [pid 5109] exit_group(0 [pid 5116] close(3 [pid 5117] symlink("/dev/binderfs", "./binderfs" [pid 5109] <... exit_group resumed>) = ? [pid 5117] <... symlink resumed>) = 0 [pid 5116] <... close resumed>) = 0 [pid 5109] +++ exited with 0 +++ [pid 5117] memfd_create("syzkaller", 0 [pid 5116] symlink("/dev/binderfs", "./binderfs" [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5117] <... memfd_create resumed>) = 3 [pid 5116] <... symlink resumed>) = 0 [pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5116] memfd_create("syzkaller", 0 [pid 5006] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] <... mmap resumed>) = 0x7f091d53c000 [pid 5116] <... memfd_create resumed>) = 3 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5006] unlink("./7/binderfs") = 0 [pid 5116] <... mmap resumed>) = 0x7f091d53c000 [ 94.306930][ T5112] REISERFS (device loop2): checking transaction log (loop2) [pid 5006] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5117] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5111] <... mount resumed>) = 0 [ 94.382432][ T5111] REISERFS (device loop1): Using r5 hash to sort names [ 94.402917][ T5111] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5111] chdir("./file0") = 0 [pid 5111] ioctl(4, LOOP_CLR_FD) = 0 [pid 5111] close(4) = 0 [pid 5111] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5111] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5111] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5111] exit_group(0) = ? [pid 5111] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5004] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5004] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... umount2 resumed>) = 0 [pid 5004] getdents64(3, [pid 5003] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./7/file0", [pid 5004] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] unlink("./8/binderfs") = 0 [pid 5003] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./7/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./7") = 0 [pid 5003] mkdir("./8", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5118 [pid 5006] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5118 attached [pid 5118] chdir("./8") = 0 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5118] setpgid(0, 0) = 0 [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5118] write(3, "1000", 4) = 4 [pid 5118] close(3) = 0 [pid 5118] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5118] memfd_create("syzkaller", 0) = 3 [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5006] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, [pid 5116] <... write resumed>) = 4194304 [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5117] <... write resumed>) = 4194304 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5117] munmap(0x7f091d53c000, 4194304 [pid 5116] munmap(0x7f091d53c000, 4194304 [pid 5006] close(4) = 0 [pid 5006] rmdir("./7/file0" [pid 5117] <... munmap resumed>) = 0 [pid 5116] <... munmap resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5117] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5116] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5006] getdents64(3, [pid 5117] <... openat resumed>) = 4 [pid 5116] <... openat resumed>) = 4 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5117] ioctl(4, LOOP_SET_FD, 3 [pid 5116] ioctl(4, LOOP_SET_FD, 3 [pid 5006] close(3) = 0 [pid 5006] rmdir("./7") = 0 [pid 5006] mkdir("./8", 0777) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5119 ./strace-static-x86_64: Process 5119 attached [pid 5116] <... ioctl resumed>) = 0 [pid 5119] chdir("./8") = 0 [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5119] setpgid(0, 0) = 0 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5117] <... ioctl resumed>) = 0 [pid 5116] close(3 [pid 5119] write(3, "1000", 4 [pid 5117] close(3 [pid 5116] <... close resumed>) = 0 [pid 5117] <... close resumed>) = 0 [pid 5116] mkdir("./file0", 0777 [pid 5119] <... write resumed>) = 4 [pid 5117] mkdir("./file0", 0777 [pid 5119] close(3 [pid 5117] <... mkdir resumed>) = 0 [pid 5116] <... mkdir resumed>) = 0 [pid 5119] <... close resumed>) = 0 [pid 5117] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5116] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5119] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5119] memfd_create("syzkaller", 0) = 3 [pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 94.687747][ T5112] REISERFS (device loop2): Using r5 hash to sort names [ 94.697944][ T5117] loop5: detected capacity change from 0 to 8192 [ 94.704820][ T5116] loop4: detected capacity change from 0 to 8192 [ 94.719934][ T5112] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5112] <... mount resumed>) = 0 [pid 5112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5112] chdir("./file0") = 0 [pid 5112] ioctl(4, LOOP_CLR_FD) = 0 [pid 5112] close(4) = 0 [pid 5112] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5112] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5112] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5112] exit_group(0 [pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5112] <... exit_group resumed>) = ? [pid 5112] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5005] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5005] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [ 94.755296][ T5116] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.778719][ T5117] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5005] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... umount2 resumed>) = 0 [pid 5005] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./8/binderfs") = 0 [pid 5005] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 94.832272][ T5116] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 94.836353][ T5117] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 94.856021][ T5117] REISERFS (device loop5): using ordered data mode [pid 5004] lstat("./8/file0", [pid 5119] <... write resumed>) = 4194304 [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5004] fstat(4, [pid 5119] munmap(0x7f091d53c000, 4194304 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5119] <... munmap resumed>) = 0 [pid 5004] getdents64(4, [pid 5119] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [ 94.892941][ T5116] REISERFS (device loop4): using ordered data mode [ 94.900574][ T5116] reiserfs: using flush barriers [ 94.908768][ T5117] reiserfs: using flush barriers [ 94.914512][ T5116] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5119] <... openat resumed>) = 4 [pid 5118] <... write resumed>) = 4194304 [pid 5119] ioctl(4, LOOP_SET_FD, 3 [pid 5118] munmap(0x7f091d53c000, 4194304) = 0 [pid 5004] close(4 [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5004] <... close resumed>) = 0 [ 94.936689][ T5116] REISERFS (device loop4): checking transaction log (loop4) [ 94.937833][ T5117] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.951165][ T5119] loop3: detected capacity change from 0 to 8192 [ 94.963596][ T5117] REISERFS (device loop5): checking transaction log (loop5) [pid 5118] ioctl(4, LOOP_SET_FD, 3 [pid 5004] rmdir("./8/file0" [pid 5118] <... ioctl resumed>) = 0 [pid 5118] close(3) = 0 [pid 5118] mkdir("./file0", 0777) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5118] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./8") = 0 [pid 5004] mkdir("./9", 0777) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5123 [pid 5119] <... ioctl resumed>) = 0 [pid 5119] close(3) = 0 [pid 5119] mkdir("./file0", 0777) = 0 [ 94.988722][ T5118] loop0: detected capacity change from 0 to 8192 [ 95.002636][ T5118] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5119] mount("/dev/loop3", "./file0", "reiserfs", 0, ""./strace-static-x86_64: Process 5123 attached [pid 5123] chdir("./9") = 0 [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 95.033916][ T5118] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.043370][ T5118] REISERFS (device loop0): using ordered data mode [ 95.050178][ T5118] reiserfs: using flush barriers [ 95.050755][ T5119] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5123] setpgid(0, 0) = 0 [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5005] <... umount2 resumed>) = 0 [pid 5123] write(3, "1000", 4 [pid 5005] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] <... write resumed>) = 4 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5123] close(3 [pid 5005] lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5123] <... close resumed>) = 0 [pid 5123] symlink("/dev/binderfs", "./binderfs" [pid 5005] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] <... symlink resumed>) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5123] memfd_create("syzkaller", 0 [pid 5005] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5123] <... memfd_create resumed>) = 3 [pid 5005] close(4 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5005] <... close resumed>) = 0 [ 95.069250][ T5118] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.098909][ T5118] REISERFS (device loop0): checking transaction log (loop0) [ 95.114190][ T5119] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 95.123611][ T5119] REISERFS (device loop3): using ordered data mode [pid 5123] <... mmap resumed>) = 0x7f091d53c000 [pid 5005] rmdir("./8/file0") = 0 [ 95.130548][ T5119] reiserfs: using flush barriers [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./8") = 0 [pid 5005] mkdir("./9", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5125 [ 95.155988][ T5119] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.179073][ T5119] REISERFS (device loop3): checking transaction log (loop3) ./strace-static-x86_64: Process 5125 attached [pid 5125] chdir("./9") = 0 [pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5125] setpgid(0, 0) = 0 [pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5125] write(3, "1000", 4) = 4 [pid 5125] close(3) = 0 [pid 5125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5125] memfd_create("syzkaller", 0) = 3 [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5118] <... mount resumed>) = 0 [pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5116] <... mount resumed>) = 0 [ 95.286237][ T5118] REISERFS (device loop0): Using r5 hash to sort names [ 95.293468][ T5118] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 95.315444][ T5116] REISERFS (device loop4): Using r5 hash to sort names [ 95.322667][ T5116] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5118] chdir("./file0") = 0 [pid 5116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5118] ioctl(4, LOOP_CLR_FD [pid 5116] <... openat resumed>) = 3 [pid 5118] <... ioctl resumed>) = 0 [pid 5116] chdir("./file0" [pid 5118] close(4 [pid 5116] <... chdir resumed>) = 0 [pid 5118] <... close resumed>) = 0 [pid 5118] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5116] ioctl(4, LOOP_CLR_FD [pid 5118] <... openat resumed>) = 4 [pid 5116] <... ioctl resumed>) = 0 [pid 5118] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5116] close(4 [pid 5118] <... mmap resumed>) = 0x20000000 [pid 5116] <... close resumed>) = 0 [pid 5118] ioctl(4, FS_IOC_GETVERSION [pid 5116] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5118] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5118] exit_group(0 [pid 5116] <... openat resumed>) = 4 [pid 5118] <... exit_group resumed>) = ? [pid 5116] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5118] +++ exited with 0 +++ [pid 5116] <... mmap resumed>) = 0x20000000 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5003] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5116] ioctl(4, FS_IOC_GETVERSION [pid 5003] <... openat resumed>) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5116] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5116] exit_group(0 [pid 5003] lstat("./8/binderfs", [pid 5116] <... exit_group resumed>) = ? [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5116] +++ exited with 0 +++ [pid 5003] unlink("./8/binderfs" [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5003] <... unlink resumed>) = 0 [pid 5003] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5119] <... mount resumed>) = 0 [pid 5007] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 95.391584][ T5119] REISERFS (device loop3): Using r5 hash to sort names [ 95.424744][ T5119] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5007] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5119] <... openat resumed>) = 3 [pid 5007] <... openat resumed>) = 3 [pid 5119] chdir("./file0" [pid 5007] fstat(3, [pid 5119] <... chdir resumed>) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5119] ioctl(4, LOOP_CLR_FD [pid 5007] getdents64(3, [pid 5119] <... ioctl resumed>) = 0 [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5119] close(4 [pid 5007] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5119] <... close resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./8/binderfs") = 0 [ 95.470461][ T5117] REISERFS (device loop5): Using r5 hash to sort names [pid 5007] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5119] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5119] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5119] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5119] exit_group(0) = ? [pid 5119] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5006] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5006] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./8/binderfs") = 0 [ 95.513163][ T5117] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5006] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] <... write resumed>) = 4194304 [pid 5125] munmap(0x7f091d53c000, 4194304) = 0 [pid 5125] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5117] <... mount resumed>) = 0 [pid 5125] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5125] close(3 [pid 5117] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5125] <... close resumed>) = 0 [pid 5123] <... write resumed>) = 4194304 [pid 5117] <... openat resumed>) = 3 [pid 5125] mkdir("./file0", 0777) = 0 [pid 5117] chdir("./file0" [pid 5125] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5117] <... chdir resumed>) = 0 [pid 5117] ioctl(4, LOOP_CLR_FD [pid 5123] munmap(0x7f091d53c000, 4194304 [pid 5117] <... ioctl resumed>) = 0 [pid 5117] close(4) = 0 [pid 5123] <... munmap resumed>) = 0 [pid 5123] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 95.594649][ T5125] loop2: detected capacity change from 0 to 8192 [pid 5123] ioctl(4, LOOP_SET_FD, 3 [pid 5117] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5117] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5123] <... ioctl resumed>) = 0 [pid 5123] close(3) = 0 [pid 5117] <... mmap resumed>) = 0x20000000 [pid 5117] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5117] exit_group(0) = ? [pid 5006] <... umount2 resumed>) = 0 [pid 5006] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] +++ exited with 0 +++ [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5008] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] fstat(3, [pid 5006] lstat("./8/file0", [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(3, [pid 5006] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = 0 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] lstat("./8/binderfs", [pid 5006] <... openat resumed>) = 4 [pid 5008] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] fstat(4, [pid 5008] unlink("./8/binderfs" [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5123] mkdir("./file0", 0777 [pid 5008] <... unlink resumed>) = 0 [ 95.634954][ T5125] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.651906][ T5123] loop1: detected capacity change from 0 to 8192 [pid 5006] getdents64(4, [pid 5123] <... mkdir resumed>) = 0 [pid 5008] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5123] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] close(4) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] rmdir("./8/file0" [pid 5003] lstat("./8/file0", [pid 5006] <... rmdir resumed>) = 0 [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, [pid 5003] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [ 95.698921][ T5125] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 95.727764][ T5123] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5006] close(3 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... close resumed>) = 0 [pid 5003] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] rmdir("./8") = 0 [pid 5006] mkdir("./9", 0777 [pid 5003] <... openat resumed>) = 4 [pid 5006] <... mkdir resumed>) = 0 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5003] getdents64(4, [pid 5006] <... openat resumed>) = 3 [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5003] close(4 [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5003] <... close resumed>) = 0 [pid 5006] close(3 [pid 5003] rmdir("./8/file0" [pid 5006] <... close resumed>) = 0 [pid 5003] <... rmdir resumed>) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5128 [pid 5003] close(3) = 0 [pid 5003] rmdir("./8") = 0 ./strace-static-x86_64: Process 5128 attached [pid 5003] mkdir("./9", 0777 [pid 5128] chdir("./9" [pid 5003] <... mkdir resumed>) = 0 [pid 5128] <... chdir resumed>) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5003] <... openat resumed>) = 3 [pid 5128] <... prctl resumed>) = 0 [pid 5003] ioctl(3, LOOP_CLR_FD [ 95.754328][ T5125] REISERFS (device loop2): using ordered data mode [ 95.760957][ T5125] reiserfs: using flush barriers [ 95.767778][ T5125] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.784830][ T5125] REISERFS (device loop2): checking transaction log (loop2) [pid 5128] setpgid(0, 0 [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5128] <... setpgid resumed>) = 0 [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5129 ./strace-static-x86_64: Process 5129 attached [pid 5129] chdir("./9") = 0 [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5129] setpgid(0, 0) = 0 [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5128] <... openat resumed>) = 3 [pid 5125] <... mount resumed>) = 0 [pid 5129] <... openat resumed>) = 3 [pid 5129] write(3, "1000", 4) = 4 [pid 5128] write(3, "1000", 4 [ 95.842992][ T5123] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 95.854152][ T5125] REISERFS (device loop2): Using r5 hash to sort names [ 95.861519][ T5125] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 95.871690][ T5123] REISERFS (device loop1): using ordered data mode [ 95.878821][ T5123] reiserfs: using flush barriers [pid 5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5129] close(3) = 0 [pid 5128] <... write resumed>) = 4 [pid 5125] <... openat resumed>) = 3 [pid 5129] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5129] memfd_create("syzkaller", 0 [pid 5128] close(3 [pid 5125] chdir("./file0" [pid 5129] <... memfd_create resumed>) = 3 [pid 5128] <... close resumed>) = 0 [pid 5125] <... chdir resumed>) = 0 [pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5128] symlink("/dev/binderfs", "./binderfs" [pid 5125] ioctl(4, LOOP_CLR_FD [pid 5129] <... mmap resumed>) = 0x7f091d53c000 [pid 5128] <... symlink resumed>) = 0 [pid 5125] <... ioctl resumed>) = 0 [pid 5007] <... umount2 resumed>) = 0 [pid 5128] memfd_create("syzkaller", 0 [pid 5125] close(4 [pid 5128] <... memfd_create resumed>) = 3 [pid 5125] <... close resumed>) = 0 [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5125] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5128] <... mmap resumed>) = 0x7f091d53c000 [pid 5125] <... openat resumed>) = 4 [pid 5007] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5125] exit_group(0 [ 95.885433][ T5123] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.902584][ T5123] REISERFS (device loop1): checking transaction log (loop1) [pid 5007] lstat("./8/file0", [pid 5125] <... exit_group resumed>) = ? [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] +++ exited with 0 +++ [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5007] <... openat resumed>) = 4 [pid 5005] restart_syscall(<... resuming interrupted clone ...> [pid 5007] fstat(4, [pid 5005] <... restart_syscall resumed>) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] getdents64(4, [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] close(4 [pid 5005] <... openat resumed>) = 3 [pid 5007] <... close resumed>) = 0 [pid 5005] fstat(3, [pid 5007] rmdir("./8/file0" [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5005] getdents64(3, [pid 5007] getdents64(3, [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] close(3 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... close resumed>) = 0 [pid 5005] lstat("./9/binderfs", [pid 5007] rmdir("./8" [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5005] unlink("./9/binderfs" [pid 5007] mkdir("./9", 0777 [pid 5005] <... unlink resumed>) = 0 [pid 5007] <... mkdir resumed>) = 0 [pid 5005] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5130 ./strace-static-x86_64: Process 5130 attached [pid 5130] chdir("./9") = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5130] setpgid(0, 0) = 0 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5130] write(3, "1000", 4) = 4 [pid 5130] close(3) = 0 [pid 5130] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5130] memfd_create("syzkaller", 0) = 3 [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5130] <... mmap resumed>) = 0x7f091d53c000 [pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./8/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./8") = 0 [pid 5008] mkdir("./9", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5131 attached , child_tidptr=0x5555563ff5d0) = 5131 [pid 5131] chdir("./9") = 0 [pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5131] setpgid(0, 0) = 0 [pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5131] <... openat resumed>) = 3 [pid 5131] write(3, "1000", 4) = 4 [pid 5131] close(3) = 0 [pid 5131] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5131] memfd_create("syzkaller", 0) = 3 [pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5123] <... mount resumed>) = 0 [pid 5123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5129] <... write resumed>) = 4194304 [pid 5128] <... write resumed>) = 4194304 [pid 5123] chdir("./file0" [pid 5129] munmap(0x7f091d53c000, 4194304 [pid 5128] munmap(0x7f091d53c000, 4194304 [pid 5123] <... chdir resumed>) = 0 [pid 5129] <... munmap resumed>) = 0 [pid 5129] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5128] <... munmap resumed>) = 0 [pid 5123] ioctl(4, LOOP_CLR_FD [ 96.215266][ T5123] REISERFS (device loop1): Using r5 hash to sort names [ 96.222968][ T5123] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5129] <... openat resumed>) = 4 [pid 5128] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5123] <... ioctl resumed>) = 0 [pid 5129] ioctl(4, LOOP_SET_FD, 3 [pid 5128] <... openat resumed>) = 4 [pid 5123] close(4 [pid 5128] ioctl(4, LOOP_SET_FD, 3 [pid 5123] <... close resumed>) = 0 [pid 5129] <... ioctl resumed>) = 0 [pid 5128] <... ioctl resumed>) = 0 [pid 5123] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5129] close(3 [pid 5128] close(3 [pid 5123] <... openat resumed>) = 4 [pid 5129] <... close resumed>) = 0 [pid 5128] <... close resumed>) = 0 [pid 5123] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5129] mkdir("./file0", 0777 [pid 5128] mkdir("./file0", 0777 [pid 5129] <... mkdir resumed>) = 0 [pid 5123] <... mmap resumed>) = 0x20000000 [pid 5129] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5128] <... mkdir resumed>) = 0 [pid 5123] ioctl(4, FS_IOC_GETVERSION [pid 5128] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5123] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 96.289280][ T5129] loop0: detected capacity change from 0 to 8192 [ 96.305233][ T5128] loop3: detected capacity change from 0 to 8192 [pid 5130] <... write resumed>) = 4194304 [pid 5123] exit_group(0 [pid 5130] munmap(0x7f091d53c000, 4194304 [pid 5123] <... exit_group resumed>) = ? [pid 5130] <... munmap resumed>) = 0 [pid 5123] +++ exited with 0 +++ [ 96.335807][ T5128] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.349621][ T5129] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.367680][ T5128] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 96.377076][ T5128] REISERFS (device loop3): using ordered data mode [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=26 /* 0.26 s */} --- [pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5130] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5005] <... umount2 resumed>) = 0 [pid 5130] <... openat resumed>) = 4 [pid 5005] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5130] ioctl(4, LOOP_SET_FD, 3 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./9/file0", [pid 5004] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5130] <... ioctl resumed>) = 0 [pid 5005] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 96.380678][ T5129] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.383590][ T5128] reiserfs: using flush barriers [ 96.398791][ T5128] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.420093][ T5130] loop4: detected capacity change from 0 to 8192 [pid 5004] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5131] <... write resumed>) = 4194304 [pid 5130] close(3 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... openat resumed>) = 3 [pid 5130] <... close resumed>) = 0 [pid 5004] fstat(3, [pid 5130] mkdir("./file0", 0777 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5131] munmap(0x7f091d53c000, 4194304 [pid 5130] <... mkdir resumed>) = 0 [pid 5005] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] getdents64(3, [pid 5131] <... munmap resumed>) = 0 [pid 5005] <... openat resumed>) = 4 [pid 5131] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5005] fstat(4, [pid 5131] <... openat resumed>) = 4 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5131] ioctl(4, LOOP_SET_FD, 3 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] getdents64(4, [pid 5004] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... close resumed>) = 0 [pid 5005] rmdir("./9/file0" [pid 5004] lstat("./9/binderfs", [pid 5130] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5005] <... rmdir resumed>) = 0 [pid 5005] getdents64(3, [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] unlink("./9/binderfs" [pid 5005] close(3) = 0 [pid 5005] rmdir("./9" [pid 5004] <... unlink resumed>) = 0 [ 96.437345][ T5129] REISERFS (device loop0): using ordered data mode [ 96.444073][ T5129] reiserfs: using flush barriers [ 96.450684][ T5129] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.450749][ T5128] REISERFS (device loop3): checking transaction log (loop3) [ 96.463259][ T5131] loop5: detected capacity change from 0 to 8192 [pid 5005] <... rmdir resumed>) = 0 [pid 5004] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5131] <... ioctl resumed>) = 0 [pid 5131] close(3 [pid 5005] mkdir("./10", 0777 [pid 5131] <... close resumed>) = 0 [pid 5005] <... mkdir resumed>) = 0 [pid 5131] mkdir("./file0", 0777 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5131] <... mkdir resumed>) = 0 [pid 5005] <... openat resumed>) = 3 [pid 5131] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5136 [ 96.486605][ T5129] REISERFS (device loop0): checking transaction log (loop0) [ 96.505493][ T5130] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.522908][ T5131] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 ./strace-static-x86_64: Process 5136 attached [pid 5136] chdir("./10") = 0 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [ 96.536868][ T5131] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 96.547399][ T5131] REISERFS (device loop5): using ordered data mode [ 96.555159][ T5131] reiserfs: using flush barriers [ 96.572973][ T5130] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5136] memfd_create("syzkaller", 0) = 3 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 96.573871][ T5131] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.583442][ T5130] REISERFS (device loop4): using ordered data mode [ 96.606229][ T5130] reiserfs: using flush barriers [ 96.614392][ T5131] REISERFS (device loop5): checking transaction log (loop5) [ 96.631663][ T5130] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.690823][ T5130] REISERFS (device loop4): checking transaction log (loop4) [ 96.845150][ T5131] REISERFS (device loop5): Using r5 hash to sort names [ 96.852389][ T5131] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 96.880195][ T5128] REISERFS (device loop3): Using r5 hash to sort names [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5131] <... mount resumed>) = 0 [pid 5131] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5131] chdir("./file0") = 0 [pid 5131] ioctl(4, LOOP_CLR_FD) = 0 [pid 5131] close(4) = 0 [pid 5129] <... mount resumed>) = 0 [pid 5128] <... mount resumed>) = 0 [pid 5004] <... umount2 resumed>) = 0 [pid 5131] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5129] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5004] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] <... write resumed>) = 4194304 [pid 5131] <... openat resumed>) = 4 [pid 5129] <... openat resumed>) = 3 [pid 5128] <... openat resumed>) = 3 [pid 5136] munmap(0x7f091d53c000, 4194304 [pid 5131] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5129] chdir("./file0" [pid 5128] chdir("./file0" [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5131] <... mmap resumed>) = 0x20000000 [pid 5131] ioctl(4, FS_IOC_GETVERSION [pid 5129] <... chdir resumed>) = 0 [pid 5128] <... chdir resumed>) = 0 [pid 5004] lstat("./9/file0", [pid 5136] <... munmap resumed>) = 0 [pid 5131] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5129] ioctl(4, LOOP_CLR_FD [pid 5128] ioctl(4, LOOP_CLR_FD [pid 5136] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5131] exit_group(0 [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5136] <... openat resumed>) = 4 [pid 5131] <... exit_group resumed>) = ? [ 96.903966][ T5129] REISERFS (device loop0): Using r5 hash to sort names [ 96.912127][ T5129] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 96.928912][ T5128] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5129] <... ioctl resumed>) = 0 [pid 5128] <... ioctl resumed>) = 0 [pid 5004] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] ioctl(4, LOOP_SET_FD, 3 [pid 5131] +++ exited with 0 +++ [pid 5129] close(4) = 0 [pid 5128] close(4 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5129] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5129] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5129] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5136] <... ioctl resumed>) = 0 [pid 5129] exit_group(0) = ? [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=14 /* 0.14 s */} --- [pid 5004] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5136] close(3 [pid 5130] <... mount resumed>) = 0 [pid 5129] +++ exited with 0 +++ [pid 5128] <... close resumed>) = 0 [pid 5008] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] <... close resumed>) = 0 [pid 5130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5128] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... openat resumed>) = 4 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5136] mkdir("./file0", 0777 [pid 5130] <... openat resumed>) = 3 [pid 5128] <... openat resumed>) = 4 [pid 5008] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] fstat(4, [pid 5136] <... mkdir resumed>) = 0 [pid 5130] chdir("./file0" [pid 5128] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] <... openat resumed>) = 3 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5136] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5130] <... chdir resumed>) = 0 [pid 5128] <... mmap resumed>) = 0x20000000 [pid 5008] fstat(3, [pid 5004] getdents64(4, [pid 5003] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5130] ioctl(4, LOOP_CLR_FD [pid 5128] ioctl(4, FS_IOC_GETVERSION [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5130] <... ioctl resumed>) = 0 [pid 5128] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 96.976206][ T5130] REISERFS (device loop4): Using r5 hash to sort names [ 96.985031][ T5130] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 96.994483][ T5136] loop2: detected capacity change from 0 to 8192 [pid 5008] getdents64(3, [pid 5004] getdents64(4, [pid 5003] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5130] close(4 [pid 5128] exit_group(0 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5130] <... close resumed>) = 0 [pid 5128] <... exit_group resumed>) = ? [ 97.030910][ T5136] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.044401][ T5136] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 97.053642][ T5136] REISERFS (device loop2): using ordered data mode [ 97.061428][ T5136] reiserfs: using flush barriers [pid 5008] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] close(4 [pid 5003] fstat(3, [pid 5130] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5128] +++ exited with 0 +++ [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... close resumed>) = 0 [pid 5130] <... openat resumed>) = 4 [pid 5008] lstat("./9/binderfs", [pid 5004] rmdir("./9/file0" [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5130] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5004] <... rmdir resumed>) = 0 [pid 5130] <... mmap resumed>) = 0x20000000 [pid 5008] unlink("./9/binderfs" [pid 5004] getdents64(3, [pid 5003] getdents64(3, [pid 5130] ioctl(4, FS_IOC_GETVERSION [pid 5008] <... unlink resumed>) = 0 [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5130] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5008] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] close(3 [pid 5003] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5130] exit_group(0 [pid 5006] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... close resumed>) = 0 [pid 5130] <... exit_group resumed>) = ? [pid 5004] rmdir("./9" [pid 5130] +++ exited with 0 +++ [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... rmdir resumed>) = 0 [pid 5003] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5006] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] mkdir("./10", 0777 [pid 5006] <... openat resumed>) = 3 [pid 5004] <... mkdir resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5007] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] fstat(3, [pid 5004] <... openat resumed>) = 3 [pid 5003] lstat("./9/binderfs", [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5007] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] getdents64(3, [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5004] close(3 [pid 5007] fstat(3, [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] <... close resumed>) = 0 [ 97.069577][ T5136] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5003] unlink("./9/binderfs" [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5007] getdents64(3, [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... unlink resumed>) = 0 [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5138 [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] lstat("./9/binderfs", [pid 5003] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] unlink("./9/binderfs" [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... unlink resumed>) = 0 [pid 5007] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] unlink("./9/binderfs") = 0 [pid 5007] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5138 attached [pid 5138] chdir("./10") = 0 [pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5138] setpgid(0, 0) = 0 [pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5138] write(3, "1000", 4) = 4 [pid 5138] close(3) = 0 [pid 5138] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5138] memfd_create("syzkaller", 0) = 3 [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 97.134841][ T5136] REISERFS (device loop2): checking transaction log (loop2) [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./9/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./9") = 0 [pid 5008] mkdir("./10", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3 [pid 5138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] <... close resumed>) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5139 ./strace-static-x86_64: Process 5139 attached [pid 5139] chdir("./10") = 0 [pid 5139] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5139] setpgid(0, 0) = 0 [pid 5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5139] write(3, "1000", 4) = 4 [pid 5139] close(3) = 0 [pid 5139] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5139] memfd_create("syzkaller", 0) = 3 [pid 5139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5003] <... umount2 resumed>) = 0 [pid 5003] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./9/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./9") = 0 [pid 5003] mkdir("./10", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5140 ./strace-static-x86_64: Process 5140 attached [pid 5140] chdir("./10") = 0 [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5140] setpgid(0, 0) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5140] write(3, "1000", 4) = 4 [pid 5007] <... umount2 resumed>) = 0 [pid 5140] close(3 [pid 5007] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5140] <... close resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5140] symlink("/dev/binderfs", "./binderfs" [pid 5007] lstat("./9/file0", [pid 5140] <... symlink resumed>) = 0 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5140] memfd_create("syzkaller", 0 [pid 5007] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5140] <... memfd_create resumed>) = 3 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5007] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5140] <... mmap resumed>) = 0x7f091d53c000 [pid 5007] <... openat resumed>) = 4 [pid 5007] fstat(4, [pid 5006] <... umount2 resumed>) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] getdents64(4, [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] lstat("./9/file0", [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] close(4 [pid 5006] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... close resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] rmdir("./9/file0" [pid 5006] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] <... rmdir resumed>) = 0 [pid 5007] getdents64(3, [pid 5006] <... openat resumed>) = 4 [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] fstat(4, [pid 5007] close(3 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... close resumed>) = 0 [pid 5006] getdents64(4, [pid 5139] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] rmdir("./9" [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] <... rmdir resumed>) = 0 [pid 5006] getdents64(4, [pid 5007] mkdir("./10", 0777 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] <... mkdir resumed>) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5006] close(4 [pid 5007] <... openat resumed>) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5141 ./strace-static-x86_64: Process 5141 attached [pid 5141] chdir("./10") = 0 [pid 5141] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5141] setpgid(0, 0) = 0 [pid 5141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5141] write(3, "1000", 4) = 4 [pid 5006] <... close resumed>) = 0 [pid 5141] close(3) = 0 [pid 5006] rmdir("./9/file0" [pid 5141] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5141] memfd_create("syzkaller", 0 [pid 5138] <... write resumed>) = 4194304 [pid 5141] <... memfd_create resumed>) = 3 [pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3 [pid 5138] munmap(0x7f091d53c000, 4194304 [pid 5006] <... close resumed>) = 0 [pid 5006] rmdir("./9" [pid 5138] <... munmap resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5006] mkdir("./10", 0777) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5138] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5136] <... mount resumed>) = 0 [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5138] <... openat resumed>) = 4 [pid 5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5006] close(3 [pid 5138] ioctl(4, LOOP_SET_FD, 3 [pid 5136] <... openat resumed>) = 3 [pid 5006] <... close resumed>) = 0 [ 97.557163][ T5136] REISERFS (device loop2): Using r5 hash to sort names [ 97.583072][ T5136] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5138] <... ioctl resumed>) = 0 [pid 5136] chdir("./file0" [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5138] close(3 [pid 5136] <... chdir resumed>) = 0 [pid 5138] <... close resumed>) = 0 [pid 5136] ioctl(4, LOOP_CLR_FD [pid 5138] mkdir("./file0", 0777 [pid 5136] <... ioctl resumed>) = 0 [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5142 ./strace-static-x86_64: Process 5142 attached [pid 5138] <... mkdir resumed>) = 0 [pid 5136] close(4 [pid 5142] chdir("./10" [pid 5138] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5136] <... close resumed>) = 0 [pid 5136] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5142] <... chdir resumed>) = 0 [pid 5136] <... openat resumed>) = 4 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5136] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5142] <... prctl resumed>) = 0 [pid 5142] setpgid(0, 0 [pid 5136] <... mmap resumed>) = 0x20000000 [ 97.634167][ T5138] loop1: detected capacity change from 0 to 8192 [pid 5142] <... setpgid resumed>) = 0 [pid 5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5136] ioctl(4, FS_IOC_GETVERSION [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5136] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5142] <... openat resumed>) = 3 [ 97.677179][ T5138] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.714910][ T5138] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5136] exit_group(0 [pid 5142] write(3, "1000", 4 [pid 5136] <... exit_group resumed>) = ? [pid 5142] <... write resumed>) = 4 [pid 5136] +++ exited with 0 +++ [pid 5142] close(3) = 0 [pid 5142] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5142] memfd_create("syzkaller", 0) = 3 [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5005] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5005] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./10/binderfs") = 0 [ 97.724249][ T5138] REISERFS (device loop1): using ordered data mode [ 97.731604][ T5138] reiserfs: using flush barriers [ 97.738994][ T5138] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.756670][ T5138] REISERFS (device loop1): checking transaction log (loop1) [pid 5005] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5139] <... write resumed>) = 4194304 [pid 5139] munmap(0x7f091d53c000, 4194304) = 0 [pid 5139] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5141] <... write resumed>) = 4194304 [pid 5139] <... openat resumed>) = 4 [pid 5139] ioctl(4, LOOP_SET_FD, 3 [pid 5141] munmap(0x7f091d53c000, 4194304) = 0 [pid 5141] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5141] ioctl(4, LOOP_SET_FD, 3 [pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5141] <... ioctl resumed>) = 0 [pid 5139] <... ioctl resumed>) = 0 [pid 5138] <... mount resumed>) = 0 [pid 5141] close(3 [pid 5140] <... write resumed>) = 4194304 [pid 5139] close(3 [pid 5138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5141] <... close resumed>) = 0 [pid 5139] <... close resumed>) = 0 [pid 5138] <... openat resumed>) = 3 [pid 5141] mkdir("./file0", 0777 [pid 5139] mkdir("./file0", 0777 [pid 5138] chdir("./file0" [pid 5141] <... mkdir resumed>) = 0 [pid 5138] <... chdir resumed>) = 0 [pid 5141] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5139] <... mkdir resumed>) = 0 [pid 5138] ioctl(4, LOOP_CLR_FD [pid 5140] munmap(0x7f091d53c000, 4194304 [pid 5138] <... ioctl resumed>) = 0 [pid 5139] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5138] close(4 [pid 5140] <... munmap resumed>) = 0 [pid 5138] <... close resumed>) = 0 [ 97.846348][ T5138] REISERFS (device loop1): Using r5 hash to sort names [ 97.849207][ T5139] loop5: detected capacity change from 0 to 8192 [ 97.854985][ T5138] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 97.881631][ T5141] loop4: detected capacity change from 0 to 8192 [pid 5138] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5138] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5138] <... mmap resumed>) = 0x20000000 [pid 5140] ioctl(4, LOOP_SET_FD, 3 [pid 5138] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5138] exit_group(0) = ? [pid 5138] +++ exited with 0 +++ [ 97.932780][ T5141] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.933821][ T5140] loop0: detected capacity change from 0 to 8192 [ 97.954465][ T5139] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.954610][ T5141] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} --- [pid 5004] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./10/binderfs") = 0 [ 97.978032][ T5141] REISERFS (device loop4): using ordered data mode [ 97.984852][ T5141] reiserfs: using flush barriers [ 98.000584][ T5141] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.018402][ T5141] REISERFS (device loop4): checking transaction log (loop4) [pid 5004] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5140] <... ioctl resumed>) = 0 [pid 5005] <... umount2 resumed>) = 0 [pid 5140] close(3 [pid 5005] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5140] <... close resumed>) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5140] mkdir("./file0", 0777 [pid 5005] lstat("./10/file0", [pid 5142] <... write resumed>) = 4194304 [pid 5140] <... mkdir resumed>) = 0 [pid 5142] munmap(0x7f091d53c000, 4194304 [pid 5140] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 98.047044][ T5139] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5005] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] <... munmap resumed>) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5142] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5005] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5142] <... openat resumed>) = 4 [pid 5142] ioctl(4, LOOP_SET_FD, 3 [pid 5005] <... openat resumed>) = 4 [pid 5142] <... ioctl resumed>) = 0 [ 98.108237][ T5140] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.127753][ T5140] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 98.134648][ T5139] REISERFS (device loop5): using ordered data mode [ 98.137410][ T5142] loop3: detected capacity change from 0 to 8192 [ 98.143458][ T5139] reiserfs: using flush barriers [pid 5005] fstat(4, [pid 5142] close(3 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5142] <... close resumed>) = 0 [pid 5005] getdents64(4, [pid 5142] mkdir("./file0", 0777 [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5142] <... mkdir resumed>) = 0 [pid 5005] getdents64(4, [pid 5142] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./10/file0") = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./10") = 0 [ 98.144888][ T5139] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.152828][ T5140] REISERFS (device loop0): using ordered data mode [ 98.157154][ T5139] REISERFS (device loop5): checking transaction log (loop5) [ 98.187636][ T5141] REISERFS (device loop4): Using r5 hash to sort names [pid 5005] mkdir("./11", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5005] close(3 [pid 5141] <... mount resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5141] <... openat resumed>) = 3 [pid 5141] chdir("./file0") = 0 [pid 5141] ioctl(4, LOOP_CLR_FD [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5148 [ 98.202770][ T5141] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 98.214341][ T5142] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.227966][ T5142] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 98.239599][ T5142] REISERFS (device loop3): using ordered data mode [ 98.246739][ T5142] reiserfs: using flush barriers [ 98.253973][ T5140] reiserfs: using flush barriers [pid 5141] <... ioctl resumed>) = 0 [pid 5141] close(4) = 0 [pid 5141] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5141] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0./strace-static-x86_64: Process 5148 attached ) = 0x20000000 [pid 5148] chdir("./11" [pid 5141] ioctl(4, FS_IOC_GETVERSION [pid 5148] <... chdir resumed>) = 0 [pid 5141] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5141] exit_group(0 [pid 5148] <... prctl resumed>) = 0 [pid 5141] <... exit_group resumed>) = ? [pid 5148] setpgid(0, 0 [pid 5141] +++ exited with 0 +++ [pid 5148] <... setpgid resumed>) = 0 [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5141, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [ 98.273938][ T5140] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.285970][ T5142] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.290999][ T5140] REISERFS (device loop0): checking transaction log (loop0) [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5148] write(3, "1000", 4 [pid 5007] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5148] <... write resumed>) = 4 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5148] close(3 [pid 5007] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5148] <... close resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5148] symlink("/dev/binderfs", "./binderfs" [pid 5007] fstat(3, [pid 5148] <... symlink resumed>) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... umount2 resumed>) = 0 [pid 5148] memfd_create("syzkaller", 0 [pid 5007] getdents64(3, [pid 5148] <... memfd_create resumed>) = 3 [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5007] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5148] <... mmap resumed>) = 0x7f091d53c000 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./10/binderfs", [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./10/binderfs") = 0 [pid 5007] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 98.366005][ T5142] REISERFS (device loop3): checking transaction log (loop3) [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5004] rmdir("./10/file0") = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./10") = 0 [pid 5004] mkdir("./11", 0777) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5149 ./strace-static-x86_64: Process 5149 attached [pid 5149] chdir("./11") = 0 [pid 5149] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5149] setpgid(0, 0) = 0 [pid 5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 98.488403][ T5142] REISERFS (device loop3): Using r5 hash to sort names [pid 5149] write(3, "1000", 4) = 4 [pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5149] close(3) = 0 [pid 5149] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5149] memfd_create("syzkaller", 0) = 3 [pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5142] <... mount resumed>) = 0 [pid 5142] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5142] chdir("./file0") = 0 [pid 5142] ioctl(4, LOOP_CLR_FD) = 0 [ 98.542668][ T5142] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5142] close(4) = 0 [pid 5142] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5142] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5142] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5142] exit_group(0) = ? [pid 5142] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5006] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./10/binderfs") = 0 [ 98.645297][ T5140] REISERFS (device loop0): Using r5 hash to sort names [ 98.652521][ T5140] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 98.668472][ T5139] REISERFS (device loop5): Using r5 hash to sort names [pid 5006] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... umount2 resumed>) = 0 [pid 5007] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5140] <... mount resumed>) = 0 [pid 5007] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5140] chdir("./file0") = 0 [pid 5140] ioctl(4, LOOP_CLR_FD) = 0 [ 98.691381][ T5139] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5140] close(4 [pid 5149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5139] <... mount resumed>) = 0 [pid 5007] <... openat resumed>) = 4 [pid 5140] <... close resumed>) = 0 [pid 5140] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5140] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5140] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5140] exit_group(0) = ? [pid 5139] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5007] fstat(4, [pid 5140] +++ exited with 0 +++ [pid 5139] <... openat resumed>) = 3 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5139] chdir("./file0" [pid 5007] getdents64(4, [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5139] <... chdir resumed>) = 0 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] restart_syscall(<... resuming interrupted clone ...> [pid 5139] ioctl(4, LOOP_CLR_FD [pid 5007] getdents64(4, [pid 5003] <... restart_syscall resumed>) = 0 [pid 5139] <... ioctl resumed>) = 0 [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5139] close(4 [pid 5007] close(4 [pid 5139] <... close resumed>) = 0 [pid 5007] <... close resumed>) = 0 [pid 5003] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5139] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5007] rmdir("./10/file0" [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5139] <... openat resumed>) = 4 [pid 5007] <... rmdir resumed>) = 0 [pid 5003] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5139] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5007] getdents64(3, [pid 5003] <... openat resumed>) = 3 [pid 5139] <... mmap resumed>) = 0x20000000 [pid 5003] fstat(3, [pid 5139] ioctl(4, FS_IOC_GETVERSION [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5139] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5007] close(3 [pid 5003] getdents64(3, [pid 5139] exit_group(0 [pid 5007] <... close resumed>) = 0 [pid 5003] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5148] <... write resumed>) = 4194304 [pid 5139] <... exit_group resumed>) = ? [pid 5007] rmdir("./10" [pid 5003] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5139] +++ exited with 0 +++ [pid 5003] unlink("./10/binderfs" [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5007] <... rmdir resumed>) = 0 [pid 5003] <... unlink resumed>) = 0 [pid 5007] mkdir("./11", 0777 [pid 5003] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5148] munmap(0x7f091d53c000, 4194304) = 0 [pid 5007] <... mkdir resumed>) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5008] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... openat resumed>) = 3 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5008] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5008] <... openat resumed>) = 3 [pid 5007] close(3 [pid 5008] fstat(3, [pid 5007] <... close resumed>) = 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5148] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5008] getdents64(3, ./strace-static-x86_64: Process 5150 attached [pid 5148] <... openat resumed>) = 4 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5148] ioctl(4, LOOP_SET_FD, 3 [pid 5008] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5150 [pid 5150] chdir("./11" [pid 5148] <... ioctl resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5150] <... chdir resumed>) = 0 [pid 5008] lstat("./10/binderfs", [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5150] <... prctl resumed>) = 0 [pid 5008] unlink("./10/binderfs" [pid 5150] setpgid(0, 0 [pid 5008] <... unlink resumed>) = 0 [pid 5150] <... setpgid resumed>) = 0 [pid 5008] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5150] write(3, "1000", 4) = 4 [pid 5150] close(3) = 0 [pid 5150] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5150] memfd_create("syzkaller", 0) = 3 [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5148] close(3) = 0 [pid 5148] mkdir("./file0", 0777) = 0 [ 98.835800][ T5148] loop2: detected capacity change from 0 to 8192 [pid 5148] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5006] <... umount2 resumed>) = 0 [pid 5006] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] close(4) = 0 [pid 5149] <... write resumed>) = 4194304 [pid 5006] rmdir("./10/file0") = 0 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3) = 0 [pid 5149] munmap(0x7f091d53c000, 4194304 [pid 5006] rmdir("./10") = 0 [ 98.877455][ T5148] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5006] mkdir("./11", 0777 [pid 5149] <... munmap resumed>) = 0 [pid 5006] <... mkdir resumed>) = 0 [pid 5149] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5149] <... openat resumed>) = 4 [pid 5006] <... openat resumed>) = 3 [pid 5149] ioctl(4, LOOP_SET_FD, 3 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 98.924205][ T5148] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 98.934747][ T5148] REISERFS (device loop2): using ordered data mode [ 98.941306][ T5148] reiserfs: using flush barriers [ 98.954269][ T5148] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5152 ./strace-static-x86_64: Process 5152 attached [pid 5152] chdir("./11") = 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5152] setpgid(0, 0) = 0 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5152] write(3, "1000", 4) = 4 [pid 5152] close(3) = 0 [pid 5152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5149] <... ioctl resumed>) = 0 [pid 5152] memfd_create("syzkaller", 0 [pid 5149] close(3 [pid 5152] <... memfd_create resumed>) = 3 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5149] <... close resumed>) = 0 [ 98.972297][ T5149] loop1: detected capacity change from 0 to 8192 [pid 5152] <... mmap resumed>) = 0x7f091d53c000 [pid 5149] mkdir("./file0", 0777) = 0 [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5149] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5008] lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./10/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./10") = 0 [pid 5008] mkdir("./11", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 99.007039][ T5148] REISERFS (device loop2): checking transaction log (loop2) [ 99.032057][ T5149] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5003] <... umount2 resumed>) = 0 [pid 5152] <... write resumed>) = 4194304 [pid 5152] munmap(0x7f091d53c000, 4194304) = 0 [ 99.124076][ T5149] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 99.133354][ T5149] REISERFS (device loop1): using ordered data mode [ 99.140287][ T5149] reiserfs: using flush barriers [ 99.146794][ T5149] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.163647][ T5149] REISERFS (device loop1): checking transaction log (loop1) [pid 5152] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5152] ioctl(4, LOOP_SET_FD, 3 [pid 5008] <... openat resumed>) = 3 [pid 5003] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] close(3 [pid 5003] lstat("./10/file0", [pid 5008] <... close resumed>) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5154 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5154 attached [pid 5003] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5154] chdir("./11") = 0 [pid 5003] <... openat resumed>) = 4 [pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL [ 99.231105][ T5152] loop3: detected capacity change from 0 to 8192 [pid 5003] fstat(4, [pid 5154] <... prctl resumed>) = 0 [pid 5152] <... ioctl resumed>) = 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5154] setpgid(0, 0 [pid 5003] getdents64(4, [pid 5154] <... setpgid resumed>) = 0 [pid 5152] close(3 [pid 5149] <... mount resumed>) = 0 [pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5152] <... close resumed>) = 0 [pid 5149] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5003] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5154] <... openat resumed>) = 3 [pid 5152] mkdir("./file0", 0777 [pid 5149] <... openat resumed>) = 3 [pid 5003] getdents64(4, [pid 5154] write(3, "1000", 4 [pid 5152] <... mkdir resumed>) = 0 [pid 5149] chdir("./file0" [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5154] <... write resumed>) = 4 [pid 5152] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5149] <... chdir resumed>) = 0 [pid 5003] close(4 [pid 5154] close(3 [pid 5149] ioctl(4, LOOP_CLR_FD [pid 5154] <... close resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5154] symlink("/dev/binderfs", "./binderfs" [pid 5149] <... ioctl resumed>) = 0 [pid 5003] rmdir("./10/file0" [ 99.279420][ T5149] REISERFS (device loop1): Using r5 hash to sort names [ 99.287168][ T5149] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5154] <... symlink resumed>) = 0 [pid 5149] close(4 [pid 5003] <... rmdir resumed>) = 0 [pid 5154] memfd_create("syzkaller", 0 [pid 5149] <... close resumed>) = 0 [pid 5003] getdents64(3, [pid 5154] <... memfd_create resumed>) = 3 [pid 5149] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5149] <... openat resumed>) = 4 [pid 5003] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5154] <... mmap resumed>) = 0x7f091d53c000 [pid 5149] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5003] close(3) = 0 [pid 5149] <... mmap resumed>) = 0x20000000 [pid 5003] rmdir("./10" [pid 5149] ioctl(4, FS_IOC_GETVERSION [pid 5003] <... rmdir resumed>) = 0 [pid 5149] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5003] mkdir("./11", 0777 [pid 5149] exit_group(0) = ? [pid 5003] <... mkdir resumed>) = 0 [pid 5149] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5149, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5004] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5004] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] close(3 [pid 5004] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] <... close resumed>) = 0 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./11/binderfs") = 0 [ 99.353618][ T5148] REISERFS (device loop2): Using r5 hash to sort names [ 99.362537][ T5148] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 99.373511][ T5152] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5004] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5150] <... write resumed>) = 4194304 [pid 5150] munmap(0x7f091d53c000, 4194304 [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5156 [pid 5148] <... mount resumed>) = 0 [pid 5148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5148] chdir("./file0") = 0 [pid 5148] ioctl(4, LOOP_CLR_FD) = 0 [pid 5148] close(4) = 0 [pid 5148] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5148] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5150] <... munmap resumed>) = 0 [pid 5148] <... mmap resumed>) = 0x20000000 [pid 5148] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5148] exit_group(0) = ? [pid 5148] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} --- [pid 5150] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5156 attached ) = 4 [pid 5156] chdir("./11" [pid 5150] ioctl(4, LOOP_SET_FD, 3 [pid 5156] <... chdir resumed>) = 0 [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, [pid 5156] <... prctl resumed>) = 0 [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5156] setpgid(0, 0) = 0 [pid 5005] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5156] <... openat resumed>) = 3 [pid 5156] write(3, "1000", 4) = 4 [pid 5156] close(3) = 0 [pid 5156] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5156] memfd_create("syzkaller", 0 [pid 5005] lstat("./11/binderfs", [pid 5156] <... memfd_create resumed>) = 3 [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 99.468449][ T5150] loop4: detected capacity change from 0 to 8192 [ 99.475039][ T5152] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 99.485571][ T5152] REISERFS (device loop3): using ordered data mode [ 99.492924][ T5152] reiserfs: using flush barriers [pid 5005] unlink("./11/binderfs" [pid 5154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5150] <... ioctl resumed>) = 0 [pid 5005] <... unlink resumed>) = 0 [pid 5150] close(3 [pid 5005] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5150] <... close resumed>) = 0 [pid 5150] mkdir("./file0", 0777) = 0 [ 99.509874][ T5152] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.542905][ T5152] REISERFS (device loop3): checking transaction log (loop3) [pid 5150] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [ 99.567622][ T5150] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.606624][ T5150] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5154] <... write resumed>) = 4194304 [pid 5005] <... umount2 resumed>) = 0 [ 99.632759][ T5150] REISERFS (device loop4): using ordered data mode [ 99.661323][ T5150] reiserfs: using flush barriers [pid 5005] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5154] munmap(0x7f091d53c000, 4194304 [pid 5004] <... umount2 resumed>) = 0 [pid 5005] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./11/file0") = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./11") = 0 [pid 5005] mkdir("./12", 0777 [pid 5004] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5154] <... munmap resumed>) = 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5154] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5005] <... mkdir resumed>) = 0 [pid 5004] lstat("./11/file0", [pid 5154] <... openat resumed>) = 4 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5154] ioctl(4, LOOP_SET_FD, 3 [pid 5004] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5154] <... ioctl resumed>) = 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5004] rmdir("./11/file0") = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3 [pid 5154] close(3 [pid 5004] <... close resumed>) = 0 [pid 5154] <... close resumed>) = 0 [pid 5004] rmdir("./11" [pid 5154] mkdir("./file0", 0777 [pid 5005] <... openat resumed>) = 3 [pid 5004] <... rmdir resumed>) = 0 [ 99.685192][ T5150] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.716680][ T5154] loop5: detected capacity change from 0 to 8192 [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5004] mkdir("./12", 0777 [pid 5154] <... mkdir resumed>) = 0 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5154] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5005] close(3 [pid 5004] <... mkdir resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5159 [pid 5004] <... openat resumed>) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5160 ./strace-static-x86_64: Process 5159 attached [pid 5159] chdir("./12"./strace-static-x86_64: Process 5160 attached ) = 0 [pid 5159] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5159] setpgid(0, 0) = 0 [pid 5160] chdir("./12" [ 99.741527][ T5150] REISERFS (device loop4): checking transaction log (loop4) [ 99.776719][ T5154] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5160] <... chdir resumed>) = 0 [pid 5159] <... openat resumed>) = 3 [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5159] write(3, "1000", 4 [pid 5160] <... prctl resumed>) = 0 [pid 5160] setpgid(0, 0 [pid 5159] <... write resumed>) = 4 [pid 5160] <... setpgid resumed>) = 0 [pid 5159] close(3 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5159] <... close resumed>) = 0 [pid 5160] <... openat resumed>) = 3 [ 99.813989][ T5154] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 99.824192][ T5154] REISERFS (device loop5): using ordered data mode [ 99.830935][ T5154] reiserfs: using flush barriers [ 99.840746][ T5154] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5159] symlink("/dev/binderfs", "./binderfs" [pid 5160] write(3, "1000", 4 [pid 5159] <... symlink resumed>) = 0 [pid 5160] <... write resumed>) = 4 [pid 5159] memfd_create("syzkaller", 0 [pid 5160] close(3 [pid 5159] <... memfd_create resumed>) = 3 [pid 5160] <... close resumed>) = 0 [pid 5159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5160] symlink("/dev/binderfs", "./binderfs" [pid 5159] <... mmap resumed>) = 0x7f091d53c000 [pid 5160] <... symlink resumed>) = 0 [pid 5160] memfd_create("syzkaller", 0) = 3 [ 99.858160][ T5154] REISERFS (device loop5): checking transaction log (loop5) [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5156] <... write resumed>) = 4194304 [pid 5156] munmap(0x7f091d53c000, 4194304) = 0 [pid 5156] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 99.942391][ T5152] REISERFS (device loop3): Using r5 hash to sort names [ 99.960486][ T5152] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5156] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5156] close(3 [pid 5152] <... mount resumed>) = 0 [pid 5156] <... close resumed>) = 0 [pid 5156] mkdir("./file0", 0777 [pid 5152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5156] <... mkdir resumed>) = 0 [pid 5152] <... openat resumed>) = 3 [pid 5156] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5152] chdir("./file0") = 0 [pid 5152] ioctl(4, LOOP_CLR_FD) = 0 [pid 5152] close(4) = 0 [pid 5152] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5152] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5152] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 99.993812][ T5156] loop0: detected capacity change from 0 to 8192 [pid 5152] exit_group(0 [pid 5159] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5152] <... exit_group resumed>) = ? [pid 5152] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5006] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5006] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./11/binderfs") = 0 [ 100.053206][ T5156] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.067643][ T5154] REISERFS (device loop5): Using r5 hash to sort names [ 100.080911][ T5154] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5006] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5160] <... write resumed>) = 4194304 [pid 5154] <... mount resumed>) = 0 [ 100.102282][ T5156] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5160] munmap(0x7f091d53c000, 4194304 [pid 5154] chdir("./file0" [pid 5006] <... umount2 resumed>) = 0 [pid 5160] <... munmap resumed>) = 0 [pid 5154] <... chdir resumed>) = 0 [pid 5006] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5160] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5154] ioctl(4, LOOP_CLR_FD [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5160] <... openat resumed>) = 4 [pid 5154] <... ioctl resumed>) = 0 [ 100.143996][ T5156] REISERFS (device loop0): using ordered data mode [ 100.151119][ T5156] reiserfs: using flush barriers [ 100.159591][ T5156] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5006] lstat("./11/file0", [pid 5160] ioctl(4, LOOP_SET_FD, 3 [pid 5154] close(4 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5160] <... ioctl resumed>) = 0 [pid 5154] <... close resumed>) = 0 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] close(4) = 0 [pid 5006] rmdir("./11/file0") = 0 [pid 5160] close(3 [pid 5159] <... write resumed>) = 4194304 [pid 5154] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5006] getdents64(3, [pid 5160] <... close resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5160] mkdir("./file0", 0777 [pid 5154] <... openat resumed>) = 4 [ 100.188894][ T5150] REISERFS (device loop4): Using r5 hash to sort names [ 100.196362][ T5156] REISERFS (device loop0): checking transaction log (loop0) [ 100.204509][ T5160] loop1: detected capacity change from 0 to 8192 [pid 5006] close(3 [pid 5160] <... mkdir resumed>) = 0 [pid 5159] munmap(0x7f091d53c000, 4194304 [pid 5154] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5006] <... close resumed>) = 0 [pid 5006] rmdir("./11") = 0 [pid 5160] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5006] mkdir("./12", 0777 [pid 5159] <... munmap resumed>) = 0 [pid 5006] <... mkdir resumed>) = 0 [pid 5154] <... mmap resumed>) = 0x20000000 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5159] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5154] ioctl(4, FS_IOC_GETVERSION [pid 5006] <... openat resumed>) = 3 [pid 5159] <... openat resumed>) = 4 [pid 5154] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5159] ioctl(4, LOOP_SET_FD, 3 [pid 5154] exit_group(0 [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5154] <... exit_group resumed>) = ? [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5163 ./strace-static-x86_64: Process 5163 attached [pid 5163] chdir("./12") = 0 [pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5163] setpgid(0, 0) = 0 [pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5150] <... mount resumed>) = 0 [pid 5163] write(3, "1000", 4 [pid 5150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5163] <... write resumed>) = 4 [pid 5150] <... openat resumed>) = 3 [pid 5163] close(3 [ 100.239465][ T5150] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 100.267418][ T5159] loop2: detected capacity change from 0 to 8192 [pid 5150] chdir("./file0" [pid 5163] <... close resumed>) = 0 [pid 5150] <... chdir resumed>) = 0 [pid 5163] symlink("/dev/binderfs", "./binderfs" [pid 5150] ioctl(4, LOOP_CLR_FD [pid 5163] <... symlink resumed>) = 0 [pid 5150] <... ioctl resumed>) = 0 [pid 5163] memfd_create("syzkaller", 0 [pid 5150] close(4 [pid 5163] <... memfd_create resumed>) = 3 [pid 5150] <... close resumed>) = 0 [pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5150] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5163] <... mmap resumed>) = 0x7f091d53c000 [pid 5150] <... openat resumed>) = 4 [pid 5154] +++ exited with 0 +++ [pid 5150] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} --- [pid 5150] <... mmap resumed>) = 0x20000000 [pid 5150] ioctl(4, FS_IOC_GETVERSION [pid 5159] <... ioctl resumed>) = 0 [pid 5159] close(3 [pid 5150] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5159] <... close resumed>) = 0 [pid 5159] mkdir("./file0", 0777 [pid 5150] exit_group(0 [pid 5159] <... mkdir resumed>) = 0 [pid 5150] <... exit_group resumed>) = ? [pid 5150] +++ exited with 0 +++ [pid 5008] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5159] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 100.285208][ T5160] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5008] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(3, [pid 5007] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... openat resumed>) = 3 [pid 5008] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, [pid 5008] unlink("./11/binderfs") = 0 [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] unlink("./11/binderfs") = 0 [ 100.346518][ T5159] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.352015][ T5160] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 100.387898][ T5160] REISERFS (device loop1): using ordered data mode [ 100.395546][ T5160] reiserfs: using flush barriers [ 100.401773][ T5159] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 100.413352][ T5159] REISERFS (device loop2): using ordered data mode [ 100.420234][ T5159] reiserfs: using flush barriers [pid 5007] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5156] <... mount resumed>) = 0 [pid 5156] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5156] chdir("./file0" [pid 5163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5156] <... chdir resumed>) = 0 [pid 5156] ioctl(4, LOOP_CLR_FD) = 0 [pid 5156] close(4) = 0 [pid 5156] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 100.420360][ T5160] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.448358][ T5156] REISERFS (device loop0): Using r5 hash to sort names [ 100.455622][ T5156] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 100.456217][ T5159] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5156] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5156] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5156] exit_group(0) = ? [pid 5156] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5003] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5003] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./11/binderfs") = 0 [pid 5007] <... umount2 resumed>) = 0 [pid 5003] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5007] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4) = 0 [pid 5007] rmdir("./11/file0") = 0 [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./11") = 0 [pid 5007] mkdir("./12", 0777) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5165 ./strace-static-x86_64: Process 5165 attached [pid 5165] chdir("./12") = 0 [pid 5165] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 100.597496][ T5160] REISERFS (device loop1): checking transaction log (loop1) [ 100.622061][ T5159] REISERFS (device loop2): checking transaction log (loop2) [pid 5165] setpgid(0, 0) = 0 [pid 5165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5165] write(3, "1000", 4) = 4 [pid 5165] close(3) = 0 [pid 5165] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5165] memfd_create("syzkaller", 0) = 3 [pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5163] <... write resumed>) = 4194304 [pid 5008] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5163] munmap(0x7f091d53c000, 4194304 [pid 5008] <... openat resumed>) = 4 [pid 5163] <... munmap resumed>) = 0 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./11/file0" [pid 5163] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5008] <... rmdir resumed>) = 0 [pid 5163] <... openat resumed>) = 4 [pid 5008] getdents64(3, [pid 5163] ioctl(4, LOOP_SET_FD, 3 [pid 5008] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5163] <... ioctl resumed>) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./11") = 0 [pid 5008] mkdir("./12", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5166 ./strace-static-x86_64: Process 5166 attached [pid 5166] chdir("./12") = 0 [pid 5165] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5163] close(3 [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5163] <... close resumed>) = 0 [pid 5166] <... prctl resumed>) = 0 [pid 5163] mkdir("./file0", 0777 [pid 5166] setpgid(0, 0 [pid 5163] <... mkdir resumed>) = 0 [pid 5166] <... setpgid resumed>) = 0 [pid 5163] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5166] write(3, "1000", 4) = 4 [pid 5166] close(3) = 0 [pid 5166] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5166] memfd_create("syzkaller", 0) = 3 [ 100.815336][ T5163] loop3: detected capacity change from 0 to 8192 [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5003] <... umount2 resumed>) = 0 [pid 5003] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 100.878108][ T5163] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./11/file0") = 0 [pid 5165] <... write resumed>) = 4194304 [pid 5003] getdents64(3, [pid 5165] munmap(0x7f091d53c000, 4194304 [pid 5003] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5165] <... munmap resumed>) = 0 [pid 5003] close(3 [pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5165] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5003] <... close resumed>) = 0 [pid 5165] <... openat resumed>) = 4 [pid 5003] rmdir("./11" [ 100.954775][ T5163] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 100.964775][ T5163] REISERFS (device loop3): using ordered data mode [ 100.974735][ T5163] reiserfs: using flush barriers [ 100.982026][ T5163] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5165] ioctl(4, LOOP_SET_FD, 3 [pid 5003] <... rmdir resumed>) = 0 [pid 5165] <... ioctl resumed>) = 0 [pid 5003] mkdir("./12", 0777 [pid 5165] close(3 [pid 5003] <... mkdir resumed>) = 0 [pid 5165] <... close resumed>) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5165] mkdir("./file0", 0777) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5165] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [ 101.007068][ T5165] loop4: detected capacity change from 0 to 8192 [ 101.020812][ T5160] REISERFS (device loop1): Using r5 hash to sort names [ 101.043104][ T5160] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5169 ./strace-static-x86_64: Process 5169 attached [pid 5169] chdir("./12") = 0 [pid 5160] <... mount resumed>) = 0 [ 101.044890][ T5165] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.054334][ T5159] REISERFS (device loop2): Using r5 hash to sort names [ 101.074838][ T5163] REISERFS (device loop3): checking transaction log (loop3) [ 101.085830][ T5159] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5160] chdir("./file0") = 0 [pid 5160] ioctl(4, LOOP_CLR_FD [pid 5169] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5160] <... ioctl resumed>) = 0 [pid 5169] setpgid(0, 0 [pid 5160] close(4 [pid 5169] <... setpgid resumed>) = 0 [pid 5166] <... write resumed>) = 4194304 [pid 5166] munmap(0x7f091d53c000, 4194304) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 101.102805][ T5165] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [pid 5169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5166] ioctl(4, LOOP_SET_FD, 3 [pid 5160] <... close resumed>) = 0 [pid 5169] <... openat resumed>) = 3 [pid 5160] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5169] write(3, "1000", 4 [pid 5160] <... openat resumed>) = 4 [pid 5169] <... write resumed>) = 4 [pid 5169] close(3 [pid 5160] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5159] <... mount resumed>) = 0 [pid 5169] <... close resumed>) = 0 [pid 5160] <... mmap resumed>) = 0x20000000 [pid 5169] symlink("/dev/binderfs", "./binderfs" [pid 5159] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5160] ioctl(4, FS_IOC_GETVERSION [pid 5169] <... symlink resumed>) = 0 [pid 5160] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5169] memfd_create("syzkaller", 0 [pid 5160] exit_group(0 [pid 5169] <... memfd_create resumed>) = 3 [pid 5160] <... exit_group resumed>) = ? [pid 5159] <... openat resumed>) = 3 [pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5160] +++ exited with 0 +++ [pid 5169] <... mmap resumed>) = 0x7f091d53c000 [pid 5159] chdir("./file0" [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5004] restart_syscall(<... resuming interrupted clone ...> [pid 5166] <... ioctl resumed>) = 0 [pid 5004] <... restart_syscall resumed>) = 0 [pid 5166] close(3) = 0 [pid 5166] mkdir("./file0", 0777 [pid 5159] <... chdir resumed>) = 0 [pid 5004] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] ioctl(4, LOOP_CLR_FD [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5159] <... ioctl resumed>) = 0 [pid 5004] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5159] close(4) = 0 [pid 5004] <... openat resumed>) = 3 [pid 5159] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, [pid 5166] <... mkdir resumed>) = 0 [pid 5159] <... openat resumed>) = 4 [pid 5159] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [ 101.134058][ T5165] REISERFS (device loop4): using ordered data mode [ 101.143346][ T5166] loop5: detected capacity change from 0 to 8192 [ 101.144339][ T5165] reiserfs: using flush barriers [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5166] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5159] <... mmap resumed>) = 0x20000000 [pid 5004] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] ioctl(4, FS_IOC_GETVERSION [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5159] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5004] lstat("./12/binderfs", [pid 5159] exit_group(0) = ? [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 101.187251][ T5165] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5159] +++ exited with 0 +++ [pid 5004] unlink("./12/binderfs" [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5159, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5005] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5005] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./12/binderfs") = 0 [pid 5005] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5004] <... unlink resumed>) = 0 [ 101.228686][ T5166] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.253949][ T5166] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 101.267040][ T5166] REISERFS (device loop5): using ordered data mode [pid 5004] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5169] <... write resumed>) = 4194304 [pid 5169] munmap(0x7f091d53c000, 4194304) = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5169] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5169] close(3) = 0 [pid 5169] mkdir("./file0", 0777) = 0 [ 101.307454][ T5165] REISERFS (device loop4): checking transaction log (loop4) [ 101.332040][ T5169] loop0: detected capacity change from 0 to 8192 [ 101.332575][ T5166] reiserfs: using flush barriers [pid 5169] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5005] <... umount2 resumed>) = 0 [pid 5005] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 101.374776][ T5169] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.393217][ T5166] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.412200][ T5166] REISERFS (device loop5): checking transaction log (loop5) [pid 5005] lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./12/file0") = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [ 101.420623][ T5169] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.437697][ T5169] REISERFS (device loop0): using ordered data mode [ 101.464617][ T5169] reiserfs: using flush barriers [pid 5005] rmdir("./12") = 0 [pid 5005] mkdir("./13", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 101.479123][ T5169] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5172 ./strace-static-x86_64: Process 5172 attached [pid 5172] chdir("./13") = 0 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5172] setpgid(0, 0) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5172] write(3, "1000", 4) = 4 [pid 5172] close(3) = 0 [pid 5172] symlink("/dev/binderfs", "./binderfs") = 0 [ 101.543397][ T5169] REISERFS (device loop0): checking transaction log (loop0) [ 101.571220][ T5163] REISERFS (device loop3): Using r5 hash to sort names [pid 5172] memfd_create("syzkaller", 0) = 3 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 101.602969][ T5163] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 101.640130][ T5165] REISERFS (device loop4): Using r5 hash to sort names [pid 5004] <... umount2 resumed>) = 0 [pid 5163] <... mount resumed>) = 0 [pid 5163] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5163] chdir("./file0") = 0 [pid 5004] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5163] ioctl(4, LOOP_CLR_FD) = 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5163] close(4 [pid 5004] lstat("./12/file0", [pid 5163] <... close resumed>) = 0 [pid 5163] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5163] <... openat resumed>) = 4 [pid 5004] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5163] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5163] <... mmap resumed>) = 0x20000000 [pid 5004] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5163] ioctl(4, FS_IOC_GETVERSION [pid 5004] <... openat resumed>) = 4 [pid 5163] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5004] fstat(4, [pid 5163] exit_group(0 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5163] <... exit_group resumed>) = ? [pid 5004] getdents64(4, [pid 5163] +++ exited with 0 +++ [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4 [pid 5006] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... close resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] rmdir("./12/file0" [pid 5006] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... rmdir resumed>) = 0 [pid 5006] <... openat resumed>) = 3 [pid 5004] getdents64(3, [pid 5006] fstat(3, [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] close(3 [pid 5006] getdents64(3, [pid 5004] <... close resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] rmdir("./12" [pid 5006] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... rmdir resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] mkdir("./13", 0777 [pid 5006] lstat("./12/binderfs", [pid 5004] <... mkdir resumed>) = 0 [pid 5165] <... mount resumed>) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5006] unlink("./12/binderfs" [pid 5004] <... openat resumed>) = 3 [pid 5165] <... openat resumed>) = 3 [pid 5006] <... unlink resumed>) = 0 [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5165] chdir("./file0" [pid 5006] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5165] <... chdir resumed>) = 0 [pid 5004] close(3 [pid 5165] ioctl(4, LOOP_CLR_FD [pid 5004] <... close resumed>) = 0 [pid 5165] <... ioctl resumed>) = 0 [ 101.651032][ T5166] REISERFS (device loop5): Using r5 hash to sort names [ 101.670313][ T5165] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 101.693678][ T5166] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5165] close(4) = 0 [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5173 [pid 5165] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5165] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5165] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) ./strace-static-x86_64: Process 5173 attached [pid 5165] exit_group(0 [pid 5173] chdir("./13" [pid 5165] <... exit_group resumed>) = ? [pid 5173] <... chdir resumed>) = 0 [pid 5165] +++ exited with 0 +++ [pid 5173] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5165, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5173] <... prctl resumed>) = 0 [pid 5173] setpgid(0, 0) = 0 [pid 5173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5173] write(3, "1000", 4) = 4 [pid 5007] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5173] close(3 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5173] <... close resumed>) = 0 [pid 5007] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5173] symlink("/dev/binderfs", "./binderfs" [pid 5007] <... openat resumed>) = 3 [pid 5173] <... symlink resumed>) = 0 [pid 5007] fstat(3, [pid 5173] memfd_create("syzkaller", 0 [pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5173] <... memfd_create resumed>) = 3 [pid 5166] <... mount resumed>) = 0 [pid 5007] getdents64(3, [pid 5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5173] <... mmap resumed>) = 0x7f091d53c000 [pid 5166] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5007] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] <... openat resumed>) = 3 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./12/binderfs") = 0 [pid 5007] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] chdir("./file0") = 0 [pid 5166] ioctl(4, LOOP_CLR_FD) = 0 [pid 5166] close(4) = 0 [pid 5166] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5166] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5166] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5166] exit_group(0) = ? [pid 5166] +++ exited with 0 +++ [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5008] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5008] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./12/binderfs") = 0 [ 101.849618][ T5169] REISERFS (device loop0): Using r5 hash to sort names [pid 5008] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5173] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5169] <... mount resumed>) = 0 [pid 5169] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 101.892859][ T5169] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5169] chdir("./file0" [pid 5006] <... umount2 resumed>) = 0 [pid 5172] <... write resumed>) = 4194304 [pid 5169] <... chdir resumed>) = 0 [pid 5172] munmap(0x7f091d53c000, 4194304 [pid 5169] ioctl(4, LOOP_CLR_FD [pid 5006] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] <... munmap resumed>) = 0 [pid 5169] <... ioctl resumed>) = 0 [pid 5172] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5169] close(4 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] <... openat resumed>) = 4 [pid 5169] <... close resumed>) = 0 [pid 5006] lstat("./12/file0", [pid 5172] ioctl(4, LOOP_SET_FD, 3 [pid 5169] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5169] <... openat resumed>) = 4 [pid 5006] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5169] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5169] <... mmap resumed>) = 0x20000000 [pid 5169] ioctl(4, FS_IOC_GETVERSION [pid 5006] <... openat resumed>) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5169] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5006] getdents64(4, [pid 5169] exit_group(0) = ? [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] close(4) = 0 [pid 5169] +++ exited with 0 +++ [pid 5006] rmdir("./12/file0") = 0 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5169, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3 [pid 5003] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... close resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] rmdir("./12" [pid 5003] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] <... rmdir resumed>) = 0 [pid 5006] mkdir("./13", 0777 [pid 5003] <... openat resumed>) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... mkdir resumed>) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] <... openat resumed>) = 3 [pid 5003] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] close(3) = 0 [pid 5003] lstat("./12/binderfs", [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./12/binderfs") = 0 [pid 5003] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5174 [pid 5172] <... ioctl resumed>) = 0 [pid 5172] close(3) = 0 [pid 5172] mkdir("./file0", 0777./strace-static-x86_64: Process 5174 attached ) = 0 [ 101.972997][ T5172] loop2: detected capacity change from 0 to 8192 [pid 5174] chdir("./13" [pid 5172] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5007] <... umount2 resumed>) = 0 [pid 5174] <... chdir resumed>) = 0 [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5174] setpgid(0, 0) = 0 [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5174] write(3, "1000", 4) = 4 [pid 5007] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5174] close(3 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5174] <... close resumed>) = 0 [pid 5007] lstat("./12/file0", [pid 5174] symlink("/dev/binderfs", "./binderfs" [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5174] <... symlink resumed>) = 0 [pid 5007] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5174] memfd_create("syzkaller", 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5174] <... memfd_create resumed>) = 3 [pid 5007] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5007] <... openat resumed>) = 4 [pid 5174] <... mmap resumed>) = 0x7f091d53c000 [pid 5007] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4) = 0 [pid 5007] rmdir("./12/file0") = 0 [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./12") = 0 [pid 5007] mkdir("./13", 0777) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5176 ./strace-static-x86_64: Process 5176 attached [pid 5176] chdir("./13" [pid 5173] <... write resumed>) = 4194304 [pid 5008] <... umount2 resumed>) = 0 [pid 5176] <... chdir resumed>) = 0 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5176] setpgid(0, 0) = 0 [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5176] write(3, "1000", 4 [pid 5173] munmap(0x7f091d53c000, 4194304 [pid 5176] <... write resumed>) = 4 [ 102.045581][ T5172] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5176] close(3 [pid 5173] <... munmap resumed>) = 0 [pid 5176] <... close resumed>) = 0 [pid 5176] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5173] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5176] memfd_create("syzkaller", 0 [pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5173] <... openat resumed>) = 4 [pid 5176] <... memfd_create resumed>) = 3 [pid 5173] ioctl(4, LOOP_SET_FD, 3 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5008] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./12/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./12" [pid 5173] <... ioctl resumed>) = 0 [pid 5008] <... rmdir resumed>) = 0 [ 102.100368][ T5172] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 102.127863][ T5173] loop1: detected capacity change from 0 to 8192 [pid 5008] mkdir("./13", 0777 [pid 5173] close(3 [pid 5008] <... mkdir resumed>) = 0 [pid 5173] <... close resumed>) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5173] mkdir("./file0", 0777 [pid 5008] <... openat resumed>) = 3 [pid 5173] <... mkdir resumed>) = 0 [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5173] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 102.175312][ T5172] REISERFS (device loop2): using ordered data mode [pid 5008] close(3) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... umount2 resumed>) = 0 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5178 ./strace-static-x86_64: Process 5178 attached [pid 5003] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5178] chdir("./13" [pid 5003] lstat("./12/file0", [pid 5178] <... chdir resumed>) = 0 [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] <... prctl resumed>) = 0 [pid 5178] setpgid(0, 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] <... setpgid resumed>) = 0 [pid 5003] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5003] <... openat resumed>) = 4 [pid 5003] fstat(4, [pid 5178] <... openat resumed>) = 3 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5178] write(3, "1000", 4 [pid 5003] getdents64(4, [pid 5178] <... write resumed>) = 4 [pid 5003] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5178] close(3 [pid 5003] getdents64(4, [pid 5178] <... close resumed>) = 0 [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5178] symlink("/dev/binderfs", "./binderfs" [pid 5003] close(4 [pid 5178] <... symlink resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5178] memfd_create("syzkaller", 0 [pid 5003] rmdir("./12/file0") = 0 [pid 5178] <... memfd_create resumed>) = 3 [pid 5003] getdents64(3, [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5003] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [ 102.214134][ T5173] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.238857][ T5173] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 102.257388][ T5172] reiserfs: using flush barriers [ 102.258396][ T5173] REISERFS (device loop1): using ordered data mode [pid 5003] close(3) = 0 [pid 5003] rmdir("./12") = 0 [pid 5003] mkdir("./13", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5178] <... mmap resumed>) = 0x7f091d53c000 [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5179 ./strace-static-x86_64: Process 5179 attached [pid 5179] chdir("./13") = 0 [pid 5179] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 102.274236][ T5172] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.291495][ T5172] REISERFS (device loop2): checking transaction log (loop2) [pid 5179] setpgid(0, 0) = 0 [pid 5179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5179] write(3, "1000", 4) = 4 [ 102.328640][ T5173] reiserfs: using flush barriers [pid 5179] close(3) = 0 [pid 5179] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5179] memfd_create("syzkaller", 0) = 3 [pid 5179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 102.352516][ T5173] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.387712][ T5173] REISERFS (device loop1): checking transaction log (loop1) [ 102.395852][ T5172] REISERFS (device loop2): Using r5 hash to sort names [pid 5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5172] <... mount resumed>) = 0 [pid 5172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5172] chdir("./file0") = 0 [pid 5172] ioctl(4, LOOP_CLR_FD) = 0 [ 102.404419][ T5172] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5172] close(4) = 0 [pid 5172] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5172] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5174] <... write resumed>) = 4194304 [pid 5172] <... mmap resumed>) = 0x20000000 [pid 5172] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5174] munmap(0x7f091d53c000, 4194304 [pid 5172] exit_group(0) = ? [pid 5172] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5174] <... munmap resumed>) = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5005] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5174] ioctl(4, LOOP_SET_FD, 3 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./13/binderfs", [pid 5179] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./13/binderfs") = 0 [pid 5005] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5174] <... ioctl resumed>) = 0 [pid 5174] close(3) = 0 [pid 5174] mkdir("./file0", 0777) = 0 [ 102.508550][ T5174] loop3: detected capacity change from 0 to 8192 [ 102.560700][ T5174] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.596856][ T5173] REISERFS (device loop1): Using r5 hash to sort names [pid 5174] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5173] <... mount resumed>) = 0 [pid 5176] <... write resumed>) = 4194304 [pid 5173] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5173] chdir("./file0") = 0 [pid 5173] ioctl(4, LOOP_CLR_FD) = 0 [pid 5173] close(4) = 0 [pid 5176] munmap(0x7f091d53c000, 4194304) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5173] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5176] <... openat resumed>) = 4 [pid 5173] <... openat resumed>) = 4 [pid 5173] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5176] ioctl(4, LOOP_SET_FD, 3 [pid 5173] <... mmap resumed>) = 0x20000000 [ 102.617372][ T5173] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 102.619243][ T5174] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5173] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5173] exit_group(0) = ? [pid 5173] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5173, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=26 /* 0.26 s */} --- [pid 5004] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./13/binderfs") = 0 [pid 5004] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5176] <... ioctl resumed>) = 0 [pid 5176] close(3) = 0 [pid 5176] mkdir("./file0", 0777) = 0 [pid 5176] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5178] <... write resumed>) = 4194304 [ 102.680575][ T5176] loop4: detected capacity change from 0 to 8192 [pid 5178] munmap(0x7f091d53c000, 4194304) = 0 [pid 5005] <... umount2 resumed>) = 0 [ 102.732122][ T5174] REISERFS (device loop3): using ordered data mode [ 102.741825][ T5176] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.755133][ T5176] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 102.764457][ T5176] REISERFS (device loop4): using ordered data mode [ 102.771004][ T5176] reiserfs: using flush barriers [pid 5178] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5005] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] <... openat resumed>) = 4 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] ioctl(4, LOOP_SET_FD, 3 [pid 5005] lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5179] <... write resumed>) = 4194304 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5179] munmap(0x7f091d53c000, 4194304 [pid 5005] <... openat resumed>) = 4 [pid 5179] <... munmap resumed>) = 0 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./13/file0") = 0 [pid 5179] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5178] <... ioctl resumed>) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./13") = 0 [pid 5005] mkdir("./14", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5179] <... openat resumed>) = 4 [pid 5178] close(3 [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5179] ioctl(4, LOOP_SET_FD, 3 [pid 5178] <... close resumed>) = 0 [ 102.778478][ T5174] reiserfs: using flush barriers [ 102.783609][ T5178] loop5: detected capacity change from 0 to 8192 [ 102.783955][ T5176] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.801157][ T5174] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.807242][ T5176] REISERFS (device loop4): checking transaction log (loop4) [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] close(3 [pid 5179] <... ioctl resumed>) = 0 [pid 5178] mkdir("./file0", 0777 [pid 5005] <... close resumed>) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5179] close(3 [pid 5178] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5182 attached [pid 5179] <... close resumed>) = 0 [pid 5178] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5182 [pid 5182] chdir("./14" [pid 5179] mkdir("./file0", 0777 [pid 5182] <... chdir resumed>) = 0 [pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5179] <... mkdir resumed>) = 0 [pid 5182] <... prctl resumed>) = 0 [pid 5179] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5182] setpgid(0, 0) = 0 [pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5182] write(3, "1000", 4) = 4 [pid 5182] close(3) = 0 [pid 5182] symlink("/dev/binderfs", "./binderfs") = 0 [ 102.855970][ T5179] loop0: detected capacity change from 0 to 8192 [ 102.869662][ T5174] REISERFS (device loop3): checking transaction log (loop3) [pid 5182] memfd_create("syzkaller", 0) = 3 [pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 102.911500][ T5178] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.933520][ T5179] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.953186][ T5178] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [pid 5004] <... umount2 resumed>) = 0 [pid 5004] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 102.985570][ T5174] REISERFS (device loop3): Using r5 hash to sort names [ 102.992785][ T5174] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 103.008235][ T5179] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.017871][ T5179] REISERFS (device loop0): using ordered data mode [ 103.024909][ T5179] reiserfs: using flush barriers [pid 5004] lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5174] <... mount resumed>) = 0 [pid 5004] getdents64(4, [pid 5174] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5174] <... openat resumed>) = 3 [pid 5174] chdir("./file0" [pid 5004] getdents64(4, [pid 5174] <... chdir resumed>) = 0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4 [pid 5174] ioctl(4, LOOP_CLR_FD [pid 5004] <... close resumed>) = 0 [pid 5174] <... ioctl resumed>) = 0 [pid 5004] rmdir("./13/file0" [ 103.031507][ T5179] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.034787][ T5178] REISERFS (device loop5): using ordered data mode [ 103.049105][ T5179] REISERFS (device loop0): checking transaction log (loop0) [pid 5174] close(4) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5174] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5004] getdents64(3, [pid 5174] <... openat resumed>) = 4 [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5174] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5004] close(3 [pid 5174] <... mmap resumed>) = 0x20000000 [pid 5004] <... close resumed>) = 0 [pid 5174] ioctl(4, FS_IOC_GETVERSION [pid 5004] rmdir("./13" [pid 5174] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5174] exit_group(0 [pid 5004] <... rmdir resumed>) = 0 [pid 5174] <... exit_group resumed>) = ? [pid 5004] mkdir("./14", 0777 [pid 5174] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5004] <... mkdir resumed>) = 0 [pid 5006] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... openat resumed>) = 3 [pid 5006] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5006] <... openat resumed>) = 3 [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5006] fstat(3, [pid 5004] close(3 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... close resumed>) = 0 [pid 5006] getdents64(3, [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5185 [pid 5006] unlink("./13/binderfs") = 0 ./strace-static-x86_64: Process 5185 attached [pid 5006] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] chdir("./14") = 0 [pid 5185] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5185] setpgid(0, 0) = 0 [pid 5185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 103.175154][ T5178] reiserfs: using flush barriers [pid 5185] write(3, "1000", 4) = 4 [pid 5185] close(3) = 0 [pid 5185] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5185] memfd_create("syzkaller", 0) = 3 [pid 5185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 103.225530][ T5178] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.250182][ T5176] REISERFS (device loop4): Using r5 hash to sort names [ 103.259487][ T5179] REISERFS (device loop0): Using r5 hash to sort names [ 103.267370][ T5178] REISERFS (device loop5): checking transaction log (loop5) [pid 5182] <... write resumed>) = 4194304 [pid 5182] munmap(0x7f091d53c000, 4194304) = 0 [pid 5182] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5179] <... mount resumed>) = 0 [pid 5182] <... openat resumed>) = 4 [pid 5185] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5182] ioctl(4, LOOP_SET_FD, 3 [pid 5179] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5182] <... ioctl resumed>) = 0 [pid 5179] <... openat resumed>) = 3 [pid 5182] close(3 [pid 5179] chdir("./file0" [pid 5182] <... close resumed>) = 0 [pid 5179] <... chdir resumed>) = 0 [pid 5182] mkdir("./file0", 0777 [pid 5179] ioctl(4, LOOP_CLR_FD [pid 5182] <... mkdir resumed>) = 0 [pid 5179] <... ioctl resumed>) = 0 [pid 5182] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5179] close(4) = 0 [pid 5179] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 103.276110][ T5179] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 103.282055][ T5176] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 103.314149][ T5182] loop2: detected capacity change from 0 to 8192 [pid 5179] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5176] <... mount resumed>) = 0 [pid 5179] <... mmap resumed>) = 0x20000000 [pid 5179] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5179] exit_group(0) = ? [pid 5179] +++ exited with 0 +++ [pid 5176] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5179, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5176] chdir("./file0") = 0 [pid 5176] ioctl(4, LOOP_CLR_FD) = 0 [pid 5003] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5176] close(4) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5176] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5003] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5176] <... openat resumed>) = 4 [pid 5003] <... openat resumed>) = 3 [pid 5176] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5176] <... mmap resumed>) = 0x20000000 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [ 103.354842][ T5182] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.394374][ T5182] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5176] ioctl(4, FS_IOC_GETVERSION [pid 5003] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5176] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5176] exit_group(0) = ? [pid 5176] +++ exited with 0 +++ [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] unlink("./13/binderfs" [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] <... unlink resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5003] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... umount2 resumed>) = 0 [pid 5007] getdents64(3, [pid 5006] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] lstat("./13/file0", [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] lstat("./13/binderfs", [pid 5006] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] unlink("./13/binderfs" [pid 5006] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] <... unlink resumed>) = 0 [pid 5006] <... openat resumed>) = 4 [pid 5007] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5185] <... write resumed>) = 4194304 [ 103.403793][ T5182] REISERFS (device loop2): using ordered data mode [ 103.411581][ T5182] reiserfs: using flush barriers [ 103.418684][ T5182] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5006] getdents64(4, [pid 5185] munmap(0x7f091d53c000, 4194304 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5185] <... munmap resumed>) = 0 [pid 5185] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5006] close(4 [pid 5185] <... openat resumed>) = 4 [pid 5006] <... close resumed>) = 0 [pid 5006] rmdir("./13/file0") = 0 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3) = 0 [pid 5185] ioctl(4, LOOP_SET_FD, 3 [ 103.479754][ T5182] REISERFS (device loop2): checking transaction log (loop2) [pid 5006] rmdir("./13") = 0 [pid 5006] mkdir("./14", 0777) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5187 ./strace-static-x86_64: Process 5187 attached [pid 5187] chdir("./14") = 0 [pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5187] setpgid(0, 0) = 0 [pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5187] write(3, "1000", 4) = 4 [pid 5187] close(3) = 0 [pid 5187] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5187] memfd_create("syzkaller", 0 [pid 5185] <... ioctl resumed>) = 0 [pid 5187] <... memfd_create resumed>) = 3 [pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5185] close(3) = 0 [pid 5187] <... mmap resumed>) = 0x7f091d53c000 [pid 5185] mkdir("./file0", 0777 [pid 5007] <... umount2 resumed>) = 0 [pid 5007] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] <... mkdir resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5185] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5007] lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5007] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [ 103.528355][ T5185] loop1: detected capacity change from 0 to 8192 [pid 5007] close(4) = 0 [pid 5007] rmdir("./13/file0") = 0 [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./13") = 0 [pid 5007] mkdir("./14", 0777) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 103.583949][ T5185] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5187] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] <... openat resumed>) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5189 [pid 5187] <... write resumed>) = 4194304 ./strace-static-x86_64: Process 5189 attached [pid 5187] munmap(0x7f091d53c000, 4194304 [pid 5189] chdir("./14") = 0 [pid 5187] <... munmap resumed>) = 0 [pid 5189] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5187] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5189] <... prctl resumed>) = 0 [pid 5187] <... openat resumed>) = 4 [pid 5189] setpgid(0, 0 [pid 5187] ioctl(4, LOOP_SET_FD, 3 [pid 5189] <... setpgid resumed>) = 0 [pid 5189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5187] <... ioctl resumed>) = 0 [pid 5189] <... openat resumed>) = 3 [pid 5189] write(3, "1000", 4 [pid 5187] close(3 [pid 5189] <... write resumed>) = 4 [pid 5187] <... close resumed>) = 0 [pid 5189] close(3 [ 103.694432][ T5185] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 103.717336][ T5185] REISERFS (device loop1): using ordered data mode [ 103.725678][ T5187] loop3: detected capacity change from 0 to 8192 [pid 5187] mkdir("./file0", 0777 [pid 5189] <... close resumed>) = 0 [pid 5187] <... mkdir resumed>) = 0 [pid 5003] <... umount2 resumed>) = 0 [pid 5189] symlink("/dev/binderfs", "./binderfs" [pid 5187] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5003] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5189] <... symlink resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5189] memfd_create("syzkaller", 0 [pid 5003] lstat("./13/file0", [pid 5189] <... memfd_create resumed>) = 3 [pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5189] <... mmap resumed>) = 0x7f091d53c000 [pid 5003] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [ 103.751720][ T5185] reiserfs: using flush barriers [ 103.758720][ T5185] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.776501][ T5182] REISERFS (device loop2): Using r5 hash to sort names [ 103.787636][ T5182] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5003] close(4) = 0 [pid 5182] <... mount resumed>) = 0 [pid 5182] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5182] chdir("./file0" [pid 5003] rmdir("./13/file0" [pid 5182] <... chdir resumed>) = 0 [pid 5003] <... rmdir resumed>) = 0 [pid 5003] getdents64(3, [pid 5182] ioctl(4, LOOP_CLR_FD [pid 5003] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5182] <... ioctl resumed>) = 0 [pid 5003] close(3 [pid 5189] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5182] close(4 [pid 5003] <... close resumed>) = 0 [pid 5182] <... close resumed>) = 0 [pid 5178] <... mount resumed>) = 0 [pid 5182] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5003] rmdir("./13" [pid 5182] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5003] <... rmdir resumed>) = 0 [pid 5003] mkdir("./14", 0777 [pid 5182] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5003] <... mkdir resumed>) = 0 [pid 5182] exit_group(0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5182] <... exit_group resumed>) = ? [pid 5178] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5182] +++ exited with 0 +++ [pid 5178] <... openat resumed>) = 3 [pid 5003] <... openat resumed>) = 3 [pid 5178] chdir("./file0" [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5178] <... chdir resumed>) = 0 [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5178] ioctl(4, LOOP_CLR_FD [pid 5005] restart_syscall(<... resuming interrupted clone ...> [pid 5003] close(3 [pid 5178] <... ioctl resumed>) = 0 [pid 5005] <... restart_syscall resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5178] close(4 [pid 5005] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 103.828820][ T5187] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.842970][ T5178] REISERFS (device loop5): Using r5 hash to sort names [ 103.849058][ T5185] REISERFS (device loop1): checking transaction log (loop1) [ 103.850405][ T5178] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 103.857468][ T5187] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5005] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5178] <... close resumed>) = 0 [pid 5005] <... openat resumed>) = 3 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5178] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5005] fstat(3, [pid 5178] <... openat resumed>) = 4 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5178] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5005] getdents64(3, [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5191 [pid 5178] <... mmap resumed>) = 0x20000000 [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5178] ioctl(4, FS_IOC_GETVERSION [pid 5005] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5191 attached [pid 5178] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5191] chdir("./14" [pid 5178] exit_group(0 [pid 5005] lstat("./14/binderfs", [pid 5191] <... chdir resumed>) = 0 [pid 5178] <... exit_group resumed>) = ? [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5191] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] unlink("./14/binderfs" [pid 5191] <... prctl resumed>) = 0 [pid 5178] +++ exited with 0 +++ [pid 5005] <... unlink resumed>) = 0 [pid 5191] setpgid(0, 0 [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=25 /* 0.25 s */} --- [pid 5005] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5191] <... setpgid resumed>) = 0 [pid 5191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5191] write(3, "1000", 4) = 4 [pid 5191] close(3 [pid 5008] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5191] <... close resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5191] symlink("/dev/binderfs", "./binderfs" [pid 5008] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5191] <... symlink resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5191] memfd_create("syzkaller", 0 [pid 5008] fstat(3, [pid 5191] <... memfd_create resumed>) = 3 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5008] getdents64(3, [pid 5191] <... mmap resumed>) = 0x7f091d53c000 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./13/binderfs") = 0 [ 103.932354][ T5187] REISERFS (device loop3): using ordered data mode [ 103.970170][ T5187] reiserfs: using flush barriers [ 103.996809][ T5187] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5008] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5191] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5189] <... write resumed>) = 4194304 [pid 5189] munmap(0x7f091d53c000, 4194304) = 0 [pid 5189] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5189] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5189] close(3) = 0 [pid 5189] mkdir("./file0", 0777) = 0 [ 104.107184][ T5187] REISERFS (device loop3): checking transaction log (loop3) [ 104.117883][ T5189] loop4: detected capacity change from 0 to 8192 [pid 5189] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [ 104.178752][ T5189] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5191] <... write resumed>) = 4194304 [pid 5191] munmap(0x7f091d53c000, 4194304 [pid 5008] getdents64(4, [pid 5191] <... munmap resumed>) = 0 [pid 5008] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5191] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5008] close(4 [pid 5191] <... openat resumed>) = 4 [pid 5008] <... close resumed>) = 0 [ 104.232900][ T5189] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 104.242726][ T5189] REISERFS (device loop4): using ordered data mode [ 104.252321][ T5189] reiserfs: using flush barriers [ 104.259045][ T5189] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.269054][ T5185] REISERFS (device loop1): Using r5 hash to sort names [pid 5005] <... umount2 resumed>) = 0 [pid 5191] ioctl(4, LOOP_SET_FD, 3 [pid 5008] rmdir("./13/file0" [pid 5005] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... rmdir resumed>) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5191] <... ioctl resumed>) = 0 [pid 5008] getdents64(3, [pid 5005] lstat("./14/file0", [pid 5008] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] close(3 [pid 5005] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... close resumed>) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] rmdir("./13" [pid 5005] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5191] close(3 [pid 5185] <... mount resumed>) = 0 [pid 5008] <... rmdir resumed>) = 0 [pid 5005] <... openat resumed>) = 4 [pid 5191] <... close resumed>) = 0 [pid 5185] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5008] mkdir("./14", 0777 [pid 5005] fstat(4, [pid 5191] mkdir("./file0", 0777 [pid 5185] <... openat resumed>) = 3 [pid 5008] <... mkdir resumed>) = 0 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5191] <... mkdir resumed>) = 0 [pid 5185] chdir("./file0" [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5005] getdents64(4, [pid 5191] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5185] <... chdir resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5185] ioctl(4, LOOP_CLR_FD [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5005] getdents64(4, [pid 5185] <... ioctl resumed>) = 0 [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [ 104.277908][ T5189] REISERFS (device loop4): checking transaction log (loop4) [ 104.290732][ T5191] loop0: detected capacity change from 0 to 8192 [ 104.297557][ T5185] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5185] close(4 [pid 5008] close(3 [pid 5005] close(4 [pid 5185] <... close resumed>) = 0 [pid 5008] <... close resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5185] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] rmdir("./14/file0" [pid 5185] <... openat resumed>) = 4 [pid 5005] <... rmdir resumed>) = 0 [pid 5185] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5194 [ 104.344404][ T5191] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.357542][ T5191] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.370596][ T5191] REISERFS (device loop0): using ordered data mode [ 104.377462][ T5191] reiserfs: using flush barriers [ 104.382483][ T5187] REISERFS (device loop3): Using r5 hash to sort names [pid 5005] getdents64(3, ./strace-static-x86_64: Process 5194 attached [pid 5187] <... mount resumed>) = 0 [pid 5185] <... mmap resumed>) = 0x20000000 [pid 5194] chdir("./14" [pid 5187] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5194] <... chdir resumed>) = 0 [pid 5187] <... openat resumed>) = 3 [pid 5194] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5187] chdir("./file0" [pid 5194] <... prctl resumed>) = 0 [pid 5187] <... chdir resumed>) = 0 [pid 5194] setpgid(0, 0 [pid 5187] ioctl(4, LOOP_CLR_FD [pid 5194] <... setpgid resumed>) = 0 [pid 5187] <... ioctl resumed>) = 0 [pid 5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5187] close(4 [pid 5185] ioctl(4, FS_IOC_GETVERSION [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5194] <... openat resumed>) = 3 [pid 5187] <... close resumed>) = 0 [pid 5194] write(3, "1000", 4 [pid 5187] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5194] <... write resumed>) = 4 [pid 5187] <... openat resumed>) = 4 [pid 5194] close(3 [pid 5187] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5194] <... close resumed>) = 0 [pid 5187] <... mmap resumed>) = 0x20000000 [pid 5194] symlink("/dev/binderfs", "./binderfs" [pid 5187] ioctl(4, FS_IOC_GETVERSION [pid 5194] <... symlink resumed>) = 0 [pid 5187] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5194] memfd_create("syzkaller", 0 [pid 5187] exit_group(0 [pid 5194] <... memfd_create resumed>) = 3 [pid 5187] <... exit_group resumed>) = ? [pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5187] +++ exited with 0 +++ [pid 5194] <... mmap resumed>) = 0x7f091d53c000 [pid 5185] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5005] close(3 [pid 5185] exit_group(0 [pid 5005] <... close resumed>) = 0 [pid 5005] rmdir("./14" [pid 5185] <... exit_group resumed>) = ? [pid 5006] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... rmdir resumed>) = 0 [pid 5185] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5185, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] restart_syscall(<... resuming interrupted clone ...> [ 104.391013][ T5191] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 104.391019][ T5187] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5006] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... restart_syscall resumed>) = 0 [pid 5006] <... openat resumed>) = 3 [pid 5006] fstat(3, [pid 5004] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] mkdir("./15", 0777) = 0 [pid 5006] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./14/binderfs") = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5006] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... openat resumed>) = 3 [pid 5004] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5004] <... openat resumed>) = 3 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] close(3 [pid 5004] fstat(3, [pid 5005] <... close resumed>) = 0 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] getdents64(3, [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5195 [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./14/binderfs") = 0 [pid 5004] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5195 attached [ 104.464669][ T5191] REISERFS (device loop0): checking transaction log (loop0) [pid 5195] chdir("./15") = 0 [pid 5194] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5195] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5195] setpgid(0, 0) = 0 [pid 5195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5195] write(3, "1000", 4) = 4 [pid 5195] close(3) = 0 [pid 5195] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5195] memfd_create("syzkaller", 0) = 3 [pid 5006] <... umount2 resumed>) = 0 [pid 5006] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, [pid 5195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] close(4) = 0 [pid 5195] <... mmap resumed>) = 0x7f091d53c000 [pid 5006] rmdir("./14/file0") = 0 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3) = 0 [pid 5006] rmdir("./14") = 0 [pid 5006] mkdir("./15", 0777) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5196 ./strace-static-x86_64: Process 5196 attached [pid 5196] chdir("./15") = 0 [pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5196] setpgid(0, 0) = 0 [ 104.666993][ T5191] REISERFS (device loop0): Using r5 hash to sort names [pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5195] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5191] <... mount resumed>) = 0 [pid 5196] write(3, "1000", 4) = 4 [pid 5196] close(3) = 0 [pid 5196] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5196] memfd_create("syzkaller", 0) = 3 [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5194] <... write resumed>) = 4194304 [ 104.714268][ T5191] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5194] munmap(0x7f091d53c000, 4194304 [pid 5191] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5191] chdir("./file0") = 0 [pid 5191] ioctl(4, LOOP_CLR_FD [pid 5194] <... munmap resumed>) = 0 [pid 5191] <... ioctl resumed>) = 0 [pid 5191] close(4) = 0 [pid 5194] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5191] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5194] <... openat resumed>) = 4 [pid 5191] <... openat resumed>) = 4 [pid 5194] ioctl(4, LOOP_SET_FD, 3 [pid 5191] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5191] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5191] exit_group(0) = ? [pid 5191] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5191, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=17 /* 0.17 s */} --- [pid 5003] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./14/binderfs" [pid 5194] <... ioctl resumed>) = 0 [pid 5194] close(3 [pid 5003] <... unlink resumed>) = 0 [pid 5003] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5194] <... close resumed>) = 0 [pid 5194] mkdir("./file0", 0777) = 0 [pid 5194] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [ 104.781381][ T5194] loop5: detected capacity change from 0 to 8192 [ 104.817757][ T5194] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.842410][ T5189] REISERFS (device loop4): Using r5 hash to sort names [pid 5196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5004] <... umount2 resumed>) = 0 [pid 5004] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 104.894303][ T5194] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 104.904580][ T5194] REISERFS (device loop5): using ordered data mode [ 104.911902][ T5189] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 104.912054][ T5194] reiserfs: using flush barriers [pid 5195] <... write resumed>) = 4194304 [pid 5195] munmap(0x7f091d53c000, 4194304 [pid 5189] <... mount resumed>) = 0 [pid 5004] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] <... munmap resumed>) = 0 [pid 5195] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5195] <... openat resumed>) = 4 [pid 5189] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5195] ioctl(4, LOOP_SET_FD, 3 [pid 5004] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5189] chdir("./file0") = 0 [pid 5189] ioctl(4, LOOP_CLR_FD) = 0 [pid 5189] close(4) = 0 [pid 5189] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5004] fstat(4, [pid 5189] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5189] <... mmap resumed>) = 0x20000000 [pid 5189] ioctl(4, FS_IOC_GETVERSION [pid 5004] getdents64(4, [pid 5189] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5189] exit_group(0) = ? [pid 5189] +++ exited with 0 +++ [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5189, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=22 /* 0.22 s */} --- [pid 5195] <... ioctl resumed>) = 0 [pid 5195] close(3) = 0 [pid 5195] mkdir("./file0", 0777 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] <... mkdir resumed>) = 0 [pid 5195] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5004] close(4 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... close resumed>) = 0 [pid 5007] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] rmdir("./14/file0" [pid 5007] <... openat resumed>) = 3 [pid 5004] <... rmdir resumed>) = 0 [pid 5007] fstat(3, [pid 5004] getdents64(3, [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [ 104.931981][ T5194] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.960429][ T5195] loop2: detected capacity change from 0 to 8192 [pid 5004] close(3 [pid 5007] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... close resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] rmdir("./14") = 0 [pid 5007] lstat("./14/binderfs", [pid 5004] mkdir("./15", 0777 [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] <... mkdir resumed>) = 0 [pid 5007] unlink("./14/binderfs" [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5007] <... unlink resumed>) = 0 [pid 5004] <... openat resumed>) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5007] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] close(3 [pid 5196] <... write resumed>) = 4194304 [pid 5004] <... close resumed>) = 0 [pid 5196] munmap(0x7f091d53c000, 4194304 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5199 [pid 5196] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5199 attached [ 105.009384][ T5194] REISERFS (device loop5): checking transaction log (loop5) [ 105.034234][ T5195] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5199] chdir("./15" [pid 5003] <... umount2 resumed>) = 0 [pid 5199] <... chdir resumed>) = 0 [pid 5196] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5199] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5196] <... openat resumed>) = 4 [pid 5199] <... prctl resumed>) = 0 [pid 5199] setpgid(0, 0 [pid 5196] ioctl(4, LOOP_SET_FD, 3 [pid 5199] <... setpgid resumed>) = 0 [pid 5003] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5199] write(3, "1000", 4) = 4 [pid 5199] close(3) = 0 [pid 5199] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5199] memfd_create("syzkaller", 0) = 3 [pid 5199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5003] lstat("./14/file0", [pid 5199] <... mmap resumed>) = 0x7f091d53c000 [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 105.082775][ T5195] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 105.089838][ T5196] loop3: detected capacity change from 0 to 8192 [ 105.092862][ T5195] REISERFS (device loop2): using ordered data mode [ 105.106033][ T5195] reiserfs: using flush barriers [ 105.115822][ T5195] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5003] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, [pid 5196] <... ioctl resumed>) = 0 [pid 5196] close(3 [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5196] <... close resumed>) = 0 [pid 5196] mkdir("./file0", 0777 [pid 5003] close(4 [pid 5196] <... mkdir resumed>) = 0 [pid 5196] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5003] <... close resumed>) = 0 [ 105.135815][ T5195] REISERFS (device loop2): checking transaction log (loop2) [pid 5003] rmdir("./14/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./14") = 0 [pid 5003] mkdir("./15", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 105.204803][ T5196] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5201 ./strace-static-x86_64: Process 5201 attached [pid 5201] chdir("./15" [pid 5199] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5201] <... chdir resumed>) = 0 [pid 5201] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5201] setpgid(0, 0) = 0 [ 105.253060][ T5196] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 105.286776][ T5194] REISERFS (device loop5): Using r5 hash to sort names [ 105.294502][ T5194] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5201] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5194] <... mount resumed>) = 0 [pid 5201] write(3, "1000", 4) = 4 [pid 5201] close(3) = 0 [pid 5201] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5194] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5201] memfd_create("syzkaller", 0 [pid 5194] <... openat resumed>) = 3 [pid 5201] <... memfd_create resumed>) = 3 [pid 5194] chdir("./file0" [pid 5201] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5194] <... chdir resumed>) = 0 [pid 5201] <... mmap resumed>) = 0x7f091d53c000 [ 105.304890][ T5196] REISERFS (device loop3): using ordered data mode [ 105.311521][ T5196] reiserfs: using flush barriers [ 105.312098][ T5195] REISERFS (device loop2): Using r5 hash to sort names [ 105.324330][ T5196] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5194] ioctl(4, LOOP_CLR_FD) = 0 [pid 5194] close(4 [pid 5007] <... umount2 resumed>) = 0 [pid 5194] <... close resumed>) = 0 [pid 5007] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5194] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5194] <... openat resumed>) = 4 [pid 5007] lstat("./14/file0", [pid 5194] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5194] <... mmap resumed>) = 0x20000000 [pid 5194] ioctl(4, FS_IOC_GETVERSION [pid 5007] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5194] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5194] exit_group(0 [pid 5007] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5201] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5194] <... exit_group resumed>) = ? [pid 5007] <... openat resumed>) = 4 [pid 5194] +++ exited with 0 +++ [pid 5007] fstat(4, [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [ 105.354601][ T5196] REISERFS (device loop3): checking transaction log (loop3) [ 105.386624][ T5195] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4 [pid 5008] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... close resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] rmdir("./14/file0" [pid 5008] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5007] <... rmdir resumed>) = 0 [pid 5008] fstat(3, [pid 5007] getdents64(3, [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] getdents64(3, [pid 5007] close(3 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] <... close resumed>) = 0 [pid 5008] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] rmdir("./14" [pid 5195] <... mount resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5195] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5008] lstat("./14/binderfs", [pid 5007] <... rmdir resumed>) = 0 [pid 5195] <... openat resumed>) = 3 [pid 5008] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] mkdir("./15", 0777 [pid 5195] chdir("./file0" [pid 5008] unlink("./14/binderfs" [pid 5195] <... chdir resumed>) = 0 [pid 5008] <... unlink resumed>) = 0 [pid 5007] <... mkdir resumed>) = 0 [pid 5195] ioctl(4, LOOP_CLR_FD [pid 5008] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5195] <... ioctl resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5195] close(4 [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5195] <... close resumed>) = 0 [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5195] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5007] close(3 [pid 5195] <... openat resumed>) = 4 [pid 5007] <... close resumed>) = 0 [pid 5195] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5195] <... mmap resumed>) = 0x20000000 [pid 5195] ioctl(4, FS_IOC_GETVERSION [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5202 [pid 5195] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5195] exit_group(0./strace-static-x86_64: Process 5202 attached ) = ? [pid 5202] chdir("./15" [pid 5195] +++ exited with 0 +++ [pid 5202] <... chdir resumed>) = 0 [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5195, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5202] setpgid(0, 0) = 0 [pid 5202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5005] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5202] write(3, "1000", 4 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5202] <... write resumed>) = 4 [pid 5005] lstat("./15/binderfs", [pid 5202] close(3 [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5202] <... close resumed>) = 0 [pid 5005] unlink("./15/binderfs" [pid 5202] symlink("/dev/binderfs", "./binderfs" [pid 5005] <... unlink resumed>) = 0 [pid 5202] <... symlink resumed>) = 0 [pid 5005] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5202] memfd_create("syzkaller", 0) = 3 [pid 5202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5199] <... write resumed>) = 4194304 [ 105.531428][ T5196] REISERFS (device loop3): Using r5 hash to sort names [ 105.559833][ T5196] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5199] munmap(0x7f091d53c000, 4194304) = 0 [pid 5199] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5199] ioctl(4, LOOP_SET_FD, 3 [pid 5201] <... write resumed>) = 4194304 [pid 5201] munmap(0x7f091d53c000, 4194304 [pid 5199] <... ioctl resumed>) = 0 [pid 5196] <... mount resumed>) = 0 [pid 5005] <... umount2 resumed>) = 0 [pid 5199] close(3) = 0 [pid 5005] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5199] mkdir("./file0", 0777 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5199] <... mkdir resumed>) = 0 [pid 5005] lstat("./15/file0", [pid 5199] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5196] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5005] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5201] <... munmap resumed>) = 0 [pid 5196] <... openat resumed>) = 3 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5201] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5196] chdir("./file0" [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./15/file0") = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3 [pid 5201] <... openat resumed>) = 4 [pid 5196] <... chdir resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5201] ioctl(4, LOOP_SET_FD, 3 [pid 5196] ioctl(4, LOOP_CLR_FD [pid 5005] rmdir("./15") = 0 [pid 5005] mkdir("./16", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5196] <... ioctl resumed>) = 0 [ 105.617139][ T5199] loop1: detected capacity change from 0 to 8192 [ 105.657133][ T5201] loop0: detected capacity change from 0 to 8192 [pid 5196] close(4 [pid 5202] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5201] <... ioctl resumed>) = 0 [pid 5196] <... close resumed>) = 0 [pid 5201] close(3 [pid 5196] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5005] <... openat resumed>) = 3 [pid 5201] <... close resumed>) = 0 [pid 5196] <... openat resumed>) = 4 [pid 5201] mkdir("./file0", 0777 [pid 5196] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5201] <... mkdir resumed>) = 0 [pid 5196] <... mmap resumed>) = 0x20000000 [ 105.665334][ T5199] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5201] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5196] ioctl(4, FS_IOC_GETVERSION [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5196] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5005] close(3 [pid 5196] exit_group(0) = ? [ 105.724014][ T5199] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 105.733284][ T5199] REISERFS (device loop1): using ordered data mode [ 105.734719][ T5201] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.740491][ T5199] reiserfs: using flush barriers [pid 5196] +++ exited with 0 +++ [pid 5005] <... close resumed>) = 0 [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5196, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5205 [pid 5006] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, ./strace-static-x86_64: Process 5205 attached 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./15/binderfs", [pid 5205] chdir("./16" [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./15/binderfs") = 0 [pid 5006] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5205] <... chdir resumed>) = 0 [pid 5205] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5205] setpgid(0, 0) = 0 [pid 5205] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5205] write(3, "1000", 4) = 4 [pid 5205] close(3) = 0 [pid 5205] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5205] memfd_create("syzkaller", 0) = 3 [pid 5205] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 105.762751][ T5199] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [ 105.835261][ T5199] REISERFS (device loop1): checking transaction log (loop1) [pid 5008] rmdir("./14/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./14") = 0 [pid 5008] mkdir("./15", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 105.887405][ T5201] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5008] close(3) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5206 ./strace-static-x86_64: Process 5206 attached [pid 5205] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5206] chdir("./15") = 0 [pid 5206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5206] setpgid(0, 0) = 0 [pid 5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5206] write(3, "1000", 4) = 4 [pid 5206] close(3) = 0 [pid 5206] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5202] <... write resumed>) = 4194304 [pid 5206] memfd_create("syzkaller", 0) = 3 [pid 5202] munmap(0x7f091d53c000, 4194304 [pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5202] <... munmap resumed>) = 0 [pid 5202] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 105.967698][ T5201] REISERFS (device loop0): using ordered data mode [ 105.998527][ T5201] reiserfs: using flush barriers [pid 5202] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5202] close(3) = 0 [pid 5202] mkdir("./file0", 0777) = 0 [ 106.021185][ T5202] loop4: detected capacity change from 0 to 8192 [ 106.037989][ T5199] REISERFS (device loop1): Using r5 hash to sort names [ 106.045463][ T5201] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5202] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5199] <... mount resumed>) = 0 [ 106.076271][ T5199] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 106.087150][ T5202] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 106.124103][ T5202] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 106.125001][ T5201] REISERFS (device loop0): checking transaction log (loop0) [ 106.133518][ T5202] REISERFS (device loop4): using ordered data mode [ 106.147643][ T5202] reiserfs: using flush barriers [ 106.154292][ T5202] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5199] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5199] chdir("./file0") = 0 [pid 5199] ioctl(4, LOOP_CLR_FD) = 0 [pid 5199] close(4) = 0 [pid 5199] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5199] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5199] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5199] exit_group(0) = ? [pid 5199] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5199, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5004] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5205] <... write resumed>) = 4194304 [pid 5004] <... openat resumed>) = 3 [ 106.171488][ T5202] REISERFS (device loop4): checking transaction log (loop4) [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, [pid 5205] munmap(0x7f091d53c000, 4194304 [pid 5006] <... umount2 resumed>) = 0 [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] lstat("./15/file0", [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] lstat("./15/binderfs", [pid 5006] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] unlink("./15/binderfs" [pid 5006] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5004] <... unlink resumed>) = 0 [pid 5006] fstat(4, [pid 5004] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] close(4) = 0 [pid 5006] rmdir("./15/file0") = 0 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3) = 0 [pid 5006] rmdir("./15") = 0 [pid 5006] mkdir("./16", 0777) = 0 [pid 5205] <... munmap resumed>) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5205] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5006] <... openat resumed>) = 3 [pid 5205] <... openat resumed>) = 4 [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5205] ioctl(4, LOOP_SET_FD, 3 [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5006] close(3 [pid 5205] <... ioctl resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5205] close(3 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5205] <... close resumed>) = 0 [pid 5205] mkdir("./file0", 0777) = 0 [ 106.293636][ T5205] loop2: detected capacity change from 0 to 8192 [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5208 ./strace-static-x86_64: Process 5208 attached [pid 5205] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5208] chdir("./16") = 0 [pid 5208] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5202] <... mount resumed>) = 0 [pid 5208] setpgid(0, 0 [pid 5202] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5208] <... setpgid resumed>) = 0 [pid 5202] <... openat resumed>) = 3 [pid 5208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5202] chdir("./file0" [pid 5208] <... openat resumed>) = 3 [pid 5202] <... chdir resumed>) = 0 [pid 5208] write(3, "1000", 4 [pid 5202] ioctl(4, LOOP_CLR_FD [pid 5208] <... write resumed>) = 4 [pid 5202] <... ioctl resumed>) = 0 [pid 5208] close(3 [pid 5202] close(4 [pid 5208] <... close resumed>) = 0 [pid 5202] <... close resumed>) = 0 [ 106.334198][ T5202] REISERFS (device loop4): Using r5 hash to sort names [ 106.343090][ T5202] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 106.360326][ T5205] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5208] symlink("/dev/binderfs", "./binderfs" [pid 5202] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5208] <... symlink resumed>) = 0 [pid 5202] <... openat resumed>) = 4 [pid 5208] memfd_create("syzkaller", 0 [pid 5202] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5208] <... memfd_create resumed>) = 3 [pid 5202] <... mmap resumed>) = 0x20000000 [pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5202] ioctl(4, FS_IOC_GETVERSION [pid 5208] <... mmap resumed>) = 0x7f091d53c000 [pid 5202] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5202] exit_group(0) = ? [pid 5202] +++ exited with 0 +++ [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5202, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5007] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5007] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5007] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./15/binderfs") = 0 [ 106.397384][ T5205] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 106.444708][ T5201] REISERFS (device loop0): Using r5 hash to sort names [ 106.446340][ T5205] REISERFS (device loop2): using ordered data mode [ 106.454454][ T5201] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5007] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5007] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5206] <... write resumed>) = 4194304 [pid 5201] <... mount resumed>) = 0 [pid 5007] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5206] munmap(0x7f091d53c000, 4194304 [pid 5201] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5007] <... openat resumed>) = 4 [pid 5208] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] fstat(4, [pid 5206] <... munmap resumed>) = 0 [pid 5201] <... openat resumed>) = 3 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5206] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5201] chdir("./file0" [pid 5007] getdents64(4, [pid 5206] <... openat resumed>) = 4 [pid 5201] <... chdir resumed>) = 0 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5206] ioctl(4, LOOP_SET_FD, 3 [pid 5201] ioctl(4, LOOP_CLR_FD [ 106.526260][ T5205] reiserfs: using flush barriers [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4) = 0 [pid 5007] rmdir("./15/file0") = 0 [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3 [pid 5201] <... ioctl resumed>) = 0 [pid 5007] <... close resumed>) = 0 [pid 5206] <... ioctl resumed>) = 0 [pid 5201] close(4 [pid 5007] rmdir("./15" [pid 5201] <... close resumed>) = 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5007] mkdir("./16", 0777 [pid 5201] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5007] <... mkdir resumed>) = 0 [pid 5201] <... openat resumed>) = 4 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5206] close(3 [pid 5201] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5206] <... close resumed>) = 0 [pid 5201] <... mmap resumed>) = 0x20000000 [pid 5007] <... openat resumed>) = 3 [pid 5206] mkdir("./file0", 0777 [pid 5201] ioctl(4, FS_IOC_GETVERSION [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5206] <... mkdir resumed>) = 0 [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5206] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5201] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5007] close(3) = 0 [pid 5201] exit_group(0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5201] <... exit_group resumed>) = ? [pid 5201] +++ exited with 0 +++ [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5211 [pid 5004] <... umount2 resumed>) = 0 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5201, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=15 /* 0.15 s */} --- [ 106.549916][ T5206] loop5: detected capacity change from 0 to 8192 [ 106.567533][ T5205] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 ./strace-static-x86_64: Process 5211 attached [pid 5211] chdir("./16") = 0 [pid 5211] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5211] setpgid(0, 0) = 0 [pid 5211] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5211] write(3, "1000", 4) = 4 [pid 5211] close(3) = 0 [pid 5211] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5211] memfd_create("syzkaller", 0) = 3 [pid 5003] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5211] <... mmap resumed>) = 0x7f091d53c000 [pid 5003] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] lstat("./15/file0", [ 106.603729][ T5206] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5003] unlink("./15/binderfs" [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... unlink resumed>) = 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5004] rmdir("./15/file0") = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./15") = 0 [ 106.661299][ T5206] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 106.688701][ T5205] REISERFS (device loop2): checking transaction log (loop2) [pid 5004] mkdir("./16", 0777 [pid 5211] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5004] <... mkdir resumed>) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5212 ./strace-static-x86_64: Process 5212 attached [pid 5212] chdir("./16") = 0 [ 106.710443][ T5206] REISERFS (device loop5): using ordered data mode [ 106.717655][ T5206] reiserfs: using flush barriers [ 106.725232][ T5206] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5212] setpgid(0, 0) = 0 [pid 5212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5212] write(3, "1000", 4) = 4 [pid 5212] close(3) = 0 [pid 5212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5212] memfd_create("syzkaller", 0) = 3 [pid 5212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5208] <... write resumed>) = 4194304 [ 106.773175][ T5206] REISERFS (device loop5): checking transaction log (loop5) [pid 5208] munmap(0x7f091d53c000, 4194304 [pid 5211] <... write resumed>) = 4194304 [pid 5208] <... munmap resumed>) = 0 [pid 5208] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5208] ioctl(4, LOOP_SET_FD, 3 [pid 5211] munmap(0x7f091d53c000, 4194304 [pid 5208] <... ioctl resumed>) = 0 [pid 5208] close(3 [pid 5211] <... munmap resumed>) = 0 [pid 5211] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5211] ioctl(4, LOOP_SET_FD, 3 [pid 5208] <... close resumed>) = 0 [pid 5208] mkdir("./file0", 0777) = 0 [pid 5208] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5211] <... ioctl resumed>) = 0 [ 106.851604][ T5208] loop3: detected capacity change from 0 to 8192 [ 106.868330][ T5211] loop4: detected capacity change from 0 to 8192 [pid 5211] close(3) = 0 [pid 5211] mkdir("./file0", 0777) = 0 [ 106.900481][ T5208] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.931836][ T5205] REISERFS (device loop2): Using r5 hash to sort names [pid 5211] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5205] <... mount resumed>) = 0 [pid 5205] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5205] chdir("./file0") = 0 [pid 5205] ioctl(4, LOOP_CLR_FD) = 0 [pid 5205] close(4) = 0 [pid 5205] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5205] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5205] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5205] exit_group(0) = ? [pid 5205] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5205, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5005] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5005] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [ 106.949213][ T5211] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.949266][ T5205] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5005] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./16/binderfs") = 0 [pid 5005] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = 0 [ 107.005072][ T5211] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 107.015890][ T5211] REISERFS (device loop4): using ordered data mode [ 107.023757][ T5211] reiserfs: using flush barriers [ 107.032449][ T5208] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5003] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./15/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [ 107.042758][ T5211] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5003] rmdir("./15") = 0 [pid 5212] <... write resumed>) = 4194304 [pid 5003] mkdir("./16", 0777 [pid 5212] munmap(0x7f091d53c000, 4194304 [pid 5003] <... mkdir resumed>) = 0 [pid 5212] <... munmap resumed>) = 0 [pid 5212] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5212] ioctl(4, LOOP_SET_FD, 3 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5212] <... ioctl resumed>) = 0 [pid 5212] close(3) = 0 [pid 5212] mkdir("./file0", 0777) = 0 [pid 5212] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5215 [pid 5005] <... umount2 resumed>) = 0 [ 107.110432][ T5212] loop1: detected capacity change from 0 to 8192 [ 107.116507][ T5208] REISERFS (device loop3): using ordered data mode [ 107.118549][ T5211] REISERFS (device loop4): checking transaction log (loop4) [ 107.132122][ T5206] REISERFS (device loop5): Using r5 hash to sort names [ 107.140998][ T5208] reiserfs: using flush barriers [pid 5005] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5215 attached [pid 5215] chdir("./16" [pid 5005] lstat("./16/file0", [pid 5215] <... chdir resumed>) = 0 [pid 5215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5215] setpgid(0, 0 [pid 5206] <... mount resumed>) = 0 [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5215] <... setpgid resumed>) = 0 [pid 5215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5215] write(3, "1000", 4) = 4 [pid 5215] close(3) = 0 [pid 5215] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5215] memfd_create("syzkaller", 0) = 3 [pid 5215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 107.154165][ T5206] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 107.164838][ T5208] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.184098][ T5208] REISERFS (device loop3): checking transaction log (loop3) [pid 5206] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5005] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5206] <... openat resumed>) = 3 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5206] chdir("./file0" [pid 5005] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5206] <... chdir resumed>) = 0 [ 107.201785][ T5212] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5005] fstat(4, [pid 5206] ioctl(4, LOOP_CLR_FD [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5206] <... ioctl resumed>) = 0 [pid 5206] close(4 [pid 5005] getdents64(4, [pid 5206] <... close resumed>) = 0 [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5206] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5005] getdents64(4, [pid 5206] <... openat resumed>) = 4 [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5206] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./16/file0") = 0 [pid 5005] getdents64(3, [pid 5206] <... mmap resumed>) = 0x20000000 [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3 [pid 5206] ioctl(4, FS_IOC_GETVERSION [pid 5005] <... close resumed>) = 0 [pid 5206] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5005] rmdir("./16" [pid 5206] exit_group(0 [pid 5005] <... rmdir resumed>) = 0 [pid 5206] <... exit_group resumed>) = ? [pid 5005] mkdir("./17", 0777 [pid 5206] +++ exited with 0 +++ [pid 5005] <... mkdir resumed>) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5005] <... openat resumed>) = 3 [pid 5008] restart_syscall(<... resuming interrupted clone ...> [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5008] <... restart_syscall resumed>) = 0 [ 107.233509][ T5212] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5215] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5005] close(3) = 0 [pid 5008] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5217 [pid 5008] <... openat resumed>) = 3 [pid 5008] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5217 attached [pid 5008] getdents64(3, [pid 5217] chdir("./17" [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5217] <... chdir resumed>) = 0 [pid 5008] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5217] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5217] <... prctl resumed>) = 0 [pid 5008] lstat("./15/binderfs", [pid 5217] setpgid(0, 0 [pid 5008] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5217] <... setpgid resumed>) = 0 [pid 5008] unlink("./15/binderfs" [pid 5217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] <... unlink resumed>) = 0 [pid 5217] <... openat resumed>) = 3 [pid 5008] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5217] write(3, "1000", 4) = 4 [pid 5217] close(3) = 0 [ 107.302009][ T5212] REISERFS (device loop1): using ordered data mode [ 107.323920][ T5212] reiserfs: using flush barriers [ 107.333987][ T5212] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5215] <... write resumed>) = 4194304 [pid 5217] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5217] memfd_create("syzkaller", 0 [pid 5215] munmap(0x7f091d53c000, 4194304 [pid 5217] <... memfd_create resumed>) = 3 [pid 5217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5215] <... munmap resumed>) = 0 [pid 5217] <... mmap resumed>) = 0x7f091d53c000 [ 107.372691][ T5212] REISERFS (device loop1): checking transaction log (loop1) [pid 5215] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5215] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5215] close(3) = 0 [pid 5215] mkdir("./file0", 0777) = 0 [ 107.439104][ T5215] loop0: detected capacity change from 0 to 8192 [pid 5215] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [ 107.482223][ T5215] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.513940][ T5215] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.523283][ T5215] REISERFS (device loop0): using ordered data mode [pid 5008] close(4 [pid 5217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] <... close resumed>) = 0 [pid 5008] rmdir("./15/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [ 107.530498][ T5215] reiserfs: using flush barriers [ 107.537498][ T5215] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5008] rmdir("./15") = 0 [pid 5008] mkdir("./16", 0777) = 0 [ 107.580562][ T5211] REISERFS (device loop4): Using r5 hash to sort names [ 107.600516][ T5211] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 107.610908][ T5215] REISERFS (device loop0): checking transaction log (loop0) [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3 [pid 5212] <... mount resumed>) = 0 [pid 5211] <... mount resumed>) = 0 [pid 5208] <... mount resumed>) = 0 [pid 5008] <... close resumed>) = 0 [pid 5212] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5211] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5208] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5212] <... openat resumed>) = 3 [pid 5211] <... openat resumed>) = 3 [pid 5208] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5219 attached [pid 5212] chdir("./file0" [pid 5211] chdir("./file0" [pid 5208] chdir("./file0" [ 107.625479][ T5208] REISERFS (device loop3): Using r5 hash to sort names [ 107.632717][ T5208] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 107.644921][ T5212] REISERFS (device loop1): Using r5 hash to sort names [ 107.652128][ T5212] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5219 [pid 5219] chdir("./16" [pid 5217] <... write resumed>) = 4194304 [pid 5212] <... chdir resumed>) = 0 [pid 5211] <... chdir resumed>) = 0 [pid 5208] <... chdir resumed>) = 0 [pid 5219] <... chdir resumed>) = 0 [pid 5217] munmap(0x7f091d53c000, 4194304 [pid 5212] ioctl(4, LOOP_CLR_FD [pid 5211] ioctl(4, LOOP_CLR_FD [pid 5208] ioctl(4, LOOP_CLR_FD [pid 5219] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5217] <... munmap resumed>) = 0 [pid 5212] <... ioctl resumed>) = 0 [pid 5211] <... ioctl resumed>) = 0 [pid 5208] <... ioctl resumed>) = 0 [pid 5219] setpgid(0, 0 [pid 5217] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5212] close(4 [pid 5211] close(4 [pid 5208] close(4 [pid 5219] <... setpgid resumed>) = 0 [pid 5217] <... openat resumed>) = 4 [pid 5212] <... close resumed>) = 0 [pid 5211] <... close resumed>) = 0 [pid 5208] <... close resumed>) = 0 [pid 5219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5217] ioctl(4, LOOP_SET_FD, 3 [pid 5212] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5211] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5208] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5219] <... openat resumed>) = 3 [pid 5212] <... openat resumed>) = 4 [pid 5211] <... openat resumed>) = 4 [pid 5208] <... openat resumed>) = 4 [pid 5219] write(3, "1000", 4 [pid 5212] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5211] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5208] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5219] <... write resumed>) = 4 [pid 5212] <... mmap resumed>) = 0x20000000 [pid 5219] close(3 [pid 5211] <... mmap resumed>) = 0x20000000 [pid 5208] <... mmap resumed>) = 0x20000000 [pid 5212] ioctl(4, FS_IOC_GETVERSION [pid 5219] <... close resumed>) = 0 [pid 5212] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5211] ioctl(4, FS_IOC_GETVERSION [pid 5208] ioctl(4, FS_IOC_GETVERSION [pid 5219] symlink("/dev/binderfs", "./binderfs" [pid 5212] exit_group(0 [pid 5211] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5208] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5219] <... symlink resumed>) = 0 [pid 5217] <... ioctl resumed>) = 0 [pid 5212] <... exit_group resumed>) = ? [pid 5211] exit_group(0 [pid 5208] exit_group(0 [pid 5219] memfd_create("syzkaller", 0 [pid 5217] close(3 [pid 5212] +++ exited with 0 +++ [pid 5211] <... exit_group resumed>) = ? [pid 5208] <... exit_group resumed>) = ? [pid 5219] <... memfd_create resumed>) = 3 [pid 5217] <... close resumed>) = 0 [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5212, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- [pid 5219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5217] mkdir("./file0", 0777 [pid 5211] +++ exited with 0 +++ [pid 5208] +++ exited with 0 +++ [pid 5004] restart_syscall(<... resuming interrupted clone ...> [pid 5219] <... mmap resumed>) = 0x7f091d53c000 [pid 5217] <... mkdir resumed>) = 0 [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5211, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5208, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} --- [pid 5004] <... restart_syscall resumed>) = 0 [pid 5217] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5004] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [ 107.738481][ T5217] loop2: detected capacity change from 0 to 8192 [pid 5006] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... openat resumed>) = 3 [pid 5007] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] fstat(3, [pid 5007] <... openat resumed>) = 3 [pid 5006] <... openat resumed>) = 3 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] fstat(3, [pid 5006] fstat(3, [pid 5004] getdents64(3, [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] getdents64(3, [pid 5006] getdents64(3, [pid 5004] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] lstat("./16/binderfs", [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] lstat("./16/binderfs", [pid 5006] lstat("./16/binderfs", [pid 5004] unlink("./16/binderfs" [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] <... unlink resumed>) = 0 [pid 5007] unlink("./16/binderfs" [pid 5006] unlink("./16/binderfs" [pid 5004] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... unlink resumed>) = 0 [pid 5006] <... unlink resumed>) = 0 [pid 5007] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 107.804488][ T5217] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.831857][ T5217] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 107.841584][ T5217] REISERFS (device loop2): using ordered data mode [ 107.848528][ T5217] reiserfs: using flush barriers [pid 5006] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 107.883043][ T5217] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.900054][ T5217] REISERFS (device loop2): checking transaction log (loop2) [pid 5219] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5215] <... mount resumed>) = 0 [ 107.951579][ T5215] REISERFS (device loop0): Using r5 hash to sort names [ 107.980060][ T5215] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5215] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5215] chdir("./file0") = 0 [pid 5215] ioctl(4, LOOP_CLR_FD) = 0 [pid 5215] close(4) = 0 [pid 5215] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5219] munmap(0x7f091d53c000, 4194304 [pid 5215] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [ 108.066029][ T5215] [ 108.068411][ T5215] ====================================================== [ 108.075447][ T5215] WARNING: possible circular locking dependency detected [ 108.082493][ T5215] 6.4.0-rc6-syzkaller-00242-g1639fae5132b #0 Not tainted [ 108.089559][ T5215] ------------------------------------------------------ [ 108.096603][ T5215] syz-executor132/5215 is trying to acquire lock: [ 108.103046][ T5215] ffff88802959e090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x79/0x100 [ 108.112207][ T5215] [ 108.112207][ T5215] but task is already holding lock: [ 108.116185][ T5217] REISERFS (device loop2): Using r5 hash to sort names [ 108.119580][ T5215] ffff8880235e2f28 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x158/0x3b0 [ 108.135478][ T5215] [ 108.135478][ T5215] which lock already depends on the new lock. [ 108.135478][ T5215] [ 108.145910][ T5215] [ 108.145910][ T5215] the existing dependency chain (in reverse order) is: [ 108.154961][ T5215] [ 108.154961][ T5215] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 108.156082][ T5217] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 108.162546][ T5215] __might_fault+0x115/0x190 [ 108.176710][ T5215] reiserfs_ioctl+0x1d2/0x330 [ 108.181974][ T5215] __x64_sys_ioctl+0x197/0x210 [ 108.187305][ T5215] do_syscall_64+0x39/0xb0 [ 108.192297][ T5215] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 108.198781][ T5215] [ 108.198781][ T5215] -> #0 (&sbi->lock){+.+.}-{3:3}: [ 108.206060][ T5215] __lock_acquire+0x2fcd/0x5f30 [ 108.211483][ T5215] lock_acquire+0x1b1/0x520 [ 108.216560][ T5215] __mutex_lock+0x12f/0x1350 [ 108.221724][ T5215] reiserfs_write_lock+0x79/0x100 [ 108.227327][ T5215] reiserfs_dirty_inode+0xd2/0x260 [ 108.233013][ T5215] __mark_inode_dirty+0x1e0/0xd60 [ 108.238615][ T5215] touch_atime+0x687/0x740 [ 108.243608][ T5215] generic_file_mmap+0x119/0x150 [ 108.244259][ T5219] loop5: detected capacity change from 0 to 8192 [ 108.249109][ T5215] mmap_region+0x694/0x28d0 [ 108.260581][ T5215] do_mmap+0x831/0xf60 [ 108.265214][ T5215] vm_mmap_pgoff+0x1a2/0x3b0 [ 108.270381][ T5215] ksys_mmap_pgoff+0x41f/0x5a0 [ 108.275707][ T5215] do_syscall_64+0x39/0xb0 [ 108.280681][ T5215] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 108.287160][ T5215] [ 108.287160][ T5215] other info that might help us debug this: [ 108.287160][ T5215] [ 108.297420][ T5215] Possible unsafe locking scenario: [ 108.297420][ T5215] [ 108.304896][ T5215] CPU0 CPU1 [ 108.310294][ T5215] ---- ---- [ 108.310932][ T5219] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.315664][ T5215] lock(&mm->mmap_lock); [ 108.315684][ T5215] lock(&sbi->lock); [ 108.315702][ T5215] lock(&mm->mmap_lock); [ 108.315720][ T5215] lock(&sbi->lock); [ 108.350460][ T5215] [ 108.350460][ T5215] *** DEADLOCK *** [ 108.350460][ T5215] [ 108.358633][ T5215] 2 locks held by syz-executor132/5215: [ 108.364211][ T5215] #0: ffff8880235e2f28 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x158/0x3b0 [ 108.373699][ T5215] #1: ffff888021a58460 (sb_writers#10){.+.+}-{0:0}, at: generic_file_mmap+0x119/0x150 [ 108.383475][ T5215] [ 108.383475][ T5215] stack backtrace: [ 108.389388][ T5215] CPU: 0 PID: 5215 Comm: syz-executor132 Not tainted 6.4.0-rc6-syzkaller-00242-g1639fae5132b #0 [ 108.399843][ T5215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 108.408570][ T5219] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 108.409907][ T5215] Call Trace: [ 108.409923][ T5215] [ 108.409932][ T5215] dump_stack_lvl+0xd9/0x150 [ 108.429879][ T5215] check_noncircular+0x25f/0x2e0 [ 108.434890][ T5215] ? print_circular_bug+0x730/0x730 [ 108.440152][ T5215] ? check_irq_usage+0x198/0x1a40 [ 108.445233][ T5215] ? save_trace+0x3f/0xb20 [ 108.449703][ T5215] ? __bfs+0x298/0x720 [ 108.453816][ T5215] ? _find_first_zero_bit+0x94/0xb0 [ 108.459070][ T5215] __lock_acquire+0x2fcd/0x5f30 [ 108.463984][ T5215] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 108.470041][ T5215] ? print_circular_bug+0x730/0x730 [ 108.475298][ T5215] lock_acquire+0x1b1/0x520 [ 108.479860][ T5215] ? reiserfs_write_lock+0x79/0x100 [ 108.485122][ T5215] ? lock_sync+0x190/0x190 [ 108.487673][ T5219] REISERFS (device loop5): using ordered data mode [ 108.489577][ T5215] __mutex_lock+0x12f/0x1350 [ 108.500724][ T5215] ? reiserfs_write_lock+0x79/0x100 [ 108.506019][ T5215] ? reiserfs_write_lock+0x79/0x100 [ 108.511277][ T5215] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 108.516878][ T5215] ? find_held_lock+0x2d/0x110 [ 108.521705][ T5215] ? current_time+0x79/0x2c0 [ 108.526354][ T5215] ? lock_downgrade+0x690/0x690 [ 108.529743][ T5219] reiserfs: using flush barriers [ 108.531239][ T5215] reiserfs_write_lock+0x79/0x100 [ 108.541247][ T5215] reiserfs_dirty_inode+0xd2/0x260 [ 108.546419][ T5215] ? reiserfs_unfreeze+0xa0/0xa0 [ 108.551416][ T5215] ? ktime_get_coarse_real_ts64+0x15e/0x200 [ 108.557363][ T5215] ? lock_downgrade+0x690/0x690 [ 108.562265][ T5215] ? current_time+0x1fe/0x2c0 [pid 5219] <... munmap resumed>) = 0 [pid 5219] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5217] <... mount resumed>) = 0 [pid 5007] <... umount2 resumed>) = 0 [pid 5006] <... umount2 resumed>) = 0 [pid 5004] <... umount2 resumed>) = 0 [pid 5219] <... openat resumed>) = 4 [pid 5217] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5007] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5219] ioctl(4, LOOP_SET_FD, 3 [pid 5217] <... openat resumed>) = 3 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5217] chdir("./file0" [pid 5007] lstat("./16/file0", [pid 5006] lstat("./16/file0", [pid 5004] lstat("./16/file0", [pid 5217] <... chdir resumed>) = 0 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5217] ioctl(4, LOOP_CLR_FD [pid 5007] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5217] <... ioctl resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5217] close(4 [pid 5007] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5217] <... close resumed>) = 0 [pid 5007] <... openat resumed>) = 4 [pid 5006] <... openat resumed>) = 4 [pid 5004] <... openat resumed>) = 4 [pid 5217] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5007] fstat(4, [pid 5006] fstat(4, [pid 5004] fstat(4, [pid 5217] <... openat resumed>) = 4 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5217] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5007] getdents64(4, [pid 5006] getdents64(4, [pid 5004] getdents64(4, [pid 5217] <... mmap resumed>) = 0x20000000 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5217] ioctl(4, FS_IOC_GETVERSION [pid 5007] getdents64(4, [pid 5006] getdents64(4, [pid 5004] getdents64(4, [pid 5217] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5217] exit_group(0 [pid 5007] close(4 [pid 5006] close(4 [pid 5004] close(4 [pid 5217] <... exit_group resumed>) = ? [pid 5007] <... close resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5004] <... close resumed>) = 0 [pid 5217] +++ exited with 0 +++ [pid 5007] rmdir("./16/file0" [pid 5006] rmdir("./16/file0" [pid 5004] rmdir("./16/file0" [pid 5007] <... rmdir resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5007] getdents64(3, [pid 5006] getdents64(3, [pid 5004] getdents64(3, [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3 [pid 5006] close(3 [pid 5004] close(3 [pid 5007] <... close resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5004] <... close resumed>) = 0 [pid 5007] rmdir("./16" [pid 5006] rmdir("./16" [pid 5004] rmdir("./16" [pid 5007] <... rmdir resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5007] mkdir("./17", 0777 [pid 5006] mkdir("./17", 0777 [pid 5004] mkdir("./17", 0777 [pid 5007] <... mkdir resumed>) = 0 [pid 5006] <... mkdir resumed>) = 0 [pid 5004] <... mkdir resumed>) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5219] <... ioctl resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5006] <... openat resumed>) = 3 [pid 5004] <... openat resumed>) = 3 [pid 5219] close(3 [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5219] <... close resumed>) = 0 [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5219] mkdir("./file0", 0777 [pid 5007] close(3 [pid 5006] close(3 [pid 5004] close(3 [pid 5219] <... mkdir resumed>) = 0 [pid 5007] <... close resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5004] <... close resumed>) = 0 [pid 5219] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5221 [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5223 [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5224 ./strace-static-x86_64: Process 5223 attached [pid 5223] chdir("./17") = 0 ./strace-static-x86_64: Process 5224 attached [pid 5223] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5223] setpgid(0, 0) = 0 [pid 5224] chdir("./17" [pid 5223] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5224] <... chdir resumed>) = 0 [pid 5223] <... openat resumed>) = 3 [pid 5224] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5224] setpgid(0, 0) = 0 [pid 5223] write(3, "1000", 4 [pid 5224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5223] <... write resumed>) = 4 [pid 5223] close(3) = 0 [pid 5224] <... openat resumed>) = 3 [pid 5223] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5224] write(3, "1000", 4) = 4 [pid 5223] memfd_create("syzkaller", 0 [pid 5224] close(3) = 0 [pid 5223] <... memfd_create resumed>) = 3 [pid 5224] symlink("/dev/binderfs", "./binderfs" [pid 5223] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5224] <... symlink resumed>) = 0 [pid 5224] memfd_create("syzkaller", 0 [pid 5223] <... mmap resumed>) = 0x7f091d53c000 [pid 5224] <... memfd_create resumed>) = 3 [pid 5224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5223] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5224] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5217, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5005] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 108.563577][ T5219] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.566979][ T5215] ? reiserfs_unfreeze+0xa0/0xa0 [ 108.567025][ T5215] __mark_inode_dirty+0x1e0/0xd60 [ 108.567076][ T5215] touch_atime+0x687/0x740 [ 108.597569][ T5215] ? atime_needs_update+0x720/0x720 [ 108.602834][ T5215] ? __raw_spin_lock_init+0x3a/0x110 [ 108.608174][ T5215] generic_file_mmap+0x119/0x150 [ 108.613170][ T5215] mmap_region+0x694/0x28d0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./17/binderfs") = 0 [pid 5005] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5223] <... write resumed>) = 4194304 [ 108.617806][ T5215] ? do_munmap+0xf0/0xf0 [ 108.622113][ T5215] ? security_mmap_addr+0x77/0xa0 [ 108.627200][ T5215] ? get_unmapped_area+0x1e8/0x3c0 [ 108.632356][ T5215] do_mmap+0x831/0xf60 [ 108.636475][ T5215] vm_mmap_pgoff+0x1a2/0x3b0 [ 108.641127][ T5215] ? randomize_page+0xb0/0xb0 [ 108.643626][ T5223] loop3: detected capacity change from 0 to 8192 [ 108.645836][ T5215] ksys_mmap_pgoff+0x41f/0x5a0 [ 108.645871][ T5215] do_syscall_64+0x39/0xb0 [ 108.654382][ T5224] loop1: detected capacity change from 0 to 8192 [ 108.656957][ T5215] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 108.673503][ T5219] REISERFS (device loop5): checking transaction log (loop5) [ 108.673596][ T5215] RIP: 0033:0x7f0925989ab9 [ 108.685372][ T5215] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 108.705118][ T5215] RSP: 002b:00007ffe14e114d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [pid 5223] munmap(0x7f091d53c000, 4194304 [pid 5224] <... write resumed>) = 4194304 [pid 5224] munmap(0x7f091d53c000, 4194304 [pid 5223] <... munmap resumed>) = 0 [pid 5224] <... munmap resumed>) = 0 [pid 5223] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5223] ioctl(4, LOOP_SET_FD, 3 [pid 5224] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5224] ioctl(4, LOOP_SET_FD, 3 [pid 5223] <... ioctl resumed>) = 0 [pid 5223] close(3) = 0 [pid 5223] mkdir("./file0", 0777) = 0 [pid 5223] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5224] <... ioctl resumed>) = 0 [pid 5224] close(3) = 0 [pid 5224] mkdir("./file0", 0777) = 0 [pid 5224] mount("/dev/loop1", "./file0", "reiserfs", 0, ""./strace-static-x86_64: Process 5221 attached [pid 5221] chdir("./17") = 0 [pid 5221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5221] setpgid(0, 0) = 0 [pid 5221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5221] write(3, "1000", 4) = 4 [pid 5221] close(3) = 0 [pid 5221] symlink("/dev/binderfs", "./binderfs") = 0 [ 108.713583][ T5215] RAX: ffffffffffffffda RBX: 0000000000019b0a RCX: 00007f0925989ab9 [ 108.721604][ T5215] RDX: 0000000000000001 RSI: 0000000000400000 RDI: 0000000020000000 [ 108.729635][ T5215] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000000 [ 108.737647][ T5215] R10: 0000000000010012 R11: 0000000000000246 R12: 00007ffe14e1150c [ 108.745743][ T5215] R13: 00007ffe14e11540 R14: 00007ffe14e11520 R15: 0000000000000010 [ 108.753771][ T5215] [pid 5221] memfd_create("syzkaller", 0 [pid 5005] <... umount2 resumed>) = 0 [pid 5221] <... memfd_create resumed>) = 3 [pid 5005] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5221] <... mmap resumed>) = 0x7f091d53c000 [pid 5005] lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./17/file0") = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./17") = 0 [pid 5005] mkdir("./18", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5227 [ 108.769132][ T5223] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.798744][ T5224] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5221] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304./strace-static-x86_64: Process 5227 attached [pid 5227] chdir("./18") = 0 [pid 5227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5215] <... mmap resumed>) = 0x20000000 [pid 5215] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5215] exit_group(0 [pid 5227] setpgid(0, 0) = 0 [pid 5215] <... exit_group resumed>) = ? [pid 5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5227] write(3, "1000", 4) = 4 [ 108.849446][ T5219] REISERFS (device loop5): Using r5 hash to sort names [ 108.856674][ T5223] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 108.873807][ T5224] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 108.887587][ T5224] REISERFS (device loop1): using ordered data mode [pid 5227] close(3) = 0 [pid 5227] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5215] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5215, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=26 /* 0.26 s */} --- [pid 5003] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5003] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5227] memfd_create("syzkaller", 0 [pid 5003] <... openat resumed>) = 3 [pid 5003] fstat(3, [pid 5227] <... memfd_create resumed>) = 3 [pid 5227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5221] <... write resumed>) = 4194304 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5227] <... mmap resumed>) = 0x7f091d53c000 [pid 5003] getdents64(3, [pid 5219] <... mount resumed>) = 0 [pid 5219] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5219] chdir("./file0") = 0 [pid 5219] ioctl(4, LOOP_CLR_FD) = 0 [pid 5219] close(4) = 0 [pid 5219] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5219] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5219] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5219] exit_group(0) = ? [pid 5219] +++ exited with 0 +++ [pid 5003] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5219, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5003] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] lstat("./16/binderfs", [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5221] munmap(0x7f091d53c000, 4194304 [pid 5008] <... openat resumed>) = 3 [pid 5003] unlink("./16/binderfs" [pid 5008] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... unlink resumed>) = 0 [ 108.903510][ T5219] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 108.920090][ T5223] REISERFS (device loop3): using ordered data mode [ 108.927607][ T5223] reiserfs: using flush barriers [ 108.934174][ T5224] reiserfs: using flush barriers [pid 5221] <... munmap resumed>) = 0 [pid 5008] getdents64(3, [pid 5003] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5221] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5221] <... openat resumed>) = 4 [pid 5008] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5221] ioctl(4, LOOP_SET_FD, 3 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./16/binderfs" [pid 5221] <... ioctl resumed>) = 0 [pid 5008] <... unlink resumed>) = 0 [pid 5221] close(3 [pid 5008] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5221] <... close resumed>) = 0 [pid 5221] mkdir("./file0", 0777) = 0 [pid 5221] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [ 108.935343][ T5223] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.940921][ T5223] REISERFS (device loop3): checking transaction log (loop3) [ 108.976197][ T5221] loop4: detected capacity change from 0 to 8192 [ 108.995743][ T5221] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.009896][ T5224] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.010316][ T5221] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 109.041492][ T5221] REISERFS (device loop4): using ordered data mode [pid 5227] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] <... umount2 resumed>) = 0 [ 109.063893][ T5221] reiserfs: using flush barriers [ 109.084066][ T5221] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.101630][ T5224] REISERFS (device loop1): checking transaction log (loop1) [pid 5008] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./16/file0", [pid 5227] <... write resumed>) = 4194304 [pid 5008] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./16/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./16") = 0 [pid 5008] mkdir("./17", 0777 [pid 5227] munmap(0x7f091d53c000, 4194304 [pid 5008] <... mkdir resumed>) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [ 109.122233][ T5221] REISERFS (device loop4): checking transaction log (loop4) [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5229 [pid 5227] <... munmap resumed>) = 0 [pid 5227] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5227] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5229 attached [pid 5229] chdir("./17") = 0 [pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5229] setpgid(0, 0) = 0 [pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5229] write(3, "1000", 4) = 4 [pid 5229] close(3) = 0 [pid 5229] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5229] memfd_create("syzkaller", 0) = 3 [pid 5229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5227] <... ioctl resumed>) = 0 [pid 5227] close(3) = 0 [pid 5227] mkdir("./file0", 0777) = 0 [pid 5227] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5003] <... umount2 resumed>) = 0 [ 109.201295][ T5227] loop2: detected capacity change from 0 to 8192 [ 109.226319][ T5223] REISERFS (device loop3): Using r5 hash to sort names [ 109.233529][ T5223] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5223] <... mount resumed>) = 0 [pid 5003] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5223] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5223] <... openat resumed>) = 3 [pid 5003] lstat("./16/file0", [pid 5223] chdir("./file0" [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5223] <... chdir resumed>) = 0 [pid 5003] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5223] ioctl(4, LOOP_CLR_FD [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5223] <... ioctl resumed>) = 0 [pid 5223] close(4 [pid 5003] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5223] <... close resumed>) = 0 [pid 5223] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5003] <... openat resumed>) = 4 [pid 5223] <... openat resumed>) = 4 [pid 5003] fstat(4, [pid 5223] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5223] <... mmap resumed>) = 0x20000000 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5223] ioctl(4, FS_IOC_GETVERSION [pid 5003] getdents64(4, [pid 5223] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5223] exit_group(0 [pid 5003] close(4 [pid 5229] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5003] <... close resumed>) = 0 [pid 5223] <... exit_group resumed>) = ? [pid 5003] rmdir("./16/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./16" [pid 5223] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5223, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5003] <... rmdir resumed>) = 0 [pid 5003] mkdir("./17", 0777 [pid 5006] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... mkdir resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5006] <... openat resumed>) = 3 [pid 5003] <... openat resumed>) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5006] getdents64(3, [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 109.250155][ T5227] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] close(3 [pid 5006] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... close resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] lstat("./17/binderfs", [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5231 [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./17/binderfs") = 0 [pid 5006] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5231 attached [pid 5231] chdir("./17") = 0 [pid 5231] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5231] setpgid(0, 0) = 0 [pid 5231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 109.300016][ T5227] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [pid 5231] write(3, "1000", 4) = 4 [pid 5231] close(3) = 0 [pid 5231] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5231] memfd_create("syzkaller", 0) = 3 [pid 5231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 109.341305][ T5224] REISERFS (device loop1): Using r5 hash to sort names [ 109.374583][ T5224] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 109.384500][ T5227] REISERFS (device loop2): using ordered data mode [pid 5229] <... write resumed>) = 4194304 [pid 5224] <... mount resumed>) = 0 [pid 5224] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5224] chdir("./file0") = 0 [pid 5224] ioctl(4, LOOP_CLR_FD) = 0 [pid 5224] close(4 [pid 5229] munmap(0x7f091d53c000, 4194304) = 0 [pid 5229] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 109.391854][ T5227] reiserfs: using flush barriers [ 109.391977][ T5221] REISERFS (device loop4): Using r5 hash to sort names [ 109.404797][ T5227] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5229] ioctl(4, LOOP_SET_FD, 3 [pid 5224] <... close resumed>) = 0 [pid 5224] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5224] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5229] <... ioctl resumed>) = 0 [pid 5229] close(3 [pid 5224] <... mmap resumed>) = 0x20000000 [pid 5229] <... close resumed>) = 0 [pid 5224] ioctl(4, FS_IOC_GETVERSION [pid 5229] mkdir("./file0", 0777 [pid 5224] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5224] exit_group(0) = ? [pid 5224] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5224, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5229] <... mkdir resumed>) = 0 [pid 5229] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5004] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./17/binderfs") = 0 [pid 5004] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 109.437874][ T5229] loop5: detected capacity change from 0 to 8192 [ 109.452626][ T5227] REISERFS (device loop2): checking transaction log (loop2) [ 109.468504][ T5221] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5231] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5221] <... mount resumed>) = 0 [pid 5006] <... umount2 resumed>) = 0 [pid 5221] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5006] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5221] <... openat resumed>) = 3 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5221] chdir("./file0") = 0 [pid 5006] lstat("./17/file0", [pid 5221] ioctl(4, LOOP_CLR_FD) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 109.479821][ T5229] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5221] close(4 [pid 5006] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5231] <... write resumed>) = 4194304 [pid 5221] <... close resumed>) = 0 [pid 5231] munmap(0x7f091d53c000, 4194304 [pid 5221] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... umount2 resumed>) = 0 [pid 5004] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5221] <... openat resumed>) = 4 [pid 5006] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5231] <... munmap resumed>) = 0 [pid 5221] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5006] <... openat resumed>) = 4 [pid 5231] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5221] <... mmap resumed>) = 0x20000000 [pid 5006] fstat(4, [pid 5004] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5221] ioctl(4, FS_IOC_GETVERSION [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... openat resumed>) = 4 [pid 5231] <... openat resumed>) = 4 [pid 5221] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5006] getdents64(4, [pid 5004] fstat(4, [pid 5231] ioctl(4, LOOP_SET_FD, 3 [ 109.516157][ T5229] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 109.525963][ T5229] REISERFS (device loop5): using ordered data mode [pid 5221] exit_group(0 [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5221] <... exit_group resumed>) = ? [pid 5006] getdents64(4, [pid 5004] getdents64(4, [pid 5221] +++ exited with 0 +++ [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] close(4 [pid 5004] getdents64(4, [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5221, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5006] <... close resumed>) = 0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] restart_syscall(<... resuming interrupted clone ...> [pid 5006] rmdir("./17/file0" [pid 5004] close(4 [pid 5231] <... ioctl resumed>) = 0 [pid 5007] <... restart_syscall resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5004] <... close resumed>) = 0 [pid 5231] close(3 [pid 5006] getdents64(3, [pid 5004] rmdir("./17/file0" [pid 5231] <... close resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5007] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] close(3 [pid 5004] getdents64(3, [pid 5231] mkdir("./file0", 0777 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... close resumed>) = 0 [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] rmdir("./17" [pid 5004] close(3 [pid 5231] <... mkdir resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5006] <... rmdir resumed>) = 0 [pid 5004] <... close resumed>) = 0 [pid 5231] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5007] fstat(3, [pid 5006] mkdir("./18", 0777 [pid 5004] rmdir("./17" [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... mkdir resumed>) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5007] getdents64(3, [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5004] mkdir("./18", 0777 [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] <... openat resumed>) = 3 [pid 5004] <... mkdir resumed>) = 0 [pid 5007] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] <... openat resumed>) = 3 [pid 5007] lstat("./17/binderfs", [ 109.557061][ T5231] loop0: detected capacity change from 0 to 8192 [ 109.583992][ T5229] reiserfs: using flush barriers [pid 5006] close(3 [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] <... close resumed>) = 0 [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5007] unlink("./17/binderfs" [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] close(3 [pid 5007] <... unlink resumed>) = 0 [pid 5004] <... close resumed>) = 0 [pid 5007] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5234 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5235 ./strace-static-x86_64: Process 5234 attached ./strace-static-x86_64: Process 5235 attached [pid 5235] chdir("./18") = 0 [pid 5234] chdir("./18") = 0 [pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5234] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5235] <... prctl resumed>) = 0 [pid 5234] <... prctl resumed>) = 0 [pid 5235] setpgid(0, 0 [pid 5234] setpgid(0, 0 [pid 5235] <... setpgid resumed>) = 0 [pid 5234] <... setpgid resumed>) = 0 [pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5235] <... openat resumed>) = 3 [pid 5234] <... openat resumed>) = 3 [pid 5235] write(3, "1000", 4 [pid 5234] write(3, "1000", 4 [pid 5235] <... write resumed>) = 4 [pid 5234] <... write resumed>) = 4 [pid 5234] close(3 [pid 5235] close(3 [pid 5234] <... close resumed>) = 0 [pid 5235] <... close resumed>) = 0 [pid 5234] symlink("/dev/binderfs", "./binderfs" [pid 5235] symlink("/dev/binderfs", "./binderfs" [pid 5234] <... symlink resumed>) = 0 [ 109.597538][ T5229] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.597692][ T5231] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.614401][ T5229] REISERFS (device loop5): checking transaction log (loop5) [pid 5235] <... symlink resumed>) = 0 [pid 5234] memfd_create("syzkaller", 0) = 3 [pid 5235] memfd_create("syzkaller", 0 [pid 5234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5235] <... memfd_create resumed>) = 3 [pid 5234] <... mmap resumed>) = 0x7f091d53c000 [pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 109.699445][ T5231] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5234] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] <... umount2 resumed>) = 0 [pid 5007] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 109.773962][ T5231] REISERFS (device loop0): using ordered data mode [ 109.780527][ T5231] reiserfs: using flush barriers [ 109.793331][ T5229] REISERFS (device loop5): Using r5 hash to sort names [ 109.796907][ T5227] REISERFS (device loop2): Using r5 hash to sort names [ 109.806376][ T5229] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5007] lstat("./17/file0", [pid 5229] <... mount resumed>) = 0 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5229] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5007] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5229] <... openat resumed>) = 3 [pid 5229] chdir("./file0" [pid 5007] <... openat resumed>) = 4 [pid 5229] <... chdir resumed>) = 0 [pid 5007] fstat(4, [pid 5229] ioctl(4, LOOP_CLR_FD [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5229] <... ioctl resumed>) = 0 [pid 5007] getdents64(4, [pid 5227] <... mount resumed>) = 0 [pid 5229] close(4 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5229] <... close resumed>) = 0 [pid 5007] getdents64(4, [pid 5229] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5227] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5229] <... openat resumed>) = 4 [pid 5007] close(4 [pid 5227] <... openat resumed>) = 3 [pid 5007] <... close resumed>) = 0 [pid 5229] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5227] chdir("./file0") = 0 [pid 5007] rmdir("./17/file0" [pid 5229] <... mmap resumed>) = 0x20000000 [pid 5007] <... rmdir resumed>) = 0 [pid 5229] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5007] getdents64(3, [pid 5227] ioctl(4, LOOP_CLR_FD) = 0 [pid 5229] exit_group(0 [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5229] <... exit_group resumed>) = ? [pid 5007] close(3) = 0 [pid 5227] close(4) = 0 [pid 5227] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5229] +++ exited with 0 +++ [pid 5007] rmdir("./17" [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5229, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5008] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... rmdir resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] mkdir("./18", 0777 [pid 5008] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5008] fstat(3, [pid 5007] <... mkdir resumed>) = 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5008] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] <... openat resumed>) = 3 [ 109.826001][ T5227] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 109.835920][ T5231] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5008] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5227] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5008] unlink("./17/binderfs" [pid 5235] <... write resumed>) = 4194304 [pid 5227] <... mmap resumed>) = 0x20000000 [pid 5008] <... unlink resumed>) = 0 [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5008] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5235] munmap(0x7f091d53c000, 4194304 [pid 5007] close(3 [pid 5227] ioctl(4, FS_IOC_GETVERSION [pid 5007] <... close resumed>) = 0 [pid 5227] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5227] exit_group(0) = ? [pid 5235] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5236 attached [pid 5235] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5227] +++ exited with 0 +++ [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5236 [pid 5235] <... openat resumed>) = 4 [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5227, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5005] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5236] chdir("./18" [pid 5235] ioctl(4, LOOP_SET_FD, 3 [pid 5005] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5236] <... chdir resumed>) = 0 [pid 5005] <... openat resumed>) = 3 [pid 5236] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./18/binderfs") = 0 [pid 5005] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5236] <... prctl resumed>) = 0 [pid 5008] <... umount2 resumed>) = 0 [pid 5236] setpgid(0, 0 [pid 5235] <... ioctl resumed>) = 0 [pid 5008] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5236] <... setpgid resumed>) = 0 [pid 5235] close(3 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5235] <... close resumed>) = 0 [pid 5008] lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5236] <... openat resumed>) = 3 [pid 5235] mkdir("./file0", 0777 [pid 5008] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5236] write(3, "1000", 4 [pid 5235] <... mkdir resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5236] <... write resumed>) = 4 [pid 5235] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5008] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5234] <... write resumed>) = 4194304 [pid 5008] <... openat resumed>) = 4 [pid 5236] close(3 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, [pid 5236] <... close resumed>) = 0 [pid 5008] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, [pid 5236] symlink("/dev/binderfs", "./binderfs" [pid 5008] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4 [pid 5236] <... symlink resumed>) = 0 [pid 5008] <... close resumed>) = 0 [pid 5005] <... umount2 resumed>) = 0 [ 109.877746][ T5231] REISERFS (device loop0): checking transaction log (loop0) [ 109.912876][ T5235] loop1: detected capacity change from 0 to 8192 [pid 5008] rmdir("./17/file0" [pid 5005] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5236] memfd_create("syzkaller", 0 [pid 5008] <... rmdir resumed>) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] getdents64(3, [pid 5005] lstat("./18/file0", [pid 5008] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5236] <... memfd_create resumed>) = 3 [pid 5008] close(3 [pid 5005] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... close resumed>) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] rmdir("./17" [pid 5005] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] <... rmdir resumed>) = 0 [pid 5234] munmap(0x7f091d53c000, 4194304 [pid 5008] mkdir("./18", 0777 [pid 5005] <... openat resumed>) = 4 [pid 5236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5234] <... munmap resumed>) = 0 [pid 5008] <... mkdir resumed>) = 0 [pid 5005] fstat(4, [pid 5236] <... mmap resumed>) = 0x7f091d53c000 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./18/file0" [pid 5234] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5005] <... rmdir resumed>) = 0 [pid 5234] <... openat resumed>) = 4 [pid 5005] getdents64(3, [pid 5234] ioctl(4, LOOP_SET_FD, 3 [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./18") = 0 [pid 5005] mkdir("./19", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 109.959718][ T5235] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.982465][ T5234] loop3: detected capacity change from 0 to 8192 [pid 5236] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5234] <... ioctl resumed>) = 0 [pid 5234] close(3) = 0 [pid 5234] mkdir("./file0", 0777 [pid 5236] <... write resumed>) = 4194304 [pid 5234] <... mkdir resumed>) = 0 [pid 5005] <... openat resumed>) = 3 [pid 5236] munmap(0x7f091d53c000, 4194304 [pid 5234] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5236] <... munmap resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5236] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5005] close(3 [pid 5236] <... openat resumed>) = 4 [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] <... close resumed>) = 0 [ 110.010798][ T5235] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 110.037163][ T5235] REISERFS (device loop1): using ordered data mode [ 110.051541][ T5235] reiserfs: using flush barriers [pid 5236] ioctl(4, LOOP_SET_FD, 3 [pid 5008] close(3 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5239 attached [pid 5236] <... ioctl resumed>) = 0 [pid 5008] <... close resumed>) = 0 [pid 5239] chdir("./19" [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5239 [pid 5239] <... chdir resumed>) = 0 [pid 5239] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5236] close(3 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5240 [pid 5239] <... prctl resumed>) = 0 [pid 5236] <... close resumed>) = 0 [ 110.065470][ T5236] loop4: detected capacity change from 0 to 8192 [ 110.082617][ T5234] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.097110][ T5235] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5236] mkdir("./file0", 0777) = 0 [pid 5236] mount("/dev/loop4", "./file0", "reiserfs", 0, ""./strace-static-x86_64: Process 5240 attached [pid 5240] chdir("./18") = 0 [pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5239] setpgid(0, 0) = 0 [pid 5240] setpgid(0, 0) = 0 [pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5240] write(3, "1000", 4) = 4 [pid 5240] close(3) = 0 [pid 5240] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5240] memfd_create("syzkaller", 0) = 3 [pid 5239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5239] <... openat resumed>) = 3 [pid 5231] <... mount resumed>) = 0 [pid 5240] <... mmap resumed>) = 0x7f091d53c000 [pid 5239] write(3, "1000", 4 [pid 5231] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5239] <... write resumed>) = 4 [pid 5231] <... openat resumed>) = 3 [pid 5239] close(3 [pid 5231] chdir("./file0" [pid 5239] <... close resumed>) = 0 [pid 5231] <... chdir resumed>) = 0 [pid 5239] symlink("/dev/binderfs", "./binderfs" [pid 5231] ioctl(4, LOOP_CLR_FD [pid 5239] <... symlink resumed>) = 0 [pid 5231] <... ioctl resumed>) = 0 [pid 5239] memfd_create("syzkaller", 0 [pid 5231] close(4 [pid 5239] <... memfd_create resumed>) = 3 [pid 5231] <... close resumed>) = 0 [ 110.123486][ T5231] REISERFS (device loop0): Using r5 hash to sort names [ 110.130853][ T5231] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 110.142435][ T5236] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5231] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5239] <... mmap resumed>) = 0x7f091d53c000 [pid 5231] <... openat resumed>) = 4 [pid 5231] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5231] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5231] exit_group(0) = ? [pid 5231] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5231, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5003] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 110.170728][ T5235] REISERFS (device loop1): checking transaction log (loop1) [ 110.183964][ T5234] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [pid 5239] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5003] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./17/binderfs") = 0 [ 110.219247][ T5234] REISERFS (device loop3): using ordered data mode [ 110.221650][ T5236] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 110.240605][ T5234] reiserfs: using flush barriers [pid 5003] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5239] <... write resumed>) = 4194304 [ 110.264556][ T5236] REISERFS (device loop4): using ordered data mode [ 110.271463][ T5236] reiserfs: using flush barriers [ 110.277952][ T5234] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5239] munmap(0x7f091d53c000, 4194304) = 0 [pid 5239] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5239] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5239] close(3) = 0 [pid 5239] mkdir("./file0", 0777) = 0 [ 110.304048][ T5236] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.318334][ T5234] REISERFS (device loop3): checking transaction log (loop3) [ 110.332165][ T5239] loop2: detected capacity change from 0 to 8192 [ 110.356746][ T5239] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5239] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5240] <... write resumed>) = 4194304 [pid 5240] munmap(0x7f091d53c000, 4194304 [ 110.371007][ T5236] REISERFS (device loop4): checking transaction log (loop4) [ 110.381428][ T5239] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 110.390799][ T5239] REISERFS (device loop2): using ordered data mode [ 110.397536][ T5239] reiserfs: using flush barriers [ 110.403649][ T5239] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5003] <... umount2 resumed>) = 0 [pid 5240] <... munmap resumed>) = 0 [pid 5003] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5240] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5240] ioctl(4, LOOP_SET_FD, 3 [pid 5003] lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./17/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./17") = 0 [pid 5003] mkdir("./18", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 110.420474][ T5239] REISERFS (device loop2): checking transaction log (loop2) [ 110.445368][ T5240] loop5: detected capacity change from 0 to 8192 [ 110.448805][ T5235] REISERFS (device loop1): Using r5 hash to sort names [pid 5003] close(3 [pid 5240] <... ioctl resumed>) = 0 [pid 5235] <... mount resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5240] close(3 [pid 5235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5240] <... close resumed>) = 0 [pid 5235] <... openat resumed>) = 3 [pid 5240] mkdir("./file0", 0777 [pid 5235] chdir("./file0" [pid 5240] <... mkdir resumed>) = 0 [pid 5235] <... chdir resumed>) = 0 [pid 5240] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5235] ioctl(4, LOOP_CLR_FD) = 0 [pid 5235] close(4) = 0 [pid 5235] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5235] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5235] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5235] exit_group(0) = ? [pid 5235] +++ exited with 0 +++ [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5235, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5004] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5244 [ 110.489928][ T5235] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 110.510465][ T5239] REISERFS (device loop2): Using r5 hash to sort names [ 110.523894][ T5240] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5004] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./18/binderfs") = 0 [pid 5004] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5244 attached [pid 5244] chdir("./18") = 0 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5244] setpgid(0, 0) = 0 [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5244] write(3, "1000", 4) = 4 [pid 5244] close(3) = 0 [pid 5244] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5244] memfd_create("syzkaller", 0) = 3 [pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5239] <... mount resumed>) = 0 [pid 5236] <... mount resumed>) = 0 [pid 5244] <... mmap resumed>) = 0x7f091d53c000 [pid 5239] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 110.548361][ T5240] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 110.558756][ T5236] REISERFS (device loop4): Using r5 hash to sort names [ 110.563542][ T5239] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 110.571153][ T5236] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 110.578847][ T5240] REISERFS (device loop5): using ordered data mode [pid 5236] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5239] <... openat resumed>) = 3 [pid 5239] chdir("./file0" [pid 5236] <... openat resumed>) = 3 [pid 5239] <... chdir resumed>) = 0 [pid 5239] ioctl(4, LOOP_CLR_FD [pid 5236] chdir("./file0" [pid 5239] <... ioctl resumed>) = 0 [pid 5236] <... chdir resumed>) = 0 [pid 5239] close(4 [pid 5236] ioctl(4, LOOP_CLR_FD [pid 5239] <... close resumed>) = 0 [pid 5239] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5236] <... ioctl resumed>) = 0 [pid 5239] <... openat resumed>) = 4 [pid 5236] close(4 [pid 5239] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5236] <... close resumed>) = 0 [pid 5236] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5239] <... mmap resumed>) = 0x20000000 [pid 5236] <... openat resumed>) = 4 [pid 5239] ioctl(4, FS_IOC_GETVERSION [pid 5236] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5239] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5236] <... mmap resumed>) = 0x20000000 [pid 5239] exit_group(0 [pid 5236] ioctl(4, FS_IOC_GETVERSION [pid 5239] <... exit_group resumed>) = ? [pid 5236] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5239] +++ exited with 0 +++ [pid 5236] exit_group(0 [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5239, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5236] <... exit_group resumed>) = ? [pid 5005] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5236] +++ exited with 0 +++ [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5236, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5005] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5007] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] fstat(3, [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5007] fstat(3, [pid 5005] getdents64(3, [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./19/binderfs", [pid 5007] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./18/binderfs" [ 110.607026][ T5240] reiserfs: using flush barriers [ 110.618365][ T5240] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.637252][ T5234] REISERFS (device loop3): Using r5 hash to sort names [pid 5005] unlink("./19/binderfs" [pid 5244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] <... unlink resumed>) = 0 [pid 5005] <... unlink resumed>) = 0 [pid 5007] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 110.661036][ T5240] REISERFS (device loop5): checking transaction log (loop5) [ 110.662765][ T5234] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5005] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5234] <... mount resumed>) = 0 [pid 5234] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5244] <... write resumed>) = 4194304 [pid 5234] <... openat resumed>) = 3 [pid 5244] munmap(0x7f091d53c000, 4194304 [pid 5234] chdir("./file0") = 0 [pid 5234] ioctl(4, LOOP_CLR_FD) = 0 [pid 5234] close(4 [pid 5244] <... munmap resumed>) = 0 [pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5004] <... umount2 resumed>) = 0 [pid 5244] <... openat resumed>) = 4 [pid 5244] ioctl(4, LOOP_SET_FD, 3 [pid 5234] <... close resumed>) = 0 [pid 5234] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5244] <... ioctl resumed>) = 0 [pid 5244] close(3) = 0 [pid 5244] mkdir("./file0", 0777 [pid 5234] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5234] ioctl(4, FS_IOC_GETVERSION [pid 5244] <... mkdir resumed>) = 0 [pid 5234] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5244] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5234] exit_group(0) = ? [pid 5004] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] <... umount2 resumed>) = 0 [pid 5004] <... openat resumed>) = 4 [pid 5234] +++ exited with 0 +++ [pid 5004] fstat(4, [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5234, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5006] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./18/binderfs", [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] getdents64(4, [pid 5006] unlink("./18/binderfs") = 0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] getdents64(4, [pid 5007] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... close resumed>) = 0 [pid 5007] lstat("./18/file0", [ 110.756704][ T5244] loop0: detected capacity change from 0 to 8192 [ 110.775620][ T5244] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5004] rmdir("./18/file0" [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5007] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] getdents64(3, [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3 [pid 5007] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... close resumed>) = 0 [pid 5004] rmdir("./18" [pid 5007] <... openat resumed>) = 4 [pid 5004] <... rmdir resumed>) = 0 [pid 5007] fstat(4, [pid 5004] mkdir("./19", 0777) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] <... openat resumed>) = 3 [pid 5007] getdents64(4, [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5007] close(4 [pid 5004] close(3 [pid 5007] <... close resumed>) = 0 [pid 5004] <... close resumed>) = 0 [pid 5007] rmdir("./18/file0" [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5007] <... rmdir resumed>) = 0 [pid 5007] getdents64(3, [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5246 [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./18") = 0 [pid 5007] mkdir("./19", 0777) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5246 attached [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5247 ./strace-static-x86_64: Process 5247 attached [pid 5247] chdir("./19" [pid 5246] chdir("./19") = 0 [pid 5246] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5246] setpgid(0, 0) = 0 [pid 5246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5246] write(3, "1000", 4 [pid 5247] <... chdir resumed>) = 0 [pid 5246] <... write resumed>) = 4 [pid 5246] close(3) = 0 [pid 5246] symlink("/dev/binderfs", "./binderfs" [pid 5247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5247] setpgid(0, 0) = 0 [pid 5246] <... symlink resumed>) = 0 [pid 5247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5246] memfd_create("syzkaller", 0) = 3 [pid 5246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5247] <... openat resumed>) = 3 [pid 5246] <... mmap resumed>) = 0x7f091d53c000 [ 110.820118][ T5244] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5247] write(3, "1000", 4 [pid 5006] <... umount2 resumed>) = 0 [pid 5247] <... write resumed>) = 4 [pid 5006] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5247] close(3 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5247] <... close resumed>) = 0 [pid 5006] lstat("./18/file0", [pid 5247] symlink("/dev/binderfs", "./binderfs" [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, [pid 5005] <... umount2 resumed>) = 0 [pid 5005] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5247] <... symlink resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5247] memfd_create("syzkaller", 0 [pid 5006] getdents64(4, [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5247] <... memfd_create resumed>) = 3 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5006] close(4 [pid 5005] lstat("./19/file0", [pid 5247] <... mmap resumed>) = 0x7f091d53c000 [pid 5006] <... close resumed>) = 0 [pid 5006] rmdir("./18/file0" [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5005] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] rmdir("./18" [pid 5005] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] <... rmdir resumed>) = 0 [pid 5006] mkdir("./19", 0777 [pid 5005] <... openat resumed>) = 4 [pid 5006] <... mkdir resumed>) = 0 [pid 5005] fstat(4, [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [ 110.887689][ T5244] REISERFS (device loop0): using ordered data mode [pid 5005] rmdir("./19/file0" [pid 5006] <... openat resumed>) = 3 [pid 5005] <... rmdir resumed>) = 0 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] getdents64(3, [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5248 ./strace-static-x86_64: Process 5248 attached [pid 5246] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5248] chdir("./19" [pid 5005] close(3) = 0 [pid 5005] rmdir("./19") = 0 [pid 5248] <... chdir resumed>) = 0 [pid 5248] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] mkdir("./20", 0777 [pid 5248] <... prctl resumed>) = 0 [pid 5248] setpgid(0, 0) = 0 [pid 5005] <... mkdir resumed>) = 0 [pid 5248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5248] <... openat resumed>) = 3 [pid 5248] write(3, "1000", 4) = 4 [pid 5005] <... openat resumed>) = 3 [pid 5248] close(3 [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5248] <... close resumed>) = 0 [pid 5248] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5248] memfd_create("syzkaller", 0) = 3 [pid 5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5249 [pid 5240] <... mount resumed>) = 0 [pid 5240] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5247] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5240] chdir("./file0") = 0 [pid 5240] ioctl(4, LOOP_CLR_FD) = 0 [pid 5240] close(4) = 0 [pid 5240] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 110.939758][ T5240] REISERFS (device loop5): Using r5 hash to sort names [ 110.947137][ T5244] reiserfs: using flush barriers [ 110.960989][ T5244] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.979591][ T5240] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5240] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 ./strace-static-x86_64: Process 5249 attached [pid 5240] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5249] chdir("./20" [pid 5240] exit_group(0 [pid 5249] <... chdir resumed>) = 0 [pid 5240] <... exit_group resumed>) = ? [pid 5249] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5249] setpgid(0, 0) = 0 [pid 5240] +++ exited with 0 +++ [pid 5249] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5240, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5249] <... openat resumed>) = 3 [pid 5249] write(3, "1000", 4 [pid 5008] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5249] <... write resumed>) = 4 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5249] close(3 [pid 5008] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5249] <... close resumed>) = 0 [pid 5249] symlink("/dev/binderfs", "./binderfs" [pid 5008] <... openat resumed>) = 3 [pid 5249] <... symlink resumed>) = 0 [pid 5008] fstat(3, [pid 5249] memfd_create("syzkaller", 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5249] <... memfd_create resumed>) = 3 [pid 5008] getdents64(3, [pid 5249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./18/binderfs") = 0 [ 111.045859][ T5244] REISERFS (device loop0): checking transaction log (loop0) [pid 5008] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5246] <... write resumed>) = 4194304 [pid 5246] munmap(0x7f091d53c000, 4194304) = 0 [pid 5246] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5246] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5246] close(3) = 0 [pid 5247] <... write resumed>) = 4194304 [pid 5246] mkdir("./file0", 0777 [pid 5249] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5247] munmap(0x7f091d53c000, 4194304 [pid 5246] <... mkdir resumed>) = 0 [pid 5246] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5247] <... munmap resumed>) = 0 [pid 5247] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 111.123715][ T5246] loop1: detected capacity change from 0 to 8192 [pid 5247] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5247] close(3) = 0 [pid 5247] mkdir("./file0", 0777) = 0 [ 111.170526][ T5247] loop4: detected capacity change from 0 to 8192 [ 111.179881][ T5246] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.205156][ T5247] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5247] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./18/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./18") = 0 [pid 5008] mkdir("./19", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3) = 0 [ 111.211754][ T5246] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 111.253027][ T5247] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 111.264081][ T5246] REISERFS (device loop1): using ordered data mode [pid 5249] <... write resumed>) = 4194304 [pid 5248] <... write resumed>) = 4194304 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5252 ./strace-static-x86_64: Process 5252 attached [pid 5252] chdir("./19") = 0 [pid 5252] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5252] setpgid(0, 0) = 0 [pid 5252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5252] write(3, "1000", 4) = 4 [pid 5252] close(3) = 0 [pid 5252] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5252] memfd_create("syzkaller", 0) = 3 [pid 5252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5249] munmap(0x7f091d53c000, 4194304 [ 111.265055][ T5244] REISERFS (device loop0): Using r5 hash to sort names [ 111.270602][ T5246] reiserfs: using flush barriers [ 111.284145][ T5247] REISERFS (device loop4): using ordered data mode [ 111.290723][ T5246] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.307458][ T5247] reiserfs: using flush barriers [pid 5248] munmap(0x7f091d53c000, 4194304 [pid 5249] <... munmap resumed>) = 0 [pid 5248] <... munmap resumed>) = 0 [pid 5248] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5248] ioctl(4, LOOP_SET_FD, 3 [pid 5249] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5244] <... mount resumed>) = 0 [pid 5249] <... openat resumed>) = 4 [pid 5244] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5249] ioctl(4, LOOP_SET_FD, 3 [pid 5244] <... openat resumed>) = 3 [pid 5252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5249] <... ioctl resumed>) = 0 [pid 5244] chdir("./file0" [pid 5249] close(3 [pid 5244] <... chdir resumed>) = 0 [pid 5248] <... ioctl resumed>) = 0 [pid 5248] close(3) = 0 [pid 5248] mkdir("./file0", 0777) = 0 [pid 5248] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5249] <... close resumed>) = 0 [pid 5244] ioctl(4, LOOP_CLR_FD [pid 5249] mkdir("./file0", 0777 [pid 5244] <... ioctl resumed>) = 0 [pid 5249] <... mkdir resumed>) = 0 [ 111.314721][ T5244] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 111.318078][ T5248] loop3: detected capacity change from 0 to 8192 [ 111.333637][ T5249] loop2: detected capacity change from 0 to 8192 [ 111.335853][ T5247] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.352692][ T5246] REISERFS (device loop1): checking transaction log (loop1) [pid 5244] close(4 [pid 5249] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5244] <... close resumed>) = 0 [pid 5244] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5244] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5244] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5244] exit_group(0 [pid 5252] <... write resumed>) = 4194304 [ 111.374249][ T5247] REISERFS (device loop4): checking transaction log (loop4) [ 111.400923][ T5249] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5244] <... exit_group resumed>) = ? [pid 5252] munmap(0x7f091d53c000, 4194304 [pid 5244] +++ exited with 0 +++ [pid 5252] <... munmap resumed>) = 0 [pid 5252] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5252] ioctl(4, LOOP_SET_FD, 3 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5244, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5252] <... ioctl resumed>) = 0 [pid 5252] close(3) = 0 [pid 5252] mkdir("./file0", 0777) = 0 [ 111.415364][ T5248] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.431157][ T5252] loop5: detected capacity change from 0 to 8192 [ 111.454867][ T5249] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 111.464217][ T5248] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 111.466580][ T5249] REISERFS (device loop2): using ordered data mode [ 111.479621][ T5248] REISERFS (device loop3): using ordered data mode [ 111.487125][ T5252] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.487584][ T5248] reiserfs: using flush barriers [ 111.500907][ T5246] REISERFS (device loop1): Using r5 hash to sort names [pid 5252] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5003] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./18/binderfs") = 0 [ 111.512088][ T5248] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.522434][ T5246] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 111.532264][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 111.532282][ T26] audit: type=1400 audit(1687027155.478:94): avc: denied { rename } for pid=4430 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 111.555509][ T5249] reiserfs: using flush barriers [pid 5003] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5246] <... mount resumed>) = 0 [ 111.566415][ T26] audit: type=1400 audit(1687027155.478:95): avc: denied { unlink } for pid=4430 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 111.574346][ T5252] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 111.593563][ T26] audit: type=1400 audit(1687027155.478:96): avc: denied { create } for pid=4430 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [pid 5246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5246] chdir("./file0") = 0 [pid 5246] ioctl(4, LOOP_CLR_FD) = 0 [ 111.627095][ T5248] REISERFS (device loop3): checking transaction log (loop3) [ 111.638879][ T5249] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.643069][ T5252] REISERFS (device loop5): using ordered data mode [ 111.656938][ T5249] REISERFS (device loop2): checking transaction log (loop2) [ 111.670885][ T5252] reiserfs: using flush barriers [pid 5246] close(4) = 0 [pid 5246] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5246] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5246] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5246] exit_group(0) = ? [pid 5246] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5246, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [ 111.681497][ T5252] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5247] <... mount resumed>) = 0 [pid 5247] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5247] chdir("./file0") = 0 [pid 5247] ioctl(4, LOOP_CLR_FD) = 0 [pid 5247] close(4 [pid 5004] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./19/binderfs") = 0 [pid 5004] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5247] <... close resumed>) = 0 [pid 5247] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 111.725173][ T5247] REISERFS (device loop4): Using r5 hash to sort names [ 111.732388][ T5247] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 111.736277][ T5252] REISERFS (device loop5): checking transaction log (loop5) [pid 5247] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5247] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5247] exit_group(0) = ? [pid 5247] +++ exited with 0 +++ [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5247, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5007] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5007] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./19/binderfs") = 0 [pid 5003] <... umount2 resumed>) = 0 [pid 5249] <... mount resumed>) = 0 [pid 5007] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5249] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5249] <... openat resumed>) = 3 [pid 5003] lstat("./18/file0", [pid 5249] chdir("./file0" [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5249] <... chdir resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5249] ioctl(4, LOOP_CLR_FD [pid 5003] <... openat resumed>) = 4 [pid 5003] fstat(4, [pid 5249] <... ioctl resumed>) = 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5249] close(4 [pid 5003] getdents64(4, [pid 5249] <... close resumed>) = 0 [pid 5248] <... mount resumed>) = 0 [pid 5004] <... umount2 resumed>) = 0 [pid 5003] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5249] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5248] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5004] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] getdents64(4, [pid 5249] <... openat resumed>) = 4 [pid 5248] <... openat resumed>) = 3 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5249] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5003] close(4) = 0 [pid 5249] <... mmap resumed>) = 0x20000000 [pid 5003] rmdir("./18/file0" [pid 5004] lstat("./19/file0", [pid 5249] ioctl(4, FS_IOC_GETVERSION [pid 5003] <... rmdir resumed>) = 0 [pid 5248] chdir("./file0" [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, [pid 5249] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5004] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5249] exit_group(0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] close(3 [pid 5249] <... exit_group resumed>) = ? [pid 5004] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] <... close resumed>) = 0 [pid 5249] +++ exited with 0 +++ [pid 5003] rmdir("./18" [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5249, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5005] restart_syscall(<... resuming interrupted clone ...> [pid 5004] <... openat resumed>) = 4 [pid 5003] <... rmdir resumed>) = 0 [pid 5005] <... restart_syscall resumed>) = 0 [pid 5003] mkdir("./19", 0777 [ 111.837853][ T5249] REISERFS (device loop2): Using r5 hash to sort names [ 111.845746][ T5248] REISERFS (device loop3): Using r5 hash to sort names [ 111.850711][ T5249] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 111.862092][ T5248] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5004] fstat(4, [pid 5248] <... chdir resumed>) = 0 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... mkdir resumed>) = 0 [pid 5248] ioctl(4, LOOP_CLR_FD [pid 5005] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] getdents64(4, [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] <... openat resumed>) = 3 [pid 5248] <... ioctl resumed>) = 0 [pid 5005] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] getdents64(4, [pid 5005] fstat(3, [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5248] close(4 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5248] <... close resumed>) = 0 [pid 5004] close(4 [pid 5248] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5005] getdents64(3, [pid 5003] close(3 [pid 5004] <... close resumed>) = 0 [pid 5004] rmdir("./19/file0" [pid 5003] <... close resumed>) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] getdents64(3, [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5256 [pid 5248] <... openat resumed>) = 4 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] lstat("./20/binderfs", [pid 5004] close(3 [pid 5248] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] <... close resumed>) = 0 [pid 5005] unlink("./20/binderfs" [pid 5248] ioctl(4, FS_IOC_GETVERSION [pid 5004] rmdir("./19"./strace-static-x86_64: Process 5256 attached [pid 5005] <... unlink resumed>) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5005] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] mkdir("./20", 0777 [pid 5248] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5004] <... mkdir resumed>) = 0 [pid 5248] exit_group(0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5248] <... exit_group resumed>) = ? [pid 5004] <... openat resumed>) = 3 [pid 5248] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5248, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] close(3 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... close resumed>) = 0 [pid 5006] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] <... openat resumed>) = 3 [pid 5006] fstat(3, [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5257 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, [pid 5256] chdir("./19" [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./19/binderfs" [pid 5256] <... chdir resumed>) = 0 [pid 5006] <... unlink resumed>) = 0 [pid 5006] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5257 attached [pid 5257] chdir("./20") = 0 [pid 5257] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5257] setpgid(0, 0) = 0 [pid 5256] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5256] <... prctl resumed>) = 0 [pid 5256] setpgid(0, 0) = 0 [pid 5257] write(3, "1000", 4) = 4 [pid 5257] close(3) = 0 [pid 5256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5257] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5256] <... openat resumed>) = 3 [pid 5256] write(3, "1000", 4) = 4 [pid 5257] memfd_create("syzkaller", 0 [pid 5256] close(3 [pid 5257] <... memfd_create resumed>) = 3 [pid 5257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5256] <... close resumed>) = 0 [pid 5256] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5256] memfd_create("syzkaller", 0) = 3 [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 111.997205][ T5252] REISERFS (device loop5): Using r5 hash to sort names [ 112.029462][ T5252] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5252] <... mount resumed>) = 0 [pid 5252] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5007] <... umount2 resumed>) = 0 [pid 5007] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5252] chdir("./file0" [pid 5007] lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5252] <... chdir resumed>) = 0 [pid 5007] <... openat resumed>) = 4 [pid 5252] ioctl(4, LOOP_CLR_FD) = 0 [pid 5007] fstat(4, [pid 5256] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5252] close(4 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, [pid 5252] <... close resumed>) = 0 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5252] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5005] <... umount2 resumed>) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4) = 0 [pid 5007] rmdir("./19/file0" [pid 5252] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5005] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... rmdir resumed>) = 0 [pid 5007] getdents64(3, [pid 5252] <... mmap resumed>) = 0x20000000 [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5257] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5252] ioctl(4, FS_IOC_GETVERSION [pid 5005] lstat("./20/file0", [pid 5007] close(3) = 0 [pid 5007] rmdir("./19" [pid 5252] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5007] <... rmdir resumed>) = 0 [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] mkdir("./20", 0777 [pid 5252] exit_group(0 [pid 5007] <... mkdir resumed>) = 0 [pid 5005] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5252] <... exit_group resumed>) = ? [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5252] +++ exited with 0 +++ [pid 5005] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5258 attached [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5258 [pid 5005] <... openat resumed>) = 4 [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5252, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5005] fstat(4, [pid 5008] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] getdents64(4, [pid 5258] chdir("./20" [pid 5008] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5258] <... chdir resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5005] getdents64(4, [pid 5008] fstat(3, [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] close(4 [pid 5008] getdents64(3, [pid 5005] <... close resumed>) = 0 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] rmdir("./20/file0") = 0 [pid 5008] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] getdents64(3, [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] close(3 [pid 5258] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] unlink("./19/binderfs" [pid 5005] <... close resumed>) = 0 [pid 5258] <... prctl resumed>) = 0 [pid 5008] <... unlink resumed>) = 0 [pid 5005] rmdir("./20" [pid 5008] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... rmdir resumed>) = 0 [pid 5005] mkdir("./21", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5258] setpgid(0, 0 [pid 5005] close(3 [pid 5258] <... setpgid resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5259 [pid 5258] <... openat resumed>) = 3 [pid 5258] write(3, "1000", 4) = 4 [pid 5258] close(3) = 0 [pid 5258] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5258] memfd_create("syzkaller", 0) = 3 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5006] <... umount2 resumed>) = 0 [pid 5006] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5258] <... mmap resumed>) = 0x7f091d53c000 [pid 5006] lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] close(4) = 0 [pid 5006] rmdir("./19/file0") = 0 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3) = 0 [pid 5006] rmdir("./19") = 0 [pid 5256] <... write resumed>) = 4194304 [pid 5006] mkdir("./20", 0777) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5259 attached [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5260 [pid 5259] chdir("./21" [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./19/file0", [pid 5259] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5260 attached [pid 5259] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5259] <... prctl resumed>) = 0 [pid 5008] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5259] setpgid(0, 0) = 0 [pid 5008] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5260] chdir("./20" [pid 5008] <... openat resumed>) = 4 [pid 5259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5260] <... chdir resumed>) = 0 [pid 5260] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] fstat(4, [pid 5260] <... prctl resumed>) = 0 [pid 5259] <... openat resumed>) = 3 [pid 5260] setpgid(0, 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5259] write(3, "1000", 4 [pid 5260] <... setpgid resumed>) = 0 [pid 5008] getdents64(4, [pid 5259] <... write resumed>) = 4 [pid 5260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5260] <... openat resumed>) = 3 [pid 5259] close(3 [pid 5008] getdents64(4, [pid 5260] write(3, "1000", 4 [pid 5259] <... close resumed>) = 0 [pid 5008] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5260] <... write resumed>) = 4 [pid 5259] symlink("/dev/binderfs", "./binderfs" [pid 5008] close(4 [pid 5260] close(3) = 0 [pid 5008] <... close resumed>) = 0 [pid 5008] rmdir("./19/file0" [pid 5260] symlink("/dev/binderfs", "./binderfs" [pid 5259] <... symlink resumed>) = 0 [pid 5008] <... rmdir resumed>) = 0 [pid 5260] <... symlink resumed>) = 0 [pid 5008] getdents64(3, [pid 5259] memfd_create("syzkaller", 0 [pid 5260] memfd_create("syzkaller", 0 [pid 5008] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5260] <... memfd_create resumed>) = 3 [pid 5259] <... memfd_create resumed>) = 3 [pid 5257] <... write resumed>) = 4194304 [pid 5008] close(3 [pid 5256] munmap(0x7f091d53c000, 4194304 [pid 5260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5008] <... close resumed>) = 0 [pid 5260] <... mmap resumed>) = 0x7f091d53c000 [pid 5259] <... mmap resumed>) = 0x7f091d53c000 [pid 5256] <... munmap resumed>) = 0 [pid 5008] rmdir("./19") = 0 [pid 5008] mkdir("./20", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5256] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5256] ioctl(4, LOOP_SET_FD, 3 [pid 5257] munmap(0x7f091d53c000, 4194304) = 0 [pid 5256] <... ioctl resumed>) = 0 [pid 5257] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5256] close(3 [pid 5257] <... openat resumed>) = 4 [pid 5256] <... close resumed>) = 0 [pid 5256] mkdir("./file0", 0777 [pid 5257] ioctl(4, LOOP_SET_FD, 3 [pid 5256] <... mkdir resumed>) = 0 [pid 5256] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5008] <... openat resumed>) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5262 ./strace-static-x86_64: Process 5262 attached [pid 5258] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5262] chdir("./20") = 0 [pid 5262] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5260] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5262] <... prctl resumed>) = 0 [pid 5262] setpgid(0, 0) = 0 [pid 5262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5262] write(3, "1000", 4) = 4 [pid 5262] close(3) = 0 [pid 5257] <... ioctl resumed>) = 0 [pid 5262] symlink("/dev/binderfs", "./binderfs" [pid 5257] close(3 [pid 5262] <... symlink resumed>) = 0 [pid 5259] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5257] <... close resumed>) = 0 [pid 5262] memfd_create("syzkaller", 0 [ 112.247330][ T5256] loop0: detected capacity change from 0 to 8192 [ 112.261700][ T5257] loop1: detected capacity change from 0 to 8192 [ 112.276352][ T5256] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5257] mkdir("./file0", 0777 [pid 5262] <... memfd_create resumed>) = 3 [pid 5257] <... mkdir resumed>) = 0 [pid 5262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5257] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5262] <... mmap resumed>) = 0x7f091d53c000 [ 112.322998][ T5256] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 112.347650][ T5257] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5258] <... write resumed>) = 4194304 [ 112.391921][ T5256] REISERFS (device loop0): using ordered data mode [ 112.394222][ T5257] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 112.408131][ T5257] REISERFS (device loop1): using ordered data mode [ 112.415611][ T5257] reiserfs: using flush barriers [ 112.422039][ T5257] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5262] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5258] munmap(0x7f091d53c000, 4194304) = 0 [pid 5260] <... write resumed>) = 4194304 [pid 5260] munmap(0x7f091d53c000, 4194304 [pid 5258] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5258] ioctl(4, LOOP_SET_FD, 3 [pid 5260] <... munmap resumed>) = 0 [pid 5260] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 112.433952][ T5256] reiserfs: using flush barriers [ 112.452692][ T5257] REISERFS (device loop1): checking transaction log (loop1) [ 112.455337][ T5258] loop4: detected capacity change from 0 to 8192 [ 112.472387][ T5260] loop3: detected capacity change from 0 to 8192 [pid 5260] ioctl(4, LOOP_SET_FD, 3 [pid 5259] <... write resumed>) = 4194304 [pid 5259] munmap(0x7f091d53c000, 4194304) = 0 [pid 5259] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5259] ioctl(4, LOOP_SET_FD, 3 [pid 5258] <... ioctl resumed>) = 0 [pid 5258] close(3) = 0 [pid 5258] mkdir("./file0", 0777 [pid 5260] <... ioctl resumed>) = 0 [pid 5260] close(3) = 0 [pid 5260] mkdir("./file0", 0777 [pid 5258] <... mkdir resumed>) = 0 [pid 5260] <... mkdir resumed>) = 0 [pid 5260] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5258] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5259] <... ioctl resumed>) = 0 [pid 5259] close(3) = 0 [pid 5259] mkdir("./file0", 0777) = 0 [ 112.478998][ T5256] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.487117][ T5259] loop2: detected capacity change from 0 to 8192 [ 112.515253][ T5260] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.534195][ T5256] REISERFS (device loop0): checking transaction log (loop0) [pid 5259] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5262] <... write resumed>) = 4194304 [pid 5262] munmap(0x7f091d53c000, 4194304) = 0 [pid 5262] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5262] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5262] close(3) = 0 [pid 5262] mkdir("./file0", 0777) = 0 [ 112.543082][ T5258] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.556864][ T5260] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 112.570638][ T5258] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 112.573272][ T5262] loop5: detected capacity change from 0 to 8192 [ 112.583380][ T5260] REISERFS (device loop3): using ordered data mode [ 112.594685][ T5259] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.596534][ T5260] reiserfs: using flush barriers [ 112.615653][ T5257] REISERFS (device loop1): Using r5 hash to sort names [ 112.620215][ T5258] REISERFS (device loop4): using ordered data mode [ 112.623679][ T5257] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5262] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5257] <... mount resumed>) = 0 [ 112.629226][ T5259] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 112.639561][ T5262] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.647519][ T5259] REISERFS (device loop2): using ordered data mode [ 112.667036][ T5259] reiserfs: using flush barriers [ 112.672932][ T5259] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.688555][ T5258] reiserfs: using flush barriers [pid 5257] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5257] chdir("./file0") = 0 [ 112.689730][ T5259] REISERFS (device loop2): checking transaction log (loop2) [ 112.697785][ T5260] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.705652][ T5262] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 112.734170][ T5262] REISERFS (device loop5): using ordered data mode [pid 5257] ioctl(4, LOOP_CLR_FD) = 0 [pid 5257] close(4) = 0 [pid 5257] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5257] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5257] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5257] exit_group(0) = ? [ 112.741009][ T5262] reiserfs: using flush barriers [pid 5257] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5257, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5004] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./20/binderfs") = 0 [ 112.767901][ T5262] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.773305][ T5260] REISERFS (device loop3): checking transaction log (loop3) [ 112.797637][ T5258] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5004] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5004] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5004] rmdir("./20/file0") = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./20") = 0 [pid 5004] mkdir("./21", 0777) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = 0 [ 112.816530][ T5259] REISERFS (device loop2): Using r5 hash to sort names [ 112.823680][ T5259] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 112.834172][ T5258] REISERFS (device loop4): checking transaction log (loop4) [pid 5004] close(3 [pid 5259] <... mount resumed>) = 0 [pid 5259] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5259] chdir("./file0") = 0 [pid 5259] ioctl(4, LOOP_CLR_FD) = 0 [pid 5259] close(4) = 0 [pid 5259] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5259] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5259] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5259] exit_group(0) = ? [pid 5259] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5259, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5005] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./21/binderfs") = 0 [ 112.894348][ T5256] REISERFS (device loop0): Using r5 hash to sort names [ 112.907403][ T5262] REISERFS (device loop5): checking transaction log (loop5) [ 112.933500][ T5256] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5005] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5256] <... mount resumed>) = 0 [pid 5256] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5256] chdir("./file0") = 0 [pid 5256] ioctl(4, LOOP_CLR_FD) = 0 [pid 5256] close(4) = 0 [pid 5256] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5004] <... close resumed>) = 0 [pid 5256] <... openat resumed>) = 4 [pid 5256] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5256] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5256] exit_group(0) = ? [pid 5256] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5256, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5003] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5003] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./19/binderfs") = 0 [pid 5003] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 113.015444][ T5260] REISERFS (device loop3): Using r5 hash to sort names [ 113.053060][ T5260] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... umount2 resumed>) = 0 [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5268 [pid 5003] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5268 attached [pid 5003] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5268] chdir("./21" [pid 5003] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5268] <... chdir resumed>) = 0 [pid 5003] <... openat resumed>) = 4 [pid 5268] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5003] fstat(4, [pid 5268] <... prctl resumed>) = 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./19/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./19") = 0 [pid 5003] mkdir("./20", 0777 [pid 5268] setpgid(0, 0 [pid 5260] <... mount resumed>) = 0 [pid 5003] <... mkdir resumed>) = 0 [pid 5268] <... setpgid resumed>) = 0 [pid 5260] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5260] <... openat resumed>) = 3 [pid 5268] <... openat resumed>) = 3 [pid 5260] chdir("./file0" [pid 5258] <... mount resumed>) = 0 [pid 5005] <... umount2 resumed>) = 0 [pid 5268] write(3, "1000", 4 [pid 5260] <... chdir resumed>) = 0 [pid 5258] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5005] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5268] <... write resumed>) = 4 [pid 5260] ioctl(4, LOOP_CLR_FD [pid 5258] <... openat resumed>) = 3 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5268] close(3 [pid 5260] <... ioctl resumed>) = 0 [pid 5258] chdir("./file0" [pid 5005] lstat("./21/file0", [pid 5268] <... close resumed>) = 0 [pid 5260] close(4 [pid 5258] <... chdir resumed>) = 0 [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5268] symlink("/dev/binderfs", "./binderfs" [pid 5260] <... close resumed>) = 0 [pid 5258] ioctl(4, LOOP_CLR_FD [pid 5005] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5268] <... symlink resumed>) = 0 [pid 5260] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5258] <... ioctl resumed>) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5268] memfd_create("syzkaller", 0 [pid 5260] <... openat resumed>) = 4 [pid 5258] close(4 [pid 5005] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5268] <... memfd_create resumed>) = 3 [pid 5260] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5258] <... close resumed>) = 0 [pid 5005] <... openat resumed>) = 4 [pid 5268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5260] <... mmap resumed>) = 0x20000000 [pid 5258] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5005] fstat(4, [pid 5268] <... mmap resumed>) = 0x7f091d53c000 [pid 5260] ioctl(4, FS_IOC_GETVERSION [pid 5258] <... openat resumed>) = 4 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5260] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5258] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5005] getdents64(4, [pid 5260] exit_group(0 [pid 5258] <... mmap resumed>) = 0x20000000 [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5260] <... exit_group resumed>) = ? [pid 5258] ioctl(4, FS_IOC_GETVERSION [pid 5005] getdents64(4, [pid 5260] +++ exited with 0 +++ [pid 5258] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 113.067488][ T5258] REISERFS (device loop4): Using r5 hash to sort names [ 113.091195][ T5258] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5258] exit_group(0 [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5260, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5005] close(4 [pid 5258] <... exit_group resumed>) = ? [pid 5005] <... close resumed>) = 0 [pid 5258] +++ exited with 0 +++ [pid 5005] rmdir("./21/file0") = 0 [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5258, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5005] getdents64(3, [pid 5007] restart_syscall(<... resuming interrupted clone ...> [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] <... restart_syscall resumed>) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./21" [pid 5006] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... rmdir resumed>) = 0 [pid 5007] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] mkdir("./22", 0777 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] <... mkdir resumed>) = 0 [pid 5007] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5007] <... openat resumed>) = 3 [pid 5006] <... openat resumed>) = 3 [pid 5005] <... openat resumed>) = 3 [pid 5007] fstat(3, [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] fstat(3, [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5007] getdents64(3, [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] close(3 [pid 5007] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] getdents64(3, [pid 5005] <... close resumed>) = 0 [pid 5007] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] lstat("./20/binderfs", [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5269 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] lstat("./20/binderfs", [pid 5007] unlink("./20/binderfs" [pid 5006] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] <... unlink resumed>) = 0 [pid 5007] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] unlink("./20/binderfs") = 0 [pid 5006] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5269 attached [pid 5269] chdir("./22") = 0 [pid 5269] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5269] setpgid(0, 0) = 0 [pid 5269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5269] write(3, "1000", 4) = 4 [pid 5269] close(3) = 0 [pid 5269] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5003] <... openat resumed>) = 3 [pid 5269] memfd_create("syzkaller", 0 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3 [pid 5269] <... memfd_create resumed>) = 3 [pid 5003] <... close resumed>) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5270 ./strace-static-x86_64: Process 5270 attached [pid 5270] chdir("./20") = 0 [pid 5270] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5268] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5270] setpgid(0, 0) = 0 [pid 5270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5270] write(3, "1000", 4) = 4 [pid 5270] close(3) = 0 [pid 5270] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5270] memfd_create("syzkaller", 0) = 3 [pid 5270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 113.209151][ T5262] REISERFS (device loop5): Using r5 hash to sort names [ 113.248944][ T5262] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5262] <... mount resumed>) = 0 [pid 5262] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5262] chdir("./file0") = 0 [pid 5262] ioctl(4, LOOP_CLR_FD) = 0 [pid 5262] close(4) = 0 [pid 5262] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5262] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5262] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5262] exit_group(0) = ? [pid 5262] +++ exited with 0 +++ [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5262, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5008] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5269] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5008] fstat(3, [pid 5270] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./20/binderfs") = 0 [pid 5008] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... umount2 resumed>) = 0 [pid 5268] <... write resumed>) = 4194304 [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] lstat("./20/file0", [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5268] munmap(0x7f091d53c000, 4194304 [pid 5008] <... openat resumed>) = 4 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5268] <... munmap resumed>) = 0 [pid 5008] fstat(4, [pid 5006] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] <... openat resumed>) = 4 [pid 5008] getdents64(4, [pid 5006] fstat(4, [pid 5008] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] getdents64(4, [pid 5006] close(4 [pid 5268] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5008] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] <... close resumed>) = 0 [pid 5268] <... openat resumed>) = 4 [pid 5008] close(4 [pid 5006] rmdir("./20/file0" [pid 5268] ioctl(4, LOOP_SET_FD, 3 [pid 5008] <... close resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5008] rmdir("./20/file0" [pid 5006] getdents64(3, [pid 5008] <... rmdir resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] getdents64(3, [pid 5006] close(3 [pid 5008] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] <... close resumed>) = 0 [pid 5008] close(3 [pid 5006] rmdir("./20" [pid 5008] <... close resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5008] rmdir("./20" [pid 5006] mkdir("./21", 0777 [pid 5008] <... rmdir resumed>) = 0 [pid 5006] <... mkdir resumed>) = 0 [pid 5008] mkdir("./21", 0777 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5008] <... mkdir resumed>) = 0 [pid 5006] <... openat resumed>) = 3 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5271 [pid 5007] <... umount2 resumed>) = 0 [pid 5007] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5007] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4) = 0 [pid 5007] rmdir("./20/file0") = 0 [pid 5268] <... ioctl resumed>) = 0 [pid 5268] close(3) = 0 [pid 5268] mkdir("./file0", 0777) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./20") = 0 [pid 5268] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5007] mkdir("./21", 0777./strace-static-x86_64: Process 5271 attached ) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5271] chdir("./21") = 0 [pid 5269] <... write resumed>) = 4194304 [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5273 [ 113.422231][ T5268] loop1: detected capacity change from 0 to 8192 ./strace-static-x86_64: Process 5273 attached [pid 5273] chdir("./21") = 0 [pid 5273] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5273] setpgid(0, 0) = 0 [pid 5273] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5273] write(3, "1000", 4) = 4 [pid 5273] close(3) = 0 [pid 5273] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5273] memfd_create("syzkaller", 0) = 3 [pid 5273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5269] munmap(0x7f091d53c000, 4194304) = 0 [pid 5271] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5271] setpgid(0, 0 [pid 5269] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5271] <... setpgid resumed>) = 0 [pid 5269] <... openat resumed>) = 4 [pid 5271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5271] write(3, "1000", 4 [pid 5269] ioctl(4, LOOP_SET_FD, 3 [pid 5271] <... write resumed>) = 4 [pid 5271] close(3) = 0 [pid 5271] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5271] memfd_create("syzkaller", 0) = 3 [pid 5271] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5269] <... ioctl resumed>) = 0 [pid 5269] close(3) = 0 [pid 5269] mkdir("./file0", 0777) = 0 [pid 5269] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5270] <... write resumed>) = 4194304 [ 113.461146][ T5268] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.481933][ T5269] loop2: detected capacity change from 0 to 8192 [pid 5270] munmap(0x7f091d53c000, 4194304) = 0 [pid 5270] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5270] ioctl(4, LOOP_SET_FD, 3 [pid 5008] <... openat resumed>) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5275 [ 113.512775][ T5269] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.528965][ T5268] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 113.539966][ T5270] loop0: detected capacity change from 0 to 8192 ./strace-static-x86_64: Process 5275 attached [pid 5275] chdir("./21") = 0 [pid 5275] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5275] setpgid(0, 0) = 0 [pid 5275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5270] <... ioctl resumed>) = 0 [pid 5270] close(3) = 0 [pid 5275] <... openat resumed>) = 3 [pid 5270] mkdir("./file0", 0777) = 0 [pid 5273] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5275] write(3, "1000", 4) = 4 [pid 5275] close(3) = 0 [pid 5270] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5275] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5271] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5275] memfd_create("syzkaller", 0) = 3 [pid 5275] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 113.559763][ T5268] REISERFS (device loop1): using ordered data mode [ 113.567103][ T5268] reiserfs: using flush barriers [ 113.574484][ T5268] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.589352][ T5269] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 113.591667][ T5268] REISERFS (device loop1): checking transaction log (loop1) [ 113.634223][ T5270] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.646745][ T5269] REISERFS (device loop2): using ordered data mode [ 113.653764][ T5269] reiserfs: using flush barriers [ 113.660943][ T5269] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.699338][ T5269] REISERFS (device loop2): checking transaction log (loop2) [ 113.714327][ T5270] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 113.724527][ T5270] REISERFS (device loop0): using ordered data mode [ 113.732563][ T5270] reiserfs: using flush barriers [pid 5275] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5273] <... write resumed>) = 4194304 [pid 5271] <... write resumed>) = 4194304 [pid 5273] munmap(0x7f091d53c000, 4194304 [pid 5271] munmap(0x7f091d53c000, 4194304) = 0 [pid 5271] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 113.740509][ T5270] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.758850][ T5270] REISERFS (device loop0): checking transaction log (loop0) [ 113.759949][ T5268] REISERFS (device loop1): Using r5 hash to sort names [pid 5271] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5271] close(3) = 0 [pid 5271] mkdir("./file0", 0777) = 0 [pid 5271] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5273] <... munmap resumed>) = 0 [pid 5273] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5273] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5273] close(3) = 0 [pid 5273] mkdir("./file0", 0777) = 0 [pid 5273] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5268] <... mount resumed>) = 0 [pid 5268] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 113.791441][ T5271] loop3: detected capacity change from 0 to 8192 [ 113.792647][ T5268] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 113.814654][ T5273] loop4: detected capacity change from 0 to 8192 [ 113.828612][ T5271] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5268] chdir("./file0") = 0 [pid 5268] ioctl(4, LOOP_CLR_FD) = 0 [pid 5268] close(4 [pid 5275] <... write resumed>) = 4194304 [pid 5268] <... close resumed>) = 0 [pid 5275] munmap(0x7f091d53c000, 4194304 [pid 5268] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5275] <... munmap resumed>) = 0 [pid 5268] <... openat resumed>) = 4 [pid 5268] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5275] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5268] ioctl(4, FS_IOC_GETVERSION [pid 5275] <... openat resumed>) = 4 [pid 5268] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [ 113.853042][ T5273] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.865711][ T5271] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 113.882645][ T5271] REISERFS (device loop3): using ordered data mode [ 113.894665][ T5271] reiserfs: using flush barriers [pid 5275] ioctl(4, LOOP_SET_FD, 3 [pid 5268] exit_group(0 [pid 5275] <... ioctl resumed>) = 0 [pid 5268] <... exit_group resumed>) = ? [ 113.901816][ T5273] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 113.903086][ T5271] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.923391][ T5273] REISERFS (device loop4): using ordered data mode [ 113.927383][ T5275] loop5: detected capacity change from 0 to 8192 [ 113.933939][ T5273] reiserfs: using flush barriers [ 113.942977][ T5271] REISERFS (device loop3): checking transaction log (loop3) [pid 5275] close(3 [pid 5268] +++ exited with 0 +++ [pid 5275] <... close resumed>) = 0 [pid 5275] mkdir("./file0", 0777) = 0 [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5268, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5275] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5004] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 113.951036][ T5269] REISERFS (device loop2): Using r5 hash to sort names [ 113.971974][ T5269] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 113.974983][ T5273] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5004] unlink("./21/binderfs" [pid 5269] <... mount resumed>) = 0 [pid 5269] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5269] chdir("./file0") = 0 [pid 5269] ioctl(4, LOOP_CLR_FD) = 0 [pid 5269] close(4) = 0 [pid 5004] <... unlink resumed>) = 0 [pid 5269] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5004] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5269] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5269] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5269] exit_group(0) = ? [pid 5269] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5269, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [ 113.998765][ T5270] REISERFS (device loop0): Using r5 hash to sort names [ 113.999430][ T5275] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.023026][ T5275] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 114.032860][ T5275] REISERFS (device loop5): using ordered data mode [ 114.039965][ T5275] reiserfs: using flush barriers [ 114.044067][ T5270] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5005] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./22/binderfs") = 0 [pid 5005] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5270] <... mount resumed>) = 0 [pid 5270] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 114.046829][ T5273] REISERFS (device loop4): checking transaction log (loop4) [ 114.062087][ T5275] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5270] chdir("./file0") = 0 [pid 5270] ioctl(4, LOOP_CLR_FD) = 0 [pid 5270] close(4) = 0 [pid 5270] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5270] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5270] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5270] exit_group(0) = ? [pid 5270] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5270, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5003] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./20/binderfs") = 0 [pid 5003] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5003] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 114.139038][ T5271] REISERFS (device loop3): Using r5 hash to sort names [ 114.147131][ T5275] REISERFS (device loop5): checking transaction log (loop5) [ 114.164696][ T5271] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5003] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5271] <... mount resumed>) = 0 [pid 5271] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5271] chdir("./file0") = 0 [pid 5271] ioctl(4, LOOP_CLR_FD) = 0 [pid 5271] close(4) = 0 [pid 5271] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5271] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./20/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./20") = 0 [pid 5003] mkdir("./21", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = 0 [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5280 [pid 5271] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5271] exit_group(0) = ? [pid 5271] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5271, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5006] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./21/binderfs") = 0 [pid 5006] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5280 attached [pid 5280] chdir("./21" [pid 5004] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./21/file0", [pid 5280] <... chdir resumed>) = 0 [pid 5280] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5004] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 114.204847][ T5273] REISERFS (device loop4): Using r5 hash to sort names [ 114.212044][ T5273] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5004] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5280] setpgid(0, 0 [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5004] rmdir("./21/file0") = 0 [pid 5280] <... setpgid resumed>) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5004] close(3) = 0 [pid 5280] <... openat resumed>) = 3 [pid 5280] write(3, "1000", 4 [pid 5004] rmdir("./21" [pid 5280] <... write resumed>) = 4 [pid 5280] close(3 [pid 5004] <... rmdir resumed>) = 0 [pid 5280] <... close resumed>) = 0 [pid 5280] symlink("/dev/binderfs", "./binderfs" [pid 5004] mkdir("./22", 0777 [pid 5280] <... symlink resumed>) = 0 [pid 5004] <... mkdir resumed>) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5280] memfd_create("syzkaller", 0) = 3 [pid 5280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5004] <... openat resumed>) = 3 [pid 5280] <... mmap resumed>) = 0x7f091d53c000 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5281 ./strace-static-x86_64: Process 5281 attached [pid 5281] chdir("./22") = 0 [pid 5281] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5281] setpgid(0, 0) = 0 [pid 5281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5281] write(3, "1000", 4) = 4 [pid 5281] close(3) = 0 [pid 5281] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5281] memfd_create("syzkaller", 0) = 3 [pid 5281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5006] <... umount2 resumed>) = 0 [pid 5006] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, [pid 5273] <... mount resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5273] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5006] getdents64(4, [pid 5273] <... openat resumed>) = 3 [pid 5006] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5273] chdir("./file0" [pid 5006] close(4 [pid 5273] <... chdir resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5006] rmdir("./21/file0" [pid 5273] ioctl(4, LOOP_CLR_FD [pid 5006] <... rmdir resumed>) = 0 [pid 5273] <... ioctl resumed>) = 0 [pid 5006] getdents64(3, [pid 5273] close(4 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5273] <... close resumed>) = 0 [pid 5006] close(3 [pid 5273] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5006] <... close resumed>) = 0 [pid 5006] rmdir("./21") = 0 [pid 5006] mkdir("./22", 0777 [pid 5273] <... openat resumed>) = 4 [pid 5006] <... mkdir resumed>) = 0 [pid 5273] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5273] <... mmap resumed>) = 0x20000000 [pid 5273] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5273] exit_group(0) = ? [pid 5273] +++ exited with 0 +++ [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5273, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5007] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5007] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5007] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./21/binderfs") = 0 [pid 5007] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... umount2 resumed>) = 0 [pid 5005] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5280] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5006] <... openat resumed>) = 3 [pid 5005] <... openat resumed>) = 4 [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5005] fstat(4, [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] <... umount2 resumed>) = 0 [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5282 [pid 5007] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] getdents64(4, [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] lstat("./21/file0", [pid 5005] getdents64(4, [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] close(4 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... close resumed>) = 0 [pid 5007] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] rmdir("./22/file0" [pid 5007] <... openat resumed>) = 4 [pid 5007] fstat(4, [pid 5005] <... rmdir resumed>) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, [pid 5007] getdents64(4, [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] close(3 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] <... close resumed>) = 0 [pid 5007] close(4 [pid 5005] rmdir("./22" [pid 5007] <... close resumed>) = 0 [pid 5007] rmdir("./21/file0" [pid 5005] <... rmdir resumed>) = 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5005] mkdir("./23", 0777 [pid 5007] getdents64(3, ./strace-static-x86_64: Process 5282 attached 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] <... mkdir resumed>) = 0 [pid 5282] chdir("./22" [pid 5007] close(3 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5282] <... chdir resumed>) = 0 [pid 5007] <... close resumed>) = 0 [pid 5005] <... openat resumed>) = 3 [pid 5007] rmdir("./21" [pid 5282] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5282] <... prctl resumed>) = 0 [pid 5007] <... rmdir resumed>) = 0 [pid 5282] setpgid(0, 0 [pid 5281] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] mkdir("./22", 0777 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5282] <... setpgid resumed>) = 0 [pid 5007] <... mkdir resumed>) = 0 [pid 5005] close(3 [pid 5282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5005] <... close resumed>) = 0 [ 114.424345][ T5275] REISERFS (device loop5): Using r5 hash to sort names [ 114.431552][ T5275] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5282] <... openat resumed>) = 3 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5282] write(3, "1000", 4 [pid 5007] <... openat resumed>) = 3 [pid 5282] <... write resumed>) = 4 [pid 5275] <... mount resumed>) = 0 [pid 5007] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5283 attached [pid 5282] close(3 [pid 5275] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5007] <... ioctl resumed>) = 0 [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5283 [pid 5283] chdir("./23" [pid 5282] <... close resumed>) = 0 [pid 5280] <... write resumed>) = 4194304 [pid 5275] <... openat resumed>) = 3 [pid 5007] close(3 [pid 5283] <... chdir resumed>) = 0 [pid 5282] symlink("/dev/binderfs", "./binderfs" [pid 5280] munmap(0x7f091d53c000, 4194304 [pid 5275] chdir("./file0" [pid 5007] <... close resumed>) = 0 [pid 5283] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5282] <... symlink resumed>) = 0 [pid 5280] <... munmap resumed>) = 0 [pid 5275] <... chdir resumed>) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5283] <... prctl resumed>) = 0 [pid 5282] memfd_create("syzkaller", 0 [pid 5280] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5275] ioctl(4, LOOP_CLR_FD [pid 5283] setpgid(0, 0 [pid 5280] <... openat resumed>) = 4 [pid 5275] <... ioctl resumed>) = 0 [pid 5283] <... setpgid resumed>) = 0 [pid 5282] <... memfd_create resumed>) = 3 [pid 5280] ioctl(4, LOOP_SET_FD, 3 [pid 5275] close(4 [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5284 [pid 5283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5284 attached [pid 5284] chdir("./22") = 0 [pid 5284] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5280] <... ioctl resumed>) = 0 [pid 5275] <... close resumed>) = 0 [pid 5284] setpgid(0, 0 [pid 5283] <... openat resumed>) = 3 [pid 5282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5275] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5284] <... setpgid resumed>) = 0 [pid 5283] write(3, "1000", 4 [pid 5282] <... mmap resumed>) = 0x7f091d53c000 [pid 5280] close(3 [pid 5275] <... openat resumed>) = 4 [pid 5284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5283] <... write resumed>) = 4 [pid 5284] <... openat resumed>) = 3 [pid 5284] write(3, "1000", 4) = 4 [pid 5284] close(3) = 0 [pid 5284] symlink("/dev/binderfs", "./binderfs" [pid 5280] <... close resumed>) = 0 [pid 5284] <... symlink resumed>) = 0 [pid 5283] close(3 [pid 5280] mkdir("./file0", 0777 [pid 5275] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5284] memfd_create("syzkaller", 0 [pid 5283] <... close resumed>) = 0 [pid 5280] <... mkdir resumed>) = 0 [pid 5284] <... memfd_create resumed>) = 3 [pid 5283] symlink("/dev/binderfs", "./binderfs" [pid 5280] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5275] <... mmap resumed>) = 0x20000000 [pid 5283] <... symlink resumed>) = 0 [pid 5284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5283] memfd_create("syzkaller", 0 [pid 5275] ioctl(4, FS_IOC_GETVERSION [pid 5283] <... memfd_create resumed>) = 3 [pid 5275] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5283] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5275] exit_group(0 [pid 5283] <... mmap resumed>) = 0x7f091d53c000 [pid 5275] <... exit_group resumed>) = ? [ 114.515798][ T5280] loop0: detected capacity change from 0 to 8192 [pid 5275] +++ exited with 0 +++ [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5275, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5008] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5008] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./21/binderfs") = 0 [pid 5008] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 114.580541][ T5280] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5282] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5281] <... write resumed>) = 4194304 [pid 5281] munmap(0x7f091d53c000, 4194304) = 0 [pid 5281] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5281] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5281] close(3) = 0 [pid 5281] mkdir("./file0", 0777) = 0 [ 114.652135][ T5280] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 114.674034][ T5281] loop1: detected capacity change from 0 to 8192 [pid 5281] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5282] <... write resumed>) = 4194304 [ 114.704571][ T5280] REISERFS (device loop0): using ordered data mode [ 114.705621][ T5281] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.711345][ T5280] reiserfs: using flush barriers [pid 5283] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5282] munmap(0x7f091d53c000, 4194304) = 0 [ 114.748594][ T5280] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5282] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5282] ioctl(4, LOOP_SET_FD, 3 [pid 5284] <... write resumed>) = 4194304 [ 114.809415][ T5280] REISERFS (device loop0): checking transaction log (loop0) [ 114.811431][ T5282] loop3: detected capacity change from 0 to 8192 [ 114.818516][ T5281] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 114.832731][ T5281] REISERFS (device loop1): using ordered data mode [ 114.839916][ T5281] reiserfs: using flush barriers [pid 5284] munmap(0x7f091d53c000, 4194304 [pid 5283] <... write resumed>) = 4194304 [pid 5282] <... ioctl resumed>) = 0 [pid 5008] <... umount2 resumed>) = 0 [pid 5283] munmap(0x7f091d53c000, 4194304 [pid 5282] close(3 [pid 5283] <... munmap resumed>) = 0 [pid 5282] <... close resumed>) = 0 [pid 5008] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5283] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5282] mkdir("./file0", 0777 [pid 5283] <... openat resumed>) = 4 [pid 5282] <... mkdir resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5283] ioctl(4, LOOP_SET_FD, 3 [pid 5282] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5284] <... munmap resumed>) = 0 [pid 5008] lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, [pid 5284] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5008] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5283] <... ioctl resumed>) = 0 [pid 5008] getdents64(4, [pid 5283] close(3 [pid 5008] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5283] <... close resumed>) = 0 [pid 5008] close(4 [pid 5283] mkdir("./file0", 0777 [pid 5008] <... close resumed>) = 0 [pid 5284] ioctl(4, LOOP_SET_FD, 3 [pid 5283] <... mkdir resumed>) = 0 [pid 5008] rmdir("./21/file0") = 0 [pid 5283] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./21") = 0 [pid 5008] mkdir("./22", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3 [pid 5284] <... ioctl resumed>) = 0 [pid 5008] <... close resumed>) = 0 [ 114.847032][ T5281] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.872151][ T5283] loop2: detected capacity change from 0 to 8192 [ 114.885335][ T5284] loop4: detected capacity change from 0 to 8192 [ 114.895556][ T5282] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5284] close(3 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5289 ./strace-static-x86_64: Process 5289 attached [pid 5289] chdir("./22") = 0 [pid 5289] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5289] setpgid(0, 0) = 0 [pid 5284] <... close resumed>) = 0 [pid 5289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5289] write(3, "1000", 4) = 4 [pid 5289] close(3) = 0 [pid 5289] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5289] memfd_create("syzkaller", 0) = 3 [pid 5289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5284] mkdir("./file0", 0777) = 0 [ 114.910347][ T5283] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.911345][ T5281] REISERFS (device loop1): checking transaction log (loop1) [ 114.934014][ T5282] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 114.943771][ T5282] REISERFS (device loop3): using ordered data mode [ 114.954845][ T5282] reiserfs: using flush barriers [ 114.960001][ T5283] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 114.960478][ T5284] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.982463][ T5282] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.982965][ T5280] REISERFS (device loop0): Using r5 hash to sort names [pid 5284] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [ 115.002135][ T5283] REISERFS (device loop2): using ordered data mode [ 115.012399][ T5283] reiserfs: using flush barriers [ 115.019749][ T5284] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 115.025591][ T5283] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.029282][ T5284] REISERFS (device loop4): using ordered data mode [ 115.052012][ T5284] reiserfs: using flush barriers [pid 5289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5280] <... mount resumed>) = 0 [pid 5280] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5280] chdir("./file0") = 0 [pid 5280] ioctl(4, LOOP_CLR_FD) = 0 [pid 5280] close(4) = 0 [ 115.057720][ T5280] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 115.058216][ T5284] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.069951][ T5282] REISERFS (device loop3): checking transaction log (loop3) [pid 5280] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5280] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5280] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5280] exit_group(0) = ? [pid 5280] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5280, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5003] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5003] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./21/binderfs") = 0 [ 115.114625][ T5283] REISERFS (device loop2): checking transaction log (loop2) [ 115.144344][ T5284] REISERFS (device loop4): checking transaction log (loop4) [pid 5003] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5289] <... write resumed>) = 4194304 [pid 5289] munmap(0x7f091d53c000, 4194304) = 0 [pid 5289] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5289] ioctl(4, LOOP_SET_FD, 3 [pid 5281] <... mount resumed>) = 0 [pid 5281] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5281] chdir("./file0") = 0 [pid 5281] ioctl(4, LOOP_CLR_FD) = 0 [pid 5281] close(4 [pid 5289] <... ioctl resumed>) = 0 [pid 5289] close(3) = 0 [pid 5289] mkdir("./file0", 0777) = 0 [pid 5289] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5281] <... close resumed>) = 0 [pid 5281] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5281] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [ 115.187538][ T5281] REISERFS (device loop1): Using r5 hash to sort names [ 115.206310][ T5281] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 115.229427][ T5289] loop5: detected capacity change from 0 to 8192 [pid 5281] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5281] exit_group(0) = ? [pid 5281] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5281, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5004] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./22/binderfs") = 0 [pid 5004] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = 0 [pid 5003] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 115.276277][ T5289] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.305926][ T5284] REISERFS (device loop4): Using r5 hash to sort names [pid 5003] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./21/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./21") = 0 [pid 5003] mkdir("./22", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5292 [pid 5004] <... umount2 resumed>) = 0 [pid 5004] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 115.325153][ T5284] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 115.350335][ T5289] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 115.359711][ T5289] REISERFS (device loop5): using ordered data mode [ 115.367441][ T5289] reiserfs: using flush barriers ./strace-static-x86_64: Process 5292 attached [pid 5284] <... mount resumed>) = 0 [pid 5004] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5292] chdir("./22" [pid 5284] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5004] rmdir("./22/file0") = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./22") = 0 [pid 5004] mkdir("./23", 0777) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5292] <... chdir resumed>) = 0 [pid 5284] <... openat resumed>) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5292] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5284] chdir("./file0" [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5292] <... prctl resumed>) = 0 [pid 5284] <... chdir resumed>) = 0 [pid 5004] close(3 [pid 5292] setpgid(0, 0 [pid 5284] ioctl(4, LOOP_CLR_FD [pid 5283] <... mount resumed>) = 0 [pid 5004] <... close resumed>) = 0 [pid 5292] <... setpgid resumed>) = 0 [pid 5284] <... ioctl resumed>) = 0 [pid 5283] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5284] close(4 [pid 5283] <... openat resumed>) = 3 [pid 5292] <... openat resumed>) = 3 [pid 5284] <... close resumed>) = 0 [pid 5283] chdir("./file0" [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5293 [pid 5292] write(3, "1000", 4 [pid 5284] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5283] <... chdir resumed>) = 0 [pid 5292] <... write resumed>) = 4 [pid 5292] close(3 [pid 5284] <... openat resumed>) = 4 [pid 5283] ioctl(4, LOOP_CLR_FD [pid 5292] <... close resumed>) = 0 [pid 5284] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5283] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5293 attached [pid 5292] symlink("/dev/binderfs", "./binderfs" [pid 5284] <... mmap resumed>) = 0x20000000 [pid 5283] close(4 [pid 5292] <... symlink resumed>) = 0 [pid 5292] memfd_create("syzkaller", 0 [pid 5284] ioctl(4, FS_IOC_GETVERSION [pid 5283] <... close resumed>) = 0 [ 115.375312][ T5289] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.393287][ T5282] REISERFS (device loop3): Using r5 hash to sort names [ 115.401052][ T5283] REISERFS (device loop2): Using r5 hash to sort names [ 115.404740][ T5282] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 115.417266][ T5283] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5293] chdir("./23" [pid 5292] <... memfd_create resumed>) = 3 [pid 5284] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5283] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5293] <... chdir resumed>) = 0 [pid 5292] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5284] exit_group(0 [pid 5283] <... openat resumed>) = 4 [pid 5293] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5292] <... mmap resumed>) = 0x7f091d53c000 [pid 5284] <... exit_group resumed>) = ? [pid 5283] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5293] <... prctl resumed>) = 0 [pid 5293] setpgid(0, 0 [pid 5284] +++ exited with 0 +++ [pid 5283] <... mmap resumed>) = 0x20000000 [pid 5293] <... setpgid resumed>) = 0 [pid 5283] ioctl(4, FS_IOC_GETVERSION [pid 5293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5284, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [pid 5283] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5293] <... openat resumed>) = 3 [pid 5283] exit_group(0 [pid 5007] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5293] write(3, "1000", 4 [pid 5283] <... exit_group resumed>) = ? [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5293] <... write resumed>) = 4 [pid 5007] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5293] close(3 [pid 5283] +++ exited with 0 +++ [pid 5007] <... openat resumed>) = 3 [pid 5293] <... close resumed>) = 0 [pid 5007] fstat(3, [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5283, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5282] <... mount resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5282] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5007] lstat("./22/binderfs", [pid 5005] <... openat resumed>) = 3 [pid 5282] <... openat resumed>) = 3 [pid 5007] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] fstat(3, [pid 5282] chdir("./file0" [pid 5007] unlink("./22/binderfs" [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5293] symlink("/dev/binderfs", "./binderfs" [pid 5282] <... chdir resumed>) = 0 [pid 5007] <... unlink resumed>) = 0 [pid 5005] getdents64(3, [pid 5293] <... symlink resumed>) = 0 [pid 5282] ioctl(4, LOOP_CLR_FD [pid 5007] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5293] memfd_create("syzkaller", 0 [pid 5282] <... ioctl resumed>) = 0 [pid 5005] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5293] <... memfd_create resumed>) = 3 [pid 5282] close(4 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5282] <... close resumed>) = 0 [pid 5005] lstat("./23/binderfs", [pid 5293] <... mmap resumed>) = 0x7f091d53c000 [ 115.449209][ T5289] REISERFS (device loop5): checking transaction log (loop5) [pid 5282] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5282] <... openat resumed>) = 4 [pid 5005] unlink("./23/binderfs" [pid 5282] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5005] <... unlink resumed>) = 0 [pid 5282] <... mmap resumed>) = 0x20000000 [pid 5005] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5282] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5282] exit_group(0) = ? [pid 5282] +++ exited with 0 +++ [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5282, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=16 /* 0.16 s */} --- [pid 5006] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5292] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] unlink("./22/binderfs") = 0 [pid 5006] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5293] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5292] <... write resumed>) = 4194304 [pid 5292] munmap(0x7f091d53c000, 4194304) = 0 [pid 5292] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5292] ioctl(4, LOOP_SET_FD, 3 [pid 5293] <... write resumed>) = 4194304 [pid 5007] <... umount2 resumed>) = 0 [pid 5292] <... ioctl resumed>) = 0 [pid 5292] close(3 [pid 5007] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./22/file0", [pid 5293] munmap(0x7f091d53c000, 4194304 [pid 5292] <... close resumed>) = 0 [pid 5006] <... umount2 resumed>) = 0 [pid 5292] mkdir("./file0", 0777 [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5293] <... munmap resumed>) = 0 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5293] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5292] <... mkdir resumed>) = 0 [pid 5007] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5006] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... umount2 resumed>) = 0 [pid 5293] <... openat resumed>) = 4 [pid 5292] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5007] <... openat resumed>) = 4 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5293] ioctl(4, LOOP_SET_FD, 3 [pid 5007] fstat(4, [pid 5006] lstat("./22/file0", [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, [pid 5005] lstat("./23/file0", [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, [pid 5005] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5007] close(4 [pid 5005] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5007] <... close resumed>) = 0 [pid 5005] <... openat resumed>) = 4 [pid 5007] rmdir("./22/file0" [pid 5005] fstat(4, [pid 5007] <... rmdir resumed>) = 0 [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, [pid 5005] getdents64(4, [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5293] <... ioctl resumed>) = 0 [pid 5007] close(3 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, [pid 5007] <... close resumed>) = 0 [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [ 115.690922][ T5292] loop0: detected capacity change from 0 to 8192 [ 115.725800][ T5293] loop1: detected capacity change from 0 to 8192 [ 115.732760][ T5289] REISERFS (device loop5): Using r5 hash to sort names [pid 5007] rmdir("./22" [pid 5005] close(4 [pid 5007] <... rmdir resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5007] mkdir("./23", 0777 [pid 5005] rmdir("./23/file0" [pid 5007] <... mkdir resumed>) = 0 [pid 5005] <... rmdir resumed>) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5005] getdents64(3, [pid 5007] <... openat resumed>) = 3 [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5005] close(3 [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] <... close resumed>) = 0 [pid 5007] close(3 [pid 5005] rmdir("./23" [pid 5293] close(3 [pid 5007] <... close resumed>) = 0 [pid 5006] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... rmdir resumed>) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] mkdir("./24", 0777) = 0 [pid 5007] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5295 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5293] <... close resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] <... openat resumed>) = 3 [pid 5293] mkdir("./file0", 0777 [pid 5006] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5293] <... mkdir resumed>) = 0 [pid 5006] <... openat resumed>) = 4 [pid 5005] close(3) = 0 [pid 5293] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5006] fstat(4, [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5297 ./strace-static-x86_64: Process 5295 attached [pid 5295] chdir("./23") = 0 [pid 5295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5295] setpgid(0, 0) = 0 [pid 5295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5295] write(3, "1000", 4./strace-static-x86_64: Process 5297 attached ) = 4 [pid 5297] chdir("./24" [pid 5295] close(3 [pid 5297] <... chdir resumed>) = 0 [pid 5295] <... close resumed>) = 0 [pid 5297] prctl(PR_SET_PDEATHSIG, SIGKILL [ 115.734188][ T5292] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.754041][ T5292] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 115.763263][ T5292] REISERFS (device loop0): using ordered data mode [ 115.770141][ T5292] reiserfs: using flush barriers [pid 5295] symlink("/dev/binderfs", "./binderfs" [pid 5297] <... prctl resumed>) = 0 [pid 5295] <... symlink resumed>) = 0 [pid 5297] setpgid(0, 0 [pid 5295] memfd_create("syzkaller", 0 [pid 5297] <... setpgid resumed>) = 0 [pid 5295] <... memfd_create resumed>) = 3 [pid 5297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5295] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5297] <... openat resumed>) = 3 [pid 5295] <... mmap resumed>) = 0x7f091d53c000 [pid 5297] write(3, "1000", 4 [pid 5006] getdents64(4, [pid 5297] <... write resumed>) = 4 [pid 5297] close(3) = 0 [pid 5297] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5297] memfd_create("syzkaller", 0) = 3 [pid 5297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5006] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5289] <... mount resumed>) = 0 [pid 5006] close(4 [ 115.779226][ T5292] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.797073][ T5293] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.810377][ T5289] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 115.820287][ T5293] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 115.830420][ T5292] REISERFS (device loop0): checking transaction log (loop0) [pid 5289] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5006] <... close resumed>) = 0 [pid 5289] chdir("./file0" [pid 5006] rmdir("./22/file0" [pid 5289] <... chdir resumed>) = 0 [pid 5006] <... rmdir resumed>) = 0 [pid 5289] ioctl(4, LOOP_CLR_FD [pid 5006] getdents64(3, [pid 5289] <... ioctl resumed>) = 0 [pid 5006] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5297] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5289] close(4 [pid 5297] <... write resumed>) = 4194304 [pid 5289] <... close resumed>) = 0 [pid 5006] close(3 [pid 5297] munmap(0x7f091d53c000, 4194304 [pid 5289] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5006] <... close resumed>) = 0 [pid 5297] <... munmap resumed>) = 0 [pid 5289] <... openat resumed>) = 4 [ 115.838240][ T5293] REISERFS (device loop1): using ordered data mode [ 115.847970][ T5293] reiserfs: using flush barriers [ 115.862565][ T5293] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5006] rmdir("./22" [pid 5297] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5289] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5289] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5297] <... openat resumed>) = 4 [pid 5289] exit_group(0) = ? [pid 5297] ioctl(4, LOOP_SET_FD, 3 [pid 5295] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5289] +++ exited with 0 +++ [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5289, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5006] <... rmdir resumed>) = 0 [pid 5006] mkdir("./23", 0777) = 0 [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5006] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] close(3) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5298 ./strace-static-x86_64: Process 5298 attached [pid 5008] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5298] chdir("./23" [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5298] <... chdir resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5008] fstat(3, [pid 5298] setpgid(0, 0 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5298] <... setpgid resumed>) = 0 [pid 5008] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5008] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5008] unlink("./22/binderfs") = 0 [pid 5008] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5297] <... ioctl resumed>) = 0 [pid 5297] close(3 [pid 5298] write(3, "1000", 4) = 4 [pid 5297] <... close resumed>) = 0 [pid 5297] mkdir("./file0", 0777 [pid 5298] close(3) = 0 [pid 5298] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5297] <... mkdir resumed>) = 0 [ 115.924920][ T5293] REISERFS (device loop1): checking transaction log (loop1) [ 115.933273][ T5297] loop2: detected capacity change from 0 to 8192 [pid 5297] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5298] memfd_create("syzkaller", 0) = 3 [pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 115.984529][ T5297] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.012958][ T5297] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 116.018180][ T5292] REISERFS (device loop0): Using r5 hash to sort names [pid 5295] <... write resumed>) = 4194304 [pid 5295] munmap(0x7f091d53c000, 4194304) = 0 [pid 5295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 116.025572][ T5297] REISERFS (device loop2): using ordered data mode [ 116.035672][ T5297] reiserfs: using flush barriers [ 116.042563][ T5297] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.049857][ T5295] loop4: detected capacity change from 0 to 8192 [ 116.063056][ T5297] REISERFS (device loop2): checking transaction log (loop2) [pid 5295] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5295] close(3) = 0 [pid 5295] mkdir("./file0", 0777) = 0 [pid 5295] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5292] <... mount resumed>) = 0 [ 116.101811][ T5292] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 116.127753][ T5297] REISERFS (device loop2): Using r5 hash to sort names [ 116.130916][ T5295] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5292] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5292] chdir("./file0" [pid 5298] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5292] <... chdir resumed>) = 0 [pid 5292] ioctl(4, LOOP_CLR_FD) = 0 [pid 5292] close(4) = 0 [pid 5297] <... mount resumed>) = 0 [pid 5297] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5297] chdir("./file0") = 0 [pid 5297] ioctl(4, LOOP_CLR_FD) = 0 [pid 5297] close(4) = 0 [pid 5297] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5292] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5292] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5292] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5292] exit_group(0) = ? [pid 5297] <... openat resumed>) = 4 [pid 5292] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5292, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5003] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5003] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./22/binderfs") = 0 [pid 5003] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5297] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5297] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5297] exit_group(0) = ? [pid 5297] +++ exited with 0 +++ [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5297, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5005] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5005] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 116.135098][ T5297] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 116.157142][ T5293] REISERFS (device loop1): Using r5 hash to sort names [ 116.172624][ T5293] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5005] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] unlink("./24/binderfs") = 0 [pid 5005] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5293] <... mount resumed>) = 0 [pid 5293] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5008] <... umount2 resumed>) = 0 [pid 5293] <... openat resumed>) = 3 [pid 5293] chdir("./file0") = 0 [pid 5293] ioctl(4, LOOP_CLR_FD) = 0 [pid 5293] close(4) = 0 [pid 5293] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5008] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5293] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5293] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5293] exit_group(0 [pid 5008] lstat("./22/file0", [pid 5293] <... exit_group resumed>) = ? [pid 5293] +++ exited with 0 +++ [pid 5008] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5293, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5008] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5004] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] unlink("./23/binderfs") = 0 [pid 5004] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./22/file0") = 0 [ 116.238426][ T5295] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 116.249093][ T5295] REISERFS (device loop4): using ordered data mode [ 116.257535][ T5295] reiserfs: using flush barriers [pid 5008] getdents64(3, [pid 5003] <... umount2 resumed>) = 0 [pid 5008] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3 [pid 5003] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... close resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] rmdir("./22" [pid 5003] lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] <... rmdir resumed>) = 0 [pid 5003] umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] mkdir("./23", 0777) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] <... umount2 resumed>) = 0 [pid 5004] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5003] openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... openat resumed>) = 4 [pid 5003] <... openat resumed>) = 4 [pid 5004] fstat(4, [pid 5008] <... openat resumed>) = 3 [pid 5003] fstat(4, [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(4, [pid 5003] getdents64(4, [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5008] close(3 [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5003] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [ 116.286987][ T5295] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5004] getdents64(4, [pid 5003] getdents64(4, [pid 5008] <... close resumed>) = 0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] close(4) = 0 [pid 5004] rmdir("./23/file0") = 0 [pid 5004] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [pid 5004] rmdir("./23") = 0 [pid 5004] mkdir("./24", 0777) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5003] close(4 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5301 [pid 5003] <... close resumed>) = 0 [pid 5003] rmdir("./22/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./22") = 0 [pid 5003] mkdir("./23", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5302 ./strace-static-x86_64: Process 5301 attached [pid 5301] chdir("./23") = 0 [pid 5004] <... openat resumed>) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5301] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5004] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5303 [pid 5301] <... prctl resumed>) = 0 [pid 5301] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5302 attached [pid 5302] chdir("./23") = 0 [pid 5302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5302] <... prctl resumed>) = 0 [pid 5302] setpgid(0, 0) = 0 [pid 5302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5301] <... openat resumed>) = 3 [pid 5302] <... openat resumed>) = 3 [pid 5301] write(3, "1000", 4 [pid 5302] write(3, "1000", 4 [pid 5301] <... write resumed>) = 4 [pid 5302] <... write resumed>) = 4 ./strace-static-x86_64: Process 5303 attached [pid 5302] close(3 [pid 5301] close(3 [pid 5302] <... close resumed>) = 0 [pid 5302] symlink("/dev/binderfs", "./binderfs" [pid 5303] chdir("./24" [pid 5302] <... symlink resumed>) = 0 [pid 5301] <... close resumed>) = 0 [pid 5303] <... chdir resumed>) = 0 [pid 5302] memfd_create("syzkaller", 0 [pid 5301] symlink("/dev/binderfs", "./binderfs" [pid 5303] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5302] <... memfd_create resumed>) = 3 [pid 5301] <... symlink resumed>) = 0 [pid 5298] <... write resumed>) = 4194304 [pid 5302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5303] <... prctl resumed>) = 0 [pid 5303] setpgid(0, 0 [pid 5301] memfd_create("syzkaller", 0 [pid 5298] munmap(0x7f091d53c000, 4194304 [pid 5303] <... setpgid resumed>) = 0 [pid 5303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5301] <... memfd_create resumed>) = 3 [pid 5303] <... openat resumed>) = 3 [pid 5301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5303] write(3, "1000", 4) = 4 [pid 5301] <... mmap resumed>) = 0x7f091d53c000 [pid 5303] close(3 [pid 5298] <... munmap resumed>) = 0 [pid 5298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5298] ioctl(4, LOOP_SET_FD, 3 [pid 5303] <... close resumed>) = 0 [pid 5303] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5303] memfd_create("syzkaller", 0) = 3 [pid 5303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5298] <... ioctl resumed>) = 0 [pid 5298] close(3) = 0 [pid 5298] mkdir("./file0", 0777) = 0 [ 116.412519][ T5295] REISERFS (device loop4): checking transaction log (loop4) [ 116.426714][ T5298] loop3: detected capacity change from 0 to 8192 [pid 5298] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5005] <... umount2 resumed>) = 0 [pid 5005] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] close(4) = 0 [pid 5005] rmdir("./24/file0") = 0 [pid 5005] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] close(3) = 0 [pid 5005] rmdir("./24") = 0 [pid 5005] mkdir("./25", 0777) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5005] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5005] close(3) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5305 [pid 5301] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5303] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304./strace-static-x86_64: Process 5305 attached [pid 5305] chdir("./25") = 0 [pid 5305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5305] setpgid(0, 0) = 0 [pid 5305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5305] write(3, "1000", 4) = 4 [pid 5305] close(3) = 0 [pid 5305] symlink("/dev/binderfs", "./binderfs" [pid 5302] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5305] <... symlink resumed>) = 0 [pid 5305] memfd_create("syzkaller", 0) = 3 [pid 5305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [ 116.500990][ T5298] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.564734][ T5298] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 116.600115][ T5298] REISERFS (device loop3): using ordered data mode [pid 5301] <... write resumed>) = 4194304 [pid 5305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5303] <... write resumed>) = 4194304 [pid 5302] <... write resumed>) = 4194304 [pid 5301] munmap(0x7f091d53c000, 4194304 [pid 5295] <... mount resumed>) = 0 [pid 5303] munmap(0x7f091d53c000, 4194304 [pid 5301] <... munmap resumed>) = 0 [pid 5295] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5303] <... munmap resumed>) = 0 [pid 5301] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5295] <... openat resumed>) = 3 [pid 5303] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5301] <... openat resumed>) = 4 [pid 5295] chdir("./file0" [pid 5303] <... openat resumed>) = 4 [pid 5301] ioctl(4, LOOP_SET_FD, 3 [pid 5295] <... chdir resumed>) = 0 [ 116.628530][ T5295] REISERFS (device loop4): Using r5 hash to sort names [ 116.632617][ T5298] reiserfs: using flush barriers [ 116.646728][ T5295] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 116.653447][ T5298] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.670265][ T5301] loop5: detected capacity change from 0 to 8192 [pid 5303] ioctl(4, LOOP_SET_FD, 3 [pid 5295] ioctl(4, LOOP_CLR_FD [pid 5302] munmap(0x7f091d53c000, 4194304 [pid 5295] <... ioctl resumed>) = 0 [pid 5295] close(4) = 0 [pid 5303] <... ioctl resumed>) = 0 [pid 5295] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5303] close(3 [pid 5295] <... openat resumed>) = 4 [pid 5303] <... close resumed>) = 0 [pid 5295] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5303] mkdir("./file0", 0777 [pid 5302] <... munmap resumed>) = 0 [pid 5295] <... mmap resumed>) = 0x20000000 [pid 5303] <... mkdir resumed>) = 0 [pid 5295] ioctl(4, FS_IOC_GETVERSION [pid 5303] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5295] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5301] <... ioctl resumed>) = 0 [pid 5295] exit_group(0 [pid 5302] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5301] close(3 [pid 5295] <... exit_group resumed>) = ? [pid 5302] <... openat resumed>) = 4 [pid 5301] <... close resumed>) = 0 [pid 5295] +++ exited with 0 +++ [pid 5302] ioctl(4, LOOP_SET_FD, 3 [pid 5301] mkdir("./file0", 0777 [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5295, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5301] <... mkdir resumed>) = 0 [pid 5301] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5007] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5007] fstat(3, [pid 5302] <... ioctl resumed>) = 0 [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [ 116.680161][ T5303] loop1: detected capacity change from 0 to 8192 [ 116.704776][ T5302] loop0: detected capacity change from 0 to 8192 [ 116.714096][ T5303] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5302] close(3 [pid 5007] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5305] <... write resumed>) = 4194304 [pid 5302] <... close resumed>) = 0 [pid 5007] unlink("./23/binderfs") = 0 [pid 5007] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5305] munmap(0x7f091d53c000, 4194304 [pid 5302] mkdir("./file0", 0777) = 0 [ 116.725230][ T5298] REISERFS (device loop3): checking transaction log (loop3) [ 116.735099][ T5301] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.745972][ T5303] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 116.756673][ T5301] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 116.761564][ T5303] REISERFS (device loop1): using ordered data mode [pid 5302] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5305] <... munmap resumed>) = 0 [pid 5305] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 116.783922][ T5303] reiserfs: using flush barriers [ 116.790125][ T5303] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.801627][ T5305] loop2: detected capacity change from 0 to 8192 [ 116.806585][ T5303] REISERFS (device loop1): checking transaction log (loop1) [pid 5305] ioctl(4, LOOP_SET_FD, 3) = 0 [ 116.830336][ T5302] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.834104][ T5301] REISERFS (device loop5): using ordered data mode [ 116.850048][ T5301] reiserfs: using flush barriers [ 116.863409][ T5302] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [pid 5305] close(3) = 0 [pid 5305] mkdir("./file0", 0777) = 0 [ 116.872961][ T5301] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.895367][ T5302] REISERFS (device loop0): using ordered data mode [ 116.917347][ T5305] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5305] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5007] <... umount2 resumed>) = 0 [ 116.925867][ T5301] REISERFS (device loop5): checking transaction log (loop5) [ 116.940066][ T5298] REISERFS (device loop3): Using r5 hash to sort names [ 116.960795][ T5298] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 116.971819][ T5302] reiserfs: using flush barriers [pid 5007] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5007] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5007] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5007] close(4) = 0 [pid 5007] rmdir("./23/file0") = 0 [pid 5007] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5007] close(3) = 0 [pid 5007] rmdir("./23") = 0 [pid 5007] mkdir("./24", 0777 [pid 5298] <... mount resumed>) = 0 [pid 5007] <... mkdir resumed>) = 0 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5007] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5007] close(3 [pid 5298] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5007] <... close resumed>) = 0 [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5312 [ 116.976901][ T5305] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 116.987522][ T5305] REISERFS (device loop2): using ordered data mode [ 116.994300][ T5305] reiserfs: using flush barriers [ 117.001007][ T5305] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.015452][ T5303] REISERFS (device loop1): Using r5 hash to sort names [ 117.018661][ T5305] REISERFS (device loop2): checking transaction log (loop2) [pid 5298] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5312 attached [pid 5312] chdir("./24") = 0 [pid 5312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5312] setpgid(0, 0) = 0 [pid 5312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5312] write(3, "1000", 4) = 4 [pid 5312] close(3) = 0 [pid 5312] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5312] memfd_create("syzkaller", 0) = 3 [pid 5312] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5298] chdir("./file0") = 0 [pid 5298] ioctl(4, LOOP_CLR_FD) = 0 [pid 5298] close(4) = 0 [pid 5298] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 117.044208][ T5302] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.050947][ T5303] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5298] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5298] ioctl(4, FS_IOC_GETVERSION [pid 5303] <... mount resumed>) = 0 [pid 5298] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5303] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5298] exit_group(0 [pid 5303] chdir("./file0" [pid 5298] <... exit_group resumed>) = ? [pid 5303] <... chdir resumed>) = 0 [pid 5303] ioctl(4, LOOP_CLR_FD [pid 5298] +++ exited with 0 +++ [pid 5303] <... ioctl resumed>) = 0 [pid 5006] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5298, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5303] close(4) = 0 [pid 5006] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5006] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5303] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5006] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5303] <... openat resumed>) = 4 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5303] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5006] lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5303] <... mmap resumed>) = 0x20000000 [pid 5006] unlink("./23/binderfs" [pid 5303] ioctl(4, FS_IOC_GETVERSION [pid 5006] <... unlink resumed>) = 0 [pid 5303] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5006] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5303] exit_group(0) = ? [pid 5303] +++ exited with 0 +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5303, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5004] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5004] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5006] <... umount2 resumed>) = 0 [pid 5004] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./24/binderfs", [ 117.126860][ T5301] REISERFS (device loop5): Using r5 hash to sort names [pid 5006] lstat("./23/file0", [pid 5004] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5006] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] unlink("./24/binderfs" [pid 5006] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... unlink resumed>) = 0 [pid 5006] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5006] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5006] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5006] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5006] close(4) = 0 [pid 5006] rmdir("./23/file0") = 0 [pid 5006] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5006] close(3) = 0 [pid 5006] rmdir("./23") = 0 [pid 5006] mkdir("./24", 0777) = 0 [ 117.169838][ T5302] REISERFS (device loop0): checking transaction log (loop0) [ 117.179057][ T5305] REISERFS (device loop2): Using r5 hash to sort names [ 117.190079][ T5301] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5312] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5301] <... mount resumed>) = 0 [pid 5305] <... mount resumed>) = 0 [pid 5305] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5301] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5305] <... openat resumed>) = 3 [pid 5305] chdir("./file0" [pid 5301] <... openat resumed>) = 3 [pid 5006] <... openat resumed>) = 3 [pid 5305] <... chdir resumed>) = 0 [pid 5301] chdir("./file0" [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5305] ioctl(4, LOOP_CLR_FD [pid 5301] <... chdir resumed>) = 0 [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5305] <... ioctl resumed>) = 0 [pid 5301] ioctl(4, LOOP_CLR_FD [pid 5006] close(3 [pid 5305] close(4 [pid 5301] <... ioctl resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5305] <... close resumed>) = 0 [pid 5301] close(4 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5305] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5301] <... close resumed>) = 0 [pid 5305] <... openat resumed>) = 4 [pid 5301] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5006] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5315 [pid 5305] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5301] <... openat resumed>) = 4 [pid 5305] <... mmap resumed>) = 0x20000000 [pid 5301] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5305] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5301] <... mmap resumed>) = 0x20000000 [pid 5305] exit_group(0 [pid 5301] ioctl(4, FS_IOC_GETVERSION [pid 5305] <... exit_group resumed>) = ? [pid 5301] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5305] +++ exited with 0 +++ [pid 5301] exit_group(0) = ? [pid 5005] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5305, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5301] +++ exited with 0 +++ [pid 5008] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5301, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=16 /* 0.16 s */} --- ./strace-static-x86_64: Process 5315 attached [pid 5005] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5315] chdir("./24" [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5315] <... chdir resumed>) = 0 [pid 5005] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5315] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... openat resumed>) = 3 [ 117.224442][ T5305] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5315] <... prctl resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] fstat(3, [pid 5315] setpgid(0, 0 [pid 5008] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5315] <... setpgid resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5005] getdents64(3, [pid 5315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] fstat(3, [pid 5005] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5315] <... openat resumed>) = 3 [pid 5008] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5315] write(3, "1000", 4 [pid 5008] getdents64(3, [pid 5005] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5315] <... write resumed>) = 4 [pid 5008] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5005] lstat("./25/binderfs", [pid 5315] close(3 [pid 5008] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5005] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5315] <... close resumed>) = 0 [pid 5008] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5005] unlink("./25/binderfs" [pid 5315] symlink("/dev/binderfs", "./binderfs" [pid 5008] lstat("./23/binderfs", [pid 5005] <... unlink resumed>) = 0 [pid 5315] <... symlink resumed>) = 0 [pid 5008] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5005] umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5315] memfd_create("syzkaller", 0 [pid 5008] unlink("./23/binderfs" [pid 5315] <... memfd_create resumed>) = 3 [pid 5008] <... unlink resumed>) = 0 [pid 5315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5008] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5315] <... mmap resumed>) = 0x7f091d53c000 [pid 5004] <... umount2 resumed>) = 0 [pid 5004] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] <... umount2 resumed>) = 0 [pid 5005] umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] lstat("./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5005] umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5005] openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] fstat(4, [pid 5005] <... openat resumed>) = 4 [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5005] fstat(4, [pid 5004] getdents64(4, [pid 5005] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5005] getdents64(4, [pid 5004] getdents64(4, [pid 5005] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5004] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5005] getdents64(4, [pid 5004] close(4 [pid 5005] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5004] <... close resumed>) = 0 [pid 5005] close(4 [pid 5004] rmdir("./24/file0" [pid 5005] <... close resumed>) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5005] rmdir("./25/file0" [pid 5004] getdents64(3, [pid 5005] <... rmdir resumed>) = 0 [pid 5004] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5005] getdents64(3, [pid 5004] close(3 [pid 5005] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5004] <... close resumed>) = 0 [pid 5005] close(3 [pid 5004] rmdir("./24" [pid 5005] <... close resumed>) = 0 [pid 5004] <... rmdir resumed>) = 0 [pid 5005] rmdir("./25") = 0 [pid 5004] mkdir("./25", 0777 [pid 5315] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5312] <... write resumed>) = 4194304 [pid 5005] mkdir("./26", 0777 [pid 5004] <... mkdir resumed>) = 0 [pid 5005] <... mkdir resumed>) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5004] <... openat resumed>) = 3 [pid 5004] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5004] close(3) = 0 [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ff5d0) = 5316 ./strace-static-x86_64: Process 5316 attached [pid 5316] chdir("./25") = 0 [pid 5316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5316] setpgid(0, 0) = 0 [pid 5316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5316] write(3, "1000", 4) = 4 [pid 5316] close(3) = 0 [pid 5316] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5312] munmap(0x7f091d53c000, 4194304 [pid 5316] memfd_create("syzkaller", 0) = 3 [pid 5312] <... munmap resumed>) = 0 [pid 5316] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5312] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5312] ioctl(4, LOOP_SET_FD, 3 [pid 5005] <... openat resumed>) = 3 [pid 5312] <... ioctl resumed>) = 0 [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5312] close(3 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5312] <... close resumed>) = 0 [pid 5005] close(3 [pid 5312] mkdir("./file0", 0777 [pid 5005] <... close resumed>) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5312] <... mkdir resumed>) = 0 [pid 5312] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5005] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5317 ./strace-static-x86_64: Process 5317 attached [pid 5317] chdir("./26") = 0 [pid 5317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5317] setpgid(0, 0) = 0 [pid 5317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 117.466460][ T5312] loop4: detected capacity change from 0 to 8192 [ 117.473485][ T5302] REISERFS (device loop0): Using r5 hash to sort names [pid 5317] write(3, "1000", 4) = 4 [pid 5317] close(3) = 0 [pid 5317] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5317] memfd_create("syzkaller", 0) = 3 [pid 5317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f091d53c000 [pid 5008] <... umount2 resumed>) = 0 [pid 5008] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5008] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] getdents64(4, 0x555556408660 /* 2 entries */, 32768) = 48 [pid 5008] getdents64(4, 0x555556408660 /* 0 entries */, 32768) = 0 [pid 5008] close(4) = 0 [pid 5008] rmdir("./23/file0") = 0 [pid 5008] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5008] close(3) = 0 [pid 5008] rmdir("./23") = 0 [pid 5008] mkdir("./24", 0777) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [ 117.514972][ T5312] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.515095][ T5302] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5008] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5008] close(3) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5316] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5319 [pid 5315] <... write resumed>) = 4194304 ./strace-static-x86_64: Process 5319 attached [pid 5319] chdir("./24" [pid 5315] munmap(0x7f091d53c000, 4194304) = 0 [pid 5319] <... chdir resumed>) = 0 [pid 5319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5319] setpgid(0, 0) = 0 [pid 5319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5319] write(3, "1000", 4) = 4 [pid 5319] close(3) = 0 [pid 5319] symlink("/dev/binderfs", "./binderfs" [pid 5315] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5319] <... symlink resumed>) = 0 [pid 5315] <... openat resumed>) = 4 [pid 5319] memfd_create("syzkaller", 0 [ 117.574171][ T5312] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 117.583561][ T5312] REISERFS (device loop4): using ordered data mode [ 117.590599][ T5312] reiserfs: using flush barriers [ 117.597125][ T5312] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.606982][ T5315] loop3: detected capacity change from 0 to 8192 [pid 5315] ioctl(4, LOOP_SET_FD, 3 [pid 5319] <... memfd_create resumed>) = 3 [pid 5302] <... mount resumed>) = 0 [pid 5319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5302] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5319] <... mmap resumed>) = 0x7f091d53c000 [pid 5315] <... ioctl resumed>) = 0 [pid 5302] <... openat resumed>) = 3 [pid 5302] chdir("./file0" [pid 5315] close(3) = 0 [pid 5302] <... chdir resumed>) = 0 [pid 5315] mkdir("./file0", 0777 [pid 5302] ioctl(4, LOOP_CLR_FD [pid 5315] <... mkdir resumed>) = 0 [pid 5302] <... ioctl resumed>) = 0 [ 117.614361][ T5312] REISERFS (device loop4): checking transaction log (loop4) [pid 5315] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5302] close(4) = 0 [pid 5302] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5302] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5302] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5302] exit_group(0) = ? [pid 5302] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5302, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5003] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5312] <... mount resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5312] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 117.670584][ T5315] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.690801][ T5312] REISERFS (device loop4): Using r5 hash to sort names [ 117.698270][ T5312] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5003] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5319] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5316] <... write resumed>) = 4194304 [pid 5312] <... openat resumed>) = 3 [pid 5312] chdir("./file0" [pid 5003] <... openat resumed>) = 3 [pid 5312] <... chdir resumed>) = 0 [pid 5003] fstat(3, [pid 5312] ioctl(4, LOOP_CLR_FD) = 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5312] close(4) = 0 [pid 5003] getdents64(3, [pid 5312] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5003] <... getdents64 resumed>0x555556400620 /* 4 entries */, 32768) = 112 [pid 5312] <... openat resumed>) = 4 [pid 5003] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5312] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0) = 0x20000000 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5316] munmap(0x7f091d53c000, 4194304) = 0 [pid 5316] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 117.721334][ T5315] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 117.735352][ T5315] REISERFS (device loop3): using ordered data mode [ 117.753997][ T5315] reiserfs: using flush barriers [pid 5316] ioctl(4, LOOP_SET_FD, 3 [pid 5312] ioctl(4, FS_IOC_GETVERSION [pid 5003] lstat("./23/binderfs", [pid 5312] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5312] exit_group(0) = ? [pid 5003] unlink("./23/binderfs" [pid 5312] +++ exited with 0 +++ [pid 5007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5312, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5003] <... unlink resumed>) = 0 [pid 5003] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5007] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] getdents64(3, 0x555556400620 /* 4 entries */, 32768) = 112 [pid 5007] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5007] lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5007] unlink("./24/binderfs") = 0 [pid 5007] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5316] <... ioctl resumed>) = 0 [pid 5316] close(3) = 0 [pid 5316] mkdir("./file0", 0777) = 0 [pid 5319] <... write resumed>) = 4194304 [ 117.761045][ T5315] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.773292][ T5316] loop1: detected capacity change from 0 to 8192 [pid 5319] munmap(0x7f091d53c000, 4194304 [pid 5316] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5319] <... munmap resumed>) = 0 [pid 5319] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5319] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5319] close(3) = 0 [pid 5319] mkdir("./file0", 0777) = 0 [ 117.815945][ T5315] REISERFS (device loop3): checking transaction log (loop3) [ 117.837749][ T5319] loop5: detected capacity change from 0 to 8192 [ 117.846382][ T5316] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5319] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5003] <... umount2 resumed>) = 0 [pid 5003] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 117.869436][ T5319] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.887336][ T5319] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 117.896748][ T5319] REISERFS (device loop5): using ordered data mode [ 117.903503][ T5319] reiserfs: using flush barriers [ 117.909898][ T5316] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [pid 5003] umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 117.910809][ T5319] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.919757][ T5316] REISERFS (device loop1): using ordered data mode [ 117.941959][ T5316] reiserfs: using flush barriers [ 117.948991][ T5319] REISERFS (device loop5): checking transaction log (loop5) [pid 5003] getdents64(4, [pid 5317] <... write resumed>) = 4194304 [pid 5003] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5317] munmap(0x7f091d53c000, 4194304 [pid 5003] getdents64(4, [pid 5317] <... munmap resumed>) = 0 [pid 5003] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5317] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5003] close(4 [pid 5317] <... openat resumed>) = 4 [pid 5003] <... close resumed>) = 0 [ 117.950905][ T5316] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5317] ioctl(4, LOOP_SET_FD, 3 [pid 5003] rmdir("./23/file0") = 0 [pid 5003] getdents64(3, 0x555556400620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./23" [pid 5317] <... ioctl resumed>) = 0 [pid 5003] <... rmdir resumed>) = 0 [pid 5003] mkdir("./24", 0777 [pid 5317] close(3 [pid 5007] <... umount2 resumed>) = 0 [pid 5003] <... mkdir resumed>) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5317] <... close resumed>) = 0 [pid 5007] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] close(3 [pid 5317] mkdir("./file0", 0777 [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... close resumed>) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5317] <... mkdir resumed>) = 0 [pid 5007] lstat("./24/file0", [pid 5003] <... clone resumed>, child_tidptr=0x5555563ff5d0) = 5323 [pid 5317] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5007] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5323 attached [pid 5315] <... mount resumed>) = 0 [ 117.996345][ T5317] loop2: detected capacity change from 0 to 8192 [ 118.017628][ T5315] REISERFS (device loop3): Using r5 hash to sort names [ 118.026203][ T5315] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5007] umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5323] chdir("./24" [pid 5007] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5323] <... chdir resumed>) = 0 [pid 5315] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5323] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5315] <... openat resumed>) = 3 [pid 5007] openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5323] <... prctl resumed>) = 0 [pid 5315] chdir("./file0" [pid 5007] <... openat resumed>) = 4 [pid 5323] setpgid(0, 0 [pid 5315] <... chdir resumed>) = 0 [ 118.037095][ T5317] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 118.055959][ T5317] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 118.065519][ T5317] REISERFS (device loop2): using ordered data mode [ 118.072261][ T5317] reiserfs: using flush barriers [ 118.078676][ T5316] REISERFS (device loop1): checking transaction log (loop1) [pid 5007] fstat(4, [pid 5323] <... setpgid resumed>) = 0 [pid 5315] ioctl(4, LOOP_CLR_FD [pid 5007] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5315] <... ioctl resumed>) = 0 [pid 5007] getdents64(4, [pid 5323] <... openat resumed>) = 3 [pid 5315] close(4 [pid 5007] <... getdents64 resumed>0x555556408660 /* 2 entries */, 32768) = 48 [pid 5323] write(3, "1000", 4 [pid 5315] <... close resumed>) = 0 [pid 5007] getdents64(4, [pid 5323] <... write resumed>) = 4 [pid 5315] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5007] <... getdents64 resumed>0x555556408660 /* 0 entries */, 32768) = 0 [pid 5323] close(3 [pid 5315] <... openat resumed>) = 4 [pid 5007] close(4 [pid 5323] <... close resumed>) = 0 [pid 5315] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 4, 0 [pid 5007] <... close resumed>) = 0 [pid 5323] symlink("/dev/binderfs", "./binderfs" [pid 5315] <... mmap resumed>) = 0x20000000 [pid 5007] rmdir("./24/file0" [pid 5323] <... symlink resumed>) = 0 [pid 5315] ioctl(4, FS_IOC_GETVERSION [pid 5007] <... rmdir resumed>) = 0 [pid 5323] memfd_create("syzkaller", 0 [pid 5315] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5007] getdents64(3, [pid 5323] <... memfd_create resumed>) = 3 [pid 5315] exit_group(0 [pid 5007] <... getdents64 resumed>0x555556400620 /* 0 entries */, 32768) = 0 [pid 5323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5315] <... exit_group resumed>) = ? [pid 5007] close(3 [pid 5323] <... mmap resumed>) = 0x7f091d53c000