./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2040197329 <...> forked to background, child pid 4643 no interfaces have a carrier [ 22.327621][ T4644] 8021q: adding VLAN 0 to HW filter on device bond0 [ 22.337407][ T4644] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.107' (ECDSA) to the list of known hosts. execve("./syz-executor2040197329", ["./syz-executor2040197329"], 0x7fff1c9ff4d0 /* 10 vars */) = 0 brk(NULL) = 0x555556648000 brk(0x555556648c40) = 0x555556648c40 arch_prctl(ARCH_SET_FS, 0x555556648300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x5555566485d0) = 5065 set_robust_list(0x5555566485e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f5a2fc4c600, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f5a2fc4ccd0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f5a2fc4c6a0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5a2fc4ccd0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2040197329", 4096) = 28 brk(0x555556669c40) = 0x555556669c40 brk(0x55555666a000) = 0x55555666a000 mprotect(0x7f5a2fd1a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 getpid() = 5065 mkdir("./syzkaller.Gu7569", 0700) = 0 chmod("./syzkaller.Gu7569", 0777) = 0 chdir("./syzkaller.Gu7569") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5066 ./strace-static-x86_64: Process 5066 attached [pid 5066] set_robust_list(0x5555566485e0, 24) = 0 [pid 5066] chdir("./0") = 0 [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5066] setpgid(0, 0) = 0 [pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "1000", 4) = 4 [pid 5066] close(3) = 0 [pid 5066] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5066] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5066] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5066] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5066] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5068 attached , parent_tid=[5068], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5068 [pid 5068] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5068] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5066] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5066] <... futex resumed>) = 0 [pid 5066] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5068] memfd_create("syzkaller", 0) = 3 [pid 5068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5068] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5068] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5068] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5068] close(3) = 0 [pid 5068] mkdir("./file0", 0777) = 0 syzkaller login: [ 39.664623][ T5068] loop0: detected capacity change from 0 to 65536 [ 39.673008][ T5068] XFS: attr2 mount option is deprecated. [ 39.678653][ T5068] XFS: ikeep mount option is deprecated. [ 39.688581][ T5068] XFS (loop0): Deprecated V4 format (crc=0) will not be supported after September 2030. [ 39.698446][ T5068] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 39.707049][ T5068] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [ 39.733008][ T5068] XFS (loop0): Ending clean mount [ 39.740600][ T5068] XFS (loop0): Quotacheck needed: Please wait. [ 39.759050][ T5068] XFS (loop0): Quotacheck: Done. [pid 5068] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5068] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5068] chdir("./file0") = 0 [pid 5068] ioctl(4, LOOP_CLR_FD) = 0 [pid 5068] close(4) = 0 [pid 5068] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] <... futex resumed>) = 0 [pid 5066] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5066] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] <... futex resumed>) = 1 [pid 5068] creat("./bus", 000) = 4 [pid 5068] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] <... futex resumed>) = 0 [pid 5066] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5066] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] <... futex resumed>) = 1 [pid 5068] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5068] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] <... futex resumed>) = 0 [pid 5066] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5066] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] <... futex resumed>) = 1 [pid 5068] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5068] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] <... futex resumed>) = 0 [pid 5066] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5066] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] <... futex resumed>) = 1 [pid 5068] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5068] write(6, "15", 2) = 2 [pid 5068] lchown("./bus", 3327, 0) = 0 [pid 5068] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5066] <... futex resumed>) = 0 [pid 5066] exit_group(0) = ? [pid 5068] +++ exited with 0 +++ [pid 5066] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5066, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=22 /* 0.22 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./0/binderfs") = 0 [ 39.764234][ T5068] xfs filesystem being mounted at /root/syzkaller.Gu7569/0/file0 supports timestamps until 2038 (0x7fffffff) [ 39.817496][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5077 ./strace-static-x86_64: Process 5077 attached [pid 5077] set_robust_list(0x5555566485e0, 24) = 0 [pid 5077] chdir("./1") = 0 [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] setpgid(0, 0) = 0 [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5077] write(3, "1000", 4) = 4 [pid 5077] close(3) = 0 [pid 5077] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5077] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5077] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5078 attached , parent_tid=[5078], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5078 [pid 5078] set_robust_list(0x7f5a2fc3b9e0, 24 [pid 5077] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... set_robust_list resumed>) = 0 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5078] memfd_create("syzkaller", 0) = 3 [pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5078] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5078] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5078] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5078] close(3) = 0 [pid 5078] mkdir("./file0", 0777) = 0 [ 40.109861][ T5078] loop0: detected capacity change from 0 to 65536 [ 40.118455][ T5078] XFS: attr2 mount option is deprecated. [ 40.124183][ T5078] XFS: ikeep mount option is deprecated. [ 40.132432][ T5078] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 40.141536][ T5078] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5078] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5078] chdir("./file0") = 0 [pid 5078] ioctl(4, LOOP_CLR_FD) = 0 [pid 5078] close(4) = 0 [pid 5078] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5078] creat("./bus", 000) = 4 [pid 5078] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5078] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5078] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5078] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5078] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5078] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5078] write(6, "15", 2) = 2 [ 40.166494][ T5078] XFS (loop0): Ending clean mount [ 40.173149][ T5078] XFS (loop0): Quotacheck needed: Please wait. [ 40.187933][ T5078] XFS (loop0): Quotacheck: Done. [ 40.193172][ T5078] xfs filesystem being mounted at /root/syzkaller.Gu7569/1/file0 supports timestamps until 2038 (0x7fffffff) [pid 5078] lchown("./bus", 3327, 0) = 0 [pid 5078] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5077] <... futex resumed>) = 0 [pid 5078] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5077] exit_group(0 [pid 5078] <... futex resumed>) = ? [pid 5077] <... exit_group resumed>) = ? [pid 5078] +++ exited with 0 +++ [pid 5077] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=21 /* 0.21 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1/binderfs") = 0 [ 40.257532][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5087 ./strace-static-x86_64: Process 5087 attached [pid 5087] set_robust_list(0x5555566485e0, 24) = 0 [pid 5087] chdir("./2") = 0 [pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5087] setpgid(0, 0) = 0 [pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5087] write(3, "1000", 4) = 4 [pid 5087] close(3) = 0 [pid 5087] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5087] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5087] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5087] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5087] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5088 attached , parent_tid=[5088], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5088 [pid 5088] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5088] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5087] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... futex resumed>) = 0 [pid 5087] <... futex resumed>) = 1 [pid 5087] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] memfd_create("syzkaller", 0) = 3 [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5088] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5088] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5088] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5088] close(3) = 0 [pid 5088] mkdir("./file0", 0777) = 0 [ 40.545622][ T5088] loop0: detected capacity change from 0 to 65536 [ 40.554865][ T5088] XFS: attr2 mount option is deprecated. [ 40.560569][ T5088] XFS: ikeep mount option is deprecated. [ 40.568846][ T5088] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 40.577366][ T5088] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5088] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5088] chdir("./file0") = 0 [pid 5088] ioctl(4, LOOP_CLR_FD) = 0 [pid 5088] close(4) = 0 [pid 5088] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5087] <... futex resumed>) = 0 [pid 5088] creat("./bus", 000 [pid 5087] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5087] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... creat resumed>) = 4 [pid 5088] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... futex resumed>) = 0 [pid 5087] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5087] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... futex resumed>) = 1 [pid 5088] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5088] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... futex resumed>) = 0 [pid 5088] <... futex resumed>) = 1 [pid 5087] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5087] <... futex resumed>) = 0 [pid 5088] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5087] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5087] <... futex resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5087] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... openat resumed>) = 6 [pid 5087] <... futex resumed>) = 0 [pid 5088] write(6, "15", 2 [pid 5087] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... write resumed>) = 2 [pid 5088] lchown("./bus", 3327, 0) = 0 [pid 5088] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... futex resumed>) = 0 [pid 5087] exit_group(0) = ? [pid 5088] <... futex resumed>) = ? [pid 5088] +++ exited with 0 +++ [pid 5087] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=19 /* 0.19 s */} --- umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./2/binderfs") = 0 [ 40.602384][ T5088] XFS (loop0): Ending clean mount [ 40.608370][ T5088] XFS (loop0): Quotacheck needed: Please wait. [ 40.622702][ T5088] XFS (loop0): Quotacheck: Done. [ 40.627713][ T5088] xfs filesystem being mounted at /root/syzkaller.Gu7569/2/file0 supports timestamps until 2038 (0x7fffffff) [ 40.651561][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./2/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./2") = 0 mkdir("./3", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5097 ./strace-static-x86_64: Process 5097 attached [pid 5097] set_robust_list(0x5555566485e0, 24) = 0 [pid 5097] chdir("./3") = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5097] setpgid(0, 0) = 0 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5097] write(3, "1000", 4) = 4 [pid 5097] close(3) = 0 [pid 5097] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5097] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5097] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5097] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5098], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5098 [pid 5097] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5098 attached [pid 5098] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5098] memfd_create("syzkaller", 0) = 3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5098] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5098] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5098] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5098] close(3) = 0 [pid 5098] mkdir("./file0", 0777) = 0 [ 40.937749][ T5098] loop0: detected capacity change from 0 to 65536 [ 40.946633][ T5098] XFS: attr2 mount option is deprecated. [ 40.952339][ T5098] XFS: ikeep mount option is deprecated. [ 40.961207][ T5098] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 40.969892][ T5098] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5098] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5098] chdir("./file0") = 0 [pid 5098] ioctl(4, LOOP_CLR_FD) = 0 [pid 5098] close(4) = 0 [pid 5098] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5097] <... futex resumed>) = 0 [pid 5097] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] <... futex resumed>) = 1 [pid 5098] creat("./bus", 000) = 4 [pid 5098] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5097] <... futex resumed>) = 0 [pid 5097] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] <... futex resumed>) = 1 [pid 5098] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5098] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5097] <... futex resumed>) = 0 [pid 5097] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] <... futex resumed>) = 1 [pid 5098] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5098] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5097] <... futex resumed>) = 0 [pid 5097] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] <... futex resumed>) = 1 [pid 5098] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5098] write(6, "15", 2) = 2 [pid 5098] lchown("./bus", 3327, 0) = 0 [pid 5098] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5097] exit_group(0) = ? [pid 5098] +++ exited with 0 +++ [pid 5097] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=18 /* 0.18 s */} --- umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./3/binderfs") = 0 [ 40.994708][ T5098] XFS (loop0): Ending clean mount [ 41.000800][ T5098] XFS (loop0): Quotacheck needed: Please wait. [ 41.016095][ T5098] XFS (loop0): Quotacheck: Done. [ 41.021214][ T5098] xfs filesystem being mounted at /root/syzkaller.Gu7569/3/file0 supports timestamps until 2038 (0x7fffffff) [ 41.063399][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./3/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./3") = 0 mkdir("./4", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5107 ./strace-static-x86_64: Process 5107 attached [pid 5107] set_robust_list(0x5555566485e0, 24) = 0 [pid 5107] chdir("./4") = 0 [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5107] setpgid(0, 0) = 0 [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5107] write(3, "1000", 4) = 4 [pid 5107] close(3) = 0 [pid 5107] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5107] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5107] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5107] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5107] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5108], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5108 [pid 5107] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5107] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5108 attached [pid 5108] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5108] memfd_create("syzkaller", 0) = 3 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5108] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5108] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5108] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5108] close(3) = 0 [pid 5108] mkdir("./file0", 0777) = 0 [ 41.358302][ T5108] loop0: detected capacity change from 0 to 65536 [ 41.367137][ T5108] XFS: attr2 mount option is deprecated. [ 41.372826][ T5108] XFS: ikeep mount option is deprecated. [ 41.381390][ T5108] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 41.390360][ T5108] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5108] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5108] chdir("./file0") = 0 [pid 5108] ioctl(4, LOOP_CLR_FD) = 0 [pid 5108] close(4) = 0 [pid 5108] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5107] <... futex resumed>) = 0 [pid 5108] creat("./bus", 000 [pid 5107] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5107] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] <... creat resumed>) = 4 [pid 5108] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5107] <... futex resumed>) = 0 [pid 5107] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5107] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5108] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5107] <... futex resumed>) = 0 [pid 5108] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5107] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5108] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5107] <... futex resumed>) = 0 [pid 5108] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5107] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5108] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5107] <... futex resumed>) = 0 [pid 5107] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5107] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5108] write(6, "15", 2) = 2 [pid 5108] lchown("./bus", 3327, 0) = 0 [pid 5108] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5107] <... futex resumed>) = 0 [pid 5108] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5107] exit_group(0 [pid 5108] <... futex resumed>) = ? [pid 5107] <... exit_group resumed>) = ? [pid 5108] +++ exited with 0 +++ [pid 5107] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./4/binderfs") = 0 [ 41.415495][ T5108] XFS (loop0): Ending clean mount [ 41.422018][ T5108] XFS (loop0): Quotacheck needed: Please wait. [ 41.438033][ T5108] XFS (loop0): Quotacheck: Done. [ 41.443143][ T5108] xfs filesystem being mounted at /root/syzkaller.Gu7569/4/file0 supports timestamps until 2038 (0x7fffffff) [ 41.490177][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./4/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./4") = 0 mkdir("./5", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5117 ./strace-static-x86_64: Process 5117 attached [pid 5117] set_robust_list(0x5555566485e0, 24) = 0 [pid 5117] chdir("./5") = 0 [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5117] setpgid(0, 0) = 0 [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5117] write(3, "1000", 4) = 4 [pid 5117] close(3) = 0 [pid 5117] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5117] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5117] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5117] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5117] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5118], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5118 [pid 5117] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5117] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5118 attached [pid 5118] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5118] memfd_create("syzkaller", 0) = 3 [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5118] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5118] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5118] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5118] close(3) = 0 [pid 5118] mkdir("./file0", 0777) = 0 [ 41.793903][ T5118] loop0: detected capacity change from 0 to 65536 [ 41.802681][ T5118] XFS: attr2 mount option is deprecated. [ 41.808387][ T5118] XFS: ikeep mount option is deprecated. [ 41.816545][ T5118] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 41.824964][ T5118] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5118] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5118] chdir("./file0") = 0 [pid 5118] ioctl(4, LOOP_CLR_FD) = 0 [pid 5118] close(4) = 0 [pid 5118] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5117] <... futex resumed>) = 0 [pid 5117] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5117] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5118] <... futex resumed>) = 1 [pid 5118] creat("./bus", 000) = 4 [pid 5118] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5117] <... futex resumed>) = 0 [pid 5118] <... futex resumed>) = 1 [pid 5118] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE [pid 5117] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5118] <... socket resumed>) = 5 [pid 5117] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5118] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5117] <... futex resumed>) = 0 [pid 5118] <... futex resumed>) = 1 [pid 5117] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5118] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5117] <... futex resumed>) = 0 [pid 5117] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5118] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5118] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5117] <... futex resumed>) = 0 [pid 5118] <... futex resumed>) = 1 [pid 5117] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5117] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5118] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5118] write(6, "15", 2) = 2 [pid 5118] lchown("./bus", 3327, 0) = 0 [pid 5118] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5117] <... futex resumed>) = 0 [pid 5117] exit_group(0) = ? [ 41.850663][ T5118] XFS (loop0): Ending clean mount [ 41.856882][ T5118] XFS (loop0): Quotacheck needed: Please wait. [ 41.876406][ T5118] XFS (loop0): Quotacheck: Done. [ 41.881587][ T5118] xfs filesystem being mounted at /root/syzkaller.Gu7569/5/file0 supports timestamps until 2038 (0x7fffffff) [pid 5118] +++ exited with 0 +++ [pid 5117] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=22 /* 0.22 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./5/binderfs") = 0 [ 41.938175][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./5/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./5") = 0 mkdir("./6", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5127 ./strace-static-x86_64: Process 5127 attached [pid 5127] set_robust_list(0x5555566485e0, 24) = 0 [pid 5127] chdir("./6") = 0 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5127] setpgid(0, 0) = 0 [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5127] write(3, "1000", 4) = 4 [pid 5127] close(3) = 0 [pid 5127] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5127] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5127] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5127] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5127] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5128], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5128 [pid 5127] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5127] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5128 attached [pid 5128] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5128] memfd_create("syzkaller", 0) = 3 [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5128] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5128] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5128] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5128] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5128] close(3) = 0 [pid 5128] mkdir("./file0", 0777) = 0 [ 42.230176][ T5128] loop0: detected capacity change from 0 to 65536 [ 42.238711][ T5128] XFS: attr2 mount option is deprecated. [ 42.244497][ T5128] XFS: ikeep mount option is deprecated. [ 42.253111][ T5128] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 42.261438][ T5128] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5128] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5128] chdir("./file0") = 0 [pid 5128] ioctl(4, LOOP_CLR_FD) = 0 [pid 5128] close(4) = 0 [pid 5128] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5127] <... futex resumed>) = 0 [pid 5127] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5127] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5128] <... futex resumed>) = 1 [pid 5128] creat("./bus", 000) = 4 [pid 5128] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5127] <... futex resumed>) = 0 [pid 5127] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5128] <... futex resumed>) = 1 [pid 5127] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5128] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5128] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5127] <... futex resumed>) = 0 [pid 5128] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5127] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5127] <... futex resumed>) = 0 [pid 5128] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5127] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5128] <... futex resumed>) = 0 [pid 5127] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5128] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5127] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] <... openat resumed>) = 6 [pid 5127] <... futex resumed>) = 0 [pid 5128] write(6, "15", 2 [pid 5127] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5128] <... write resumed>) = 2 [pid 5128] lchown("./bus", 3327, 0) = 0 [pid 5128] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5127] <... futex resumed>) = 0 [pid 5128] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5127] exit_group(0 [pid 5128] <... futex resumed>) = ? [pid 5127] <... exit_group resumed>) = ? [pid 5128] +++ exited with 0 +++ [pid 5127] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=24 /* 0.24 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./6/binderfs") = 0 [ 42.287097][ T5128] XFS (loop0): Ending clean mount [ 42.293508][ T5128] XFS (loop0): Quotacheck needed: Please wait. [ 42.310396][ T5128] XFS (loop0): Quotacheck: Done. [ 42.315516][ T5128] xfs filesystem being mounted at /root/syzkaller.Gu7569/6/file0 supports timestamps until 2038 (0x7fffffff) [ 42.360031][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./6/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./6") = 0 mkdir("./7", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5137 ./strace-static-x86_64: Process 5137 attached [pid 5137] set_robust_list(0x5555566485e0, 24) = 0 [pid 5137] chdir("./7") = 0 [pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5137] setpgid(0, 0) = 0 [pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5137] write(3, "1000", 4) = 4 [pid 5137] close(3) = 0 [pid 5137] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5137] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5137] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5137] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5137] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5138], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5138 [pid 5137] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5137] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5138 attached [pid 5138] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5138] memfd_create("syzkaller", 0) = 3 [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5138] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5138] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5138] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5138] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5138] close(3) = 0 [pid 5138] mkdir("./file0", 0777) = 0 [ 42.676501][ T5138] loop0: detected capacity change from 0 to 65536 [ 42.685173][ T5138] XFS: attr2 mount option is deprecated. [ 42.690864][ T5138] XFS: ikeep mount option is deprecated. [ 42.699500][ T5138] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 42.707656][ T5138] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5138] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5138] chdir("./file0") = 0 [pid 5138] ioctl(4, LOOP_CLR_FD) = 0 [pid 5138] close(4) = 0 [pid 5138] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5137] <... futex resumed>) = 0 [pid 5137] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5138] creat("./bus", 000 [pid 5137] <... futex resumed>) = 0 [pid 5137] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5138] <... creat resumed>) = 4 [pid 5138] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] <... futex resumed>) = 0 [pid 5137] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5137] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5138] <... futex resumed>) = 1 [pid 5138] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5138] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5137] <... futex resumed>) = 0 [pid 5138] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5137] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5138] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5137] <... futex resumed>) = 0 [pid 5138] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5138] <... futex resumed>) = 0 [pid 5137] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5138] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5137] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5138] <... openat resumed>) = 6 [pid 5137] <... futex resumed>) = 0 [pid 5138] write(6, "15", 2 [pid 5137] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5138] <... write resumed>) = 2 [pid 5138] lchown("./bus", 3327, 0) = 0 [pid 5138] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5137] <... futex resumed>) = 0 [pid 5138] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5137] exit_group(0) = ? [pid 5138] <... futex resumed>) = ? [pid 5138] +++ exited with 0 +++ [pid 5137] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./7/binderfs") = 0 [ 42.733394][ T5138] XFS (loop0): Ending clean mount [ 42.740185][ T5138] XFS (loop0): Quotacheck needed: Please wait. [ 42.755838][ T5138] XFS (loop0): Quotacheck: Done. [ 42.761193][ T5138] xfs filesystem being mounted at /root/syzkaller.Gu7569/7/file0 supports timestamps until 2038 (0x7fffffff) [ 42.799441][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./7/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./7") = 0 mkdir("./8", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5147 ./strace-static-x86_64: Process 5147 attached [pid 5147] set_robust_list(0x5555566485e0, 24) = 0 [pid 5147] chdir("./8") = 0 [pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5147] setpgid(0, 0) = 0 [pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5147] write(3, "1000", 4) = 4 [pid 5147] close(3) = 0 [pid 5147] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5147] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5147] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5147] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5147] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5148], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5148 [pid 5147] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5147] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5148 attached [pid 5148] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5148] memfd_create("syzkaller", 0) = 3 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5148] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5148] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5148] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5148] close(3) = 0 [pid 5148] mkdir("./file0", 0777) = 0 [ 43.090903][ T5148] loop0: detected capacity change from 0 to 65536 [ 43.099790][ T5148] XFS: attr2 mount option is deprecated. [ 43.105437][ T5148] XFS: ikeep mount option is deprecated. [ 43.113951][ T5148] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 43.122429][ T5148] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5148] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5148] chdir("./file0") = 0 [pid 5148] ioctl(4, LOOP_CLR_FD) = 0 [pid 5148] close(4) = 0 [pid 5148] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5147] <... futex resumed>) = 0 [pid 5147] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5147] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5148] <... futex resumed>) = 1 [pid 5148] creat("./bus", 000) = 4 [pid 5148] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5147] <... futex resumed>) = 0 [pid 5148] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5147] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5148] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5147] <... futex resumed>) = 0 [pid 5148] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE [pid 5147] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5148] <... socket resumed>) = 5 [pid 5148] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5148] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5147] <... futex resumed>) = 0 [pid 5147] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5147] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5148] <... futex resumed>) = 0 [pid 5148] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5148] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5147] <... futex resumed>) = 0 [pid 5147] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5147] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5148] <... futex resumed>) = 1 [pid 5148] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5148] write(6, "15", 2) = 2 [pid 5148] lchown("./bus", 3327, 0) = 0 [pid 5148] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5147] <... futex resumed>) = 0 [pid 5147] exit_group(0) = ? [pid 5148] <... futex resumed>) = ? [pid 5148] +++ exited with 0 +++ [pid 5147] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5147, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=23 /* 0.23 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./8/binderfs") = 0 [ 43.147182][ T5148] XFS (loop0): Ending clean mount [ 43.153254][ T5148] XFS (loop0): Quotacheck needed: Please wait. [ 43.167965][ T5148] XFS (loop0): Quotacheck: Done. [ 43.173096][ T5148] xfs filesystem being mounted at /root/syzkaller.Gu7569/8/file0 supports timestamps until 2038 (0x7fffffff) [ 43.216225][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./8/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./8") = 0 mkdir("./9", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5157 ./strace-static-x86_64: Process 5157 attached [pid 5157] set_robust_list(0x5555566485e0, 24) = 0 [pid 5157] chdir("./9") = 0 [pid 5157] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5157] setpgid(0, 0) = 0 [pid 5157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5157] write(3, "1000", 4) = 4 [pid 5157] close(3) = 0 [pid 5157] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5157] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5157] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5157] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5157] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5158 attached [pid 5158] set_robust_list(0x7f5a2fc3b9e0, 24 [pid 5157] <... clone resumed>, parent_tid=[5158], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5158 [pid 5158] <... set_robust_list resumed>) = 0 [pid 5157] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5157] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5158] memfd_create("syzkaller", 0) = 3 [pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5158] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5158] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5158] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5158] close(3) = 0 [pid 5158] mkdir("./file0", 0777) = 0 [ 43.526231][ T5158] loop0: detected capacity change from 0 to 65536 [ 43.534853][ T5158] XFS: attr2 mount option is deprecated. [ 43.540574][ T5158] XFS: ikeep mount option is deprecated. [ 43.548694][ T5158] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 43.557188][ T5158] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5158] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5158] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5158] chdir("./file0") = 0 [pid 5158] ioctl(4, LOOP_CLR_FD) = 0 [pid 5158] close(4) = 0 [pid 5158] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5158] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5157] <... futex resumed>) = 0 [pid 5157] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5158] <... futex resumed>) = 0 [pid 5158] creat("./bus", 000 [pid 5157] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5158] <... creat resumed>) = 4 [pid 5158] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5157] <... futex resumed>) = 0 [pid 5157] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5157] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5158] <... futex resumed>) = 1 [pid 5158] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5158] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5157] <... futex resumed>) = 0 [pid 5157] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5157] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5158] <... futex resumed>) = 1 [pid 5158] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5158] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5157] <... futex resumed>) = 0 [pid 5158] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5157] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5158] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5157] <... futex resumed>) = 0 [pid 5158] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5157] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5158] <... openat resumed>) = 6 [pid 5158] write(6, "15", 2) = 2 [pid 5158] lchown("./bus", 3327, 0) = 0 [pid 5158] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5157] <... futex resumed>) = 0 [pid 5157] exit_group(0) = ? [pid 5158] +++ exited with 0 +++ [pid 5157] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5157, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=21 /* 0.21 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./9/binderfs") = 0 [ 43.582000][ T5158] XFS (loop0): Ending clean mount [ 43.588060][ T5158] XFS (loop0): Quotacheck needed: Please wait. [ 43.603954][ T5158] XFS (loop0): Quotacheck: Done. [ 43.609024][ T5158] xfs filesystem being mounted at /root/syzkaller.Gu7569/9/file0 supports timestamps until 2038 (0x7fffffff) [ 43.653780][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./9/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./9") = 0 mkdir("./10", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5167 attached , child_tidptr=0x5555566485d0) = 5167 [pid 5167] set_robust_list(0x5555566485e0, 24) = 0 [pid 5167] chdir("./10") = 0 [pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5167] setpgid(0, 0) = 0 [pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5167] write(3, "1000", 4) = 4 [pid 5167] close(3) = 0 [pid 5167] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5167] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5167] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5167] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5168 attached , parent_tid=[5168], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5168 [pid 5168] set_robust_list(0x7f5a2fc3b9e0, 24 [pid 5167] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5168] <... set_robust_list resumed>) = 0 [pid 5167] <... futex resumed>) = 0 [pid 5167] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5168] memfd_create("syzkaller", 0) = 3 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5168] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5168] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5168] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5168] close(3) = 0 [pid 5168] mkdir("./file0", 0777) = 0 [ 43.949994][ T5168] loop0: detected capacity change from 0 to 65536 [ 43.959794][ T5168] XFS: attr2 mount option is deprecated. [ 43.965471][ T5168] XFS: ikeep mount option is deprecated. [ 43.973883][ T5168] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 43.982169][ T5168] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5168] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5168] chdir("./file0") = 0 [pid 5168] ioctl(4, LOOP_CLR_FD) = 0 [pid 5168] close(4) = 0 [pid 5168] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5168] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5167] <... futex resumed>) = 0 [pid 5167] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5167] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5168] <... futex resumed>) = 0 [pid 5168] creat("./bus", 000) = 4 [pid 5168] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5167] <... futex resumed>) = 0 [pid 5167] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5167] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5168] <... futex resumed>) = 1 [pid 5168] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5168] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5167] <... futex resumed>) = 0 [pid 5167] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5167] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5168] <... futex resumed>) = 1 [pid 5168] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5168] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5167] <... futex resumed>) = 0 [pid 5167] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5167] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5168] <... futex resumed>) = 1 [pid 5168] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5168] write(6, "15", 2) = 2 [pid 5168] lchown("./bus", 3327, 0) = 0 [pid 5168] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5167] <... futex resumed>) = 0 [pid 5167] exit_group(0) = ? [pid 5168] <... futex resumed>) = ? [pid 5168] +++ exited with 0 +++ [pid 5167] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./10/binderfs") = 0 [ 44.007518][ T5168] XFS (loop0): Ending clean mount [ 44.013666][ T5168] XFS (loop0): Quotacheck needed: Please wait. [ 44.029095][ T5168] XFS (loop0): Quotacheck: Done. [ 44.034358][ T5168] xfs filesystem being mounted at /root/syzkaller.Gu7569/10/file0 supports timestamps until 2038 (0x7fffffff) [ 44.075293][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./10/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./10") = 0 mkdir("./11", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5177 ./strace-static-x86_64: Process 5177 attached [pid 5177] set_robust_list(0x5555566485e0, 24) = 0 [pid 5177] chdir("./11") = 0 [pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5177] setpgid(0, 0) = 0 [pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5177] write(3, "1000", 4) = 4 [pid 5177] close(3) = 0 [pid 5177] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5177] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5177] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5177] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5177] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5178], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5178 [pid 5177] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5177] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5178 attached [pid 5178] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5178] memfd_create("syzkaller", 0) = 3 [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5178] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5178] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5178] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5178] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5178] close(3) = 0 [pid 5178] mkdir("./file0", 0777) = 0 [ 44.369087][ T5178] loop0: detected capacity change from 0 to 65536 [ 44.378789][ T5178] XFS: attr2 mount option is deprecated. [ 44.384498][ T5178] XFS: ikeep mount option is deprecated. [ 44.392690][ T5178] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 44.401584][ T5178] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5178] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5178] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5178] chdir("./file0") = 0 [pid 5178] ioctl(4, LOOP_CLR_FD) = 0 [pid 5178] close(4) = 0 [pid 5178] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5177] <... futex resumed>) = 0 [pid 5177] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5177] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5178] <... futex resumed>) = 1 [pid 5178] creat("./bus", 000) = 4 [pid 5178] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5177] <... futex resumed>) = 0 [pid 5177] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5177] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5178] <... futex resumed>) = 1 [pid 5178] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5178] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5177] <... futex resumed>) = 0 [pid 5177] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5177] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5178] <... futex resumed>) = 1 [pid 5178] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5178] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5177] <... futex resumed>) = 0 [pid 5177] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5177] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5178] <... futex resumed>) = 1 [pid 5178] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5178] write(6, "15", 2) = 2 [pid 5178] lchown("./bus", 3327, 0) = 0 [pid 5178] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5177] <... futex resumed>) = 0 [pid 5177] exit_group(0) = ? [pid 5178] <... futex resumed>) = ? [pid 5178] +++ exited with 0 +++ [pid 5177] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5177, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=23 /* 0.23 s */} --- umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./11/binderfs") = 0 [ 44.426795][ T5178] XFS (loop0): Ending clean mount [ 44.433016][ T5178] XFS (loop0): Quotacheck needed: Please wait. [ 44.448371][ T5178] XFS (loop0): Quotacheck: Done. [ 44.453490][ T5178] xfs filesystem being mounted at /root/syzkaller.Gu7569/11/file0 supports timestamps until 2038 (0x7fffffff) [ 44.480958][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./11/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./11") = 0 mkdir("./12", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5187 ./strace-static-x86_64: Process 5187 attached [pid 5187] set_robust_list(0x5555566485e0, 24) = 0 [pid 5187] chdir("./12") = 0 [pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5187] setpgid(0, 0) = 0 [pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5187] write(3, "1000", 4) = 4 [pid 5187] close(3) = 0 [pid 5187] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5187] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5187] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5187] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5187] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5188 attached , parent_tid=[5188], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5188 [pid 5188] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5188] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5187] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5188] <... futex resumed>) = 0 [pid 5187] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5188] memfd_create("syzkaller", 0) = 3 [pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5188] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5188] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5188] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5188] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5188] close(3) = 0 [pid 5188] mkdir("./file0", 0777) = 0 [ 44.791309][ T5188] loop0: detected capacity change from 0 to 65536 [ 44.799992][ T5188] XFS: attr2 mount option is deprecated. [ 44.805654][ T5188] XFS: ikeep mount option is deprecated. [ 44.814158][ T5188] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 44.822656][ T5188] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5188] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5188] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5188] chdir("./file0") = 0 [pid 5188] ioctl(4, LOOP_CLR_FD) = 0 [pid 5188] close(4) = 0 [pid 5188] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5188] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5187] <... futex resumed>) = 0 [pid 5187] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5187] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5188] <... futex resumed>) = 0 [pid 5188] creat("./bus", 000) = 4 [pid 5188] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5187] <... futex resumed>) = 0 [pid 5187] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5187] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5188] <... futex resumed>) = 1 [pid 5188] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5188] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5187] <... futex resumed>) = 0 [pid 5187] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5187] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5188] <... futex resumed>) = 1 [pid 5188] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5188] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5187] <... futex resumed>) = 0 [pid 5187] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5187] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5188] <... futex resumed>) = 1 [pid 5188] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5188] write(6, "15", 2) = 2 [pid 5188] lchown("./bus", 3327, 0) = 0 [pid 5188] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5187] <... futex resumed>) = 0 [pid 5187] exit_group(0) = ? [pid 5188] +++ exited with 0 +++ [pid 5187] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=22 /* 0.22 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./12/binderfs") = 0 [ 44.848059][ T5188] XFS (loop0): Ending clean mount [ 44.854213][ T5188] XFS (loop0): Quotacheck needed: Please wait. [ 44.870365][ T5188] XFS (loop0): Quotacheck: Done. [ 44.875416][ T5188] xfs filesystem being mounted at /root/syzkaller.Gu7569/12/file0 supports timestamps until 2038 (0x7fffffff) [ 44.922561][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./12/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./12") = 0 mkdir("./13", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5197 ./strace-static-x86_64: Process 5197 attached [pid 5197] set_robust_list(0x5555566485e0, 24) = 0 [pid 5197] chdir("./13") = 0 [pid 5197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5197] setpgid(0, 0) = 0 [pid 5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5197] write(3, "1000", 4) = 4 [pid 5197] close(3) = 0 [pid 5197] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5197] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5197] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5197] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5197] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5198], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5198 [pid 5197] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5197] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5198 attached [pid 5198] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5198] memfd_create("syzkaller", 0) = 3 [pid 5198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5198] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5198] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5198] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5198] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5198] close(3) = 0 [pid 5198] mkdir("./file0", 0777) = 0 [ 45.216503][ T5198] loop0: detected capacity change from 0 to 65536 [ 45.224730][ T5198] XFS: attr2 mount option is deprecated. [ 45.230426][ T5198] XFS: ikeep mount option is deprecated. [ 45.238860][ T5198] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 45.247184][ T5198] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5198] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5198] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5198] chdir("./file0") = 0 [pid 5198] ioctl(4, LOOP_CLR_FD) = 0 [pid 5198] close(4) = 0 [pid 5198] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5197] <... futex resumed>) = 0 [pid 5198] creat("./bus", 000 [pid 5197] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5197] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5198] <... creat resumed>) = 4 [pid 5198] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5197] <... futex resumed>) = 0 [pid 5198] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE [pid 5197] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5198] <... socket resumed>) = 5 [pid 5197] <... futex resumed>) = 0 [pid 5198] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5197] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5198] <... futex resumed>) = 0 [pid 5197] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5198] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5197] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5198] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5197] <... futex resumed>) = 0 [pid 5198] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5197] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5198] <... futex resumed>) = 0 [pid 5197] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5198] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5197] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5198] <... openat resumed>) = 6 [pid 5197] <... futex resumed>) = 0 [pid 5198] write(6, "15", 2 [pid 5197] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5198] <... write resumed>) = 2 [pid 5198] lchown("./bus", 3327, 0) = 0 [pid 5198] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5197] <... futex resumed>) = 0 [pid 5198] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5197] exit_group(0 [pid 5198] <... futex resumed>) = ? [pid 5197] <... exit_group resumed>) = ? [pid 5198] +++ exited with 0 +++ [pid 5197] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5197, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./13/binderfs") = 0 [ 45.272828][ T5198] XFS (loop0): Ending clean mount [ 45.278889][ T5198] XFS (loop0): Quotacheck needed: Please wait. [ 45.293976][ T5198] XFS (loop0): Quotacheck: Done. [ 45.298999][ T5198] xfs filesystem being mounted at /root/syzkaller.Gu7569/13/file0 supports timestamps until 2038 (0x7fffffff) [ 45.324078][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./13/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./13") = 0 mkdir("./14", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5207 ./strace-static-x86_64: Process 5207 attached [pid 5207] set_robust_list(0x5555566485e0, 24) = 0 [pid 5207] chdir("./14") = 0 [pid 5207] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5207] setpgid(0, 0) = 0 [pid 5207] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5207] write(3, "1000", 4) = 4 [pid 5207] close(3) = 0 [pid 5207] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5207] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5207] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5207] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5207] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5208], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5208 [pid 5207] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5207] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5208 attached [pid 5208] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5208] memfd_create("syzkaller", 0) = 3 [pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5208] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5208] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5208] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5208] close(3) = 0 [pid 5208] mkdir("./file0", 0777) = 0 [ 45.635081][ T5208] loop0: detected capacity change from 0 to 65536 [ 45.643774][ T5208] XFS: attr2 mount option is deprecated. [ 45.649685][ T5208] XFS: ikeep mount option is deprecated. [ 45.658145][ T5208] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 45.666624][ T5208] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5208] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5208] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5208] chdir("./file0") = 0 [pid 5208] ioctl(4, LOOP_CLR_FD) = 0 [pid 5208] close(4) = 0 [pid 5208] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5207] <... futex resumed>) = 0 [pid 5207] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5207] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5208] <... futex resumed>) = 1 [pid 5208] creat("./bus", 000) = 4 [pid 5208] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5207] <... futex resumed>) = 0 [pid 5207] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5208] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE [pid 5207] <... futex resumed>) = 0 [pid 5207] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5208] <... socket resumed>) = 5 [pid 5208] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5207] <... futex resumed>) = 0 [pid 5207] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5208] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5207] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5208] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5208] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5207] <... futex resumed>) = 0 [pid 5207] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5207] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5208] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5208] write(6, "15", 2) = 2 [pid 5208] lchown("./bus", 3327, 0) = 0 [pid 5208] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5207] <... futex resumed>) = 0 [pid 5208] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5207] exit_group(0 [pid 5208] <... futex resumed>) = ? [pid 5207] <... exit_group resumed>) = ? [pid 5208] +++ exited with 0 +++ [pid 5207] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5207, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=25 /* 0.25 s */} --- umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./14/binderfs") = 0 [ 45.692813][ T5208] XFS (loop0): Ending clean mount [ 45.699016][ T5208] XFS (loop0): Quotacheck needed: Please wait. [ 45.715234][ T5208] XFS (loop0): Quotacheck: Done. [ 45.720361][ T5208] xfs filesystem being mounted at /root/syzkaller.Gu7569/14/file0 supports timestamps until 2038 (0x7fffffff) [ 45.762885][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./14/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./14") = 0 mkdir("./15", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5217 ./strace-static-x86_64: Process 5217 attached [pid 5217] set_robust_list(0x5555566485e0, 24) = 0 [pid 5217] chdir("./15") = 0 [pid 5217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5217] setpgid(0, 0) = 0 [pid 5217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5217] write(3, "1000", 4) = 4 [pid 5217] close(3) = 0 [pid 5217] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5217] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5217] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5217] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5217] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5218], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5218 [pid 5217] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5217] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5218 attached [pid 5218] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5218] memfd_create("syzkaller", 0) = 3 [pid 5218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5218] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5218] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5218] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5218] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5218] close(3) = 0 [pid 5218] mkdir("./file0", 0777) = 0 [ 46.065151][ T5218] loop0: detected capacity change from 0 to 65536 [ 46.073390][ T5218] XFS: attr2 mount option is deprecated. [ 46.079140][ T5218] XFS: ikeep mount option is deprecated. [ 46.087798][ T5218] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 46.096361][ T5218] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5218] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5218] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5218] chdir("./file0") = 0 [pid 5218] ioctl(4, LOOP_CLR_FD) = 0 [pid 5218] close(4) = 0 [pid 5218] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5217] <... futex resumed>) = 0 [pid 5218] creat("./bus", 000 [pid 5217] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5217] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5218] <... creat resumed>) = 4 [pid 5218] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5217] <... futex resumed>) = 0 [pid 5217] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5217] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5218] <... futex resumed>) = 1 [pid 5218] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5218] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5217] <... futex resumed>) = 0 [pid 5217] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5218] <... futex resumed>) = 1 [pid 5217] <... futex resumed>) = 0 [pid 5218] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5217] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5218] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5218] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5217] <... futex resumed>) = 0 [pid 5218] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5217] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5218] <... openat resumed>) = 6 [pid 5217] <... futex resumed>) = 0 [pid 5218] write(6, "15", 2 [pid 5217] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5218] <... write resumed>) = 2 [pid 5218] lchown("./bus", 3327, 0) = 0 [pid 5218] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5217] <... futex resumed>) = 0 [pid 5217] exit_group(0) = ? [pid 5218] <... futex resumed>) = ? [pid 5218] +++ exited with 0 +++ [pid 5217] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5217, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=21 /* 0.21 s */} --- umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./15/binderfs") = 0 [ 46.122656][ T5218] XFS (loop0): Ending clean mount [ 46.128842][ T5218] XFS (loop0): Quotacheck needed: Please wait. [ 46.144401][ T5218] XFS (loop0): Quotacheck: Done. [ 46.149501][ T5218] xfs filesystem being mounted at /root/syzkaller.Gu7569/15/file0 supports timestamps until 2038 (0x7fffffff) [ 46.175964][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./15/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./15") = 0 mkdir("./16", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5227 ./strace-static-x86_64: Process 5227 attached [pid 5227] set_robust_list(0x5555566485e0, 24) = 0 [pid 5227] chdir("./16") = 0 [pid 5227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5227] setpgid(0, 0) = 0 [pid 5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5227] write(3, "1000", 4) = 4 [pid 5227] close(3) = 0 [pid 5227] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5227] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5227] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5227] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5227] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5228], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5228 [pid 5227] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5227] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5228 attached [pid 5228] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5228] memfd_create("syzkaller", 0) = 3 [pid 5228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5228] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5228] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5228] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5228] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5228] close(3) = 0 [pid 5228] mkdir("./file0", 0777) = 0 [ 46.498921][ T5228] loop0: detected capacity change from 0 to 65536 [ 46.507467][ T5228] XFS: attr2 mount option is deprecated. [ 46.513152][ T5228] XFS: ikeep mount option is deprecated. [ 46.521746][ T5228] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 46.530290][ T5228] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5228] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5228] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5228] chdir("./file0") = 0 [pid 5228] ioctl(4, LOOP_CLR_FD) = 0 [pid 5228] close(4) = 0 [pid 5228] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5227] <... futex resumed>) = 0 [pid 5227] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5227] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5228] <... futex resumed>) = 1 [pid 5228] creat("./bus", 000) = 4 [pid 5228] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5227] <... futex resumed>) = 0 [pid 5228] <... futex resumed>) = 1 [pid 5228] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5227] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5227] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5228] <... futex resumed>) = 0 [pid 5228] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5228] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5227] <... futex resumed>) = 0 [pid 5228] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5227] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5228] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5227] <... futex resumed>) = 0 [pid 5228] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5227] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5228] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5228] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5228] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5227] <... futex resumed>) = 0 [pid 5227] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5228] <... futex resumed>) = 0 [pid 5227] <... futex resumed>) = 1 [pid 5228] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5227] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5228] <... openat resumed>) = 6 [pid 5228] write(6, "15", 2) = 2 [pid 5228] lchown("./bus", 3327, 0) = 0 [pid 5228] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5227] <... futex resumed>) = 0 [pid 5228] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5227] exit_group(0 [pid 5228] <... futex resumed>) = ? [pid 5227] <... exit_group resumed>) = ? [pid 5228] +++ exited with 0 +++ [pid 5227] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5227, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=21 /* 0.21 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./16/binderfs") = 0 [ 46.554982][ T5228] XFS (loop0): Ending clean mount [ 46.561081][ T5228] XFS (loop0): Quotacheck needed: Please wait. [ 46.575841][ T5228] XFS (loop0): Quotacheck: Done. [ 46.580893][ T5228] xfs filesystem being mounted at /root/syzkaller.Gu7569/16/file0 supports timestamps until 2038 (0x7fffffff) [ 46.634954][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./16/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./16") = 0 mkdir("./17", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5237 ./strace-static-x86_64: Process 5237 attached [pid 5237] set_robust_list(0x5555566485e0, 24) = 0 [pid 5237] chdir("./17") = 0 [pid 5237] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5237] setpgid(0, 0) = 0 [pid 5237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5237] write(3, "1000", 4) = 4 [pid 5237] close(3) = 0 [pid 5237] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5237] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5237] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5237] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5237] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5238], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5238 [pid 5237] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5237] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5238 attached [pid 5238] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5238] memfd_create("syzkaller", 0) = 3 [pid 5238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5238] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5238] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5238] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5238] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5238] close(3) = 0 [pid 5238] mkdir("./file0", 0777) = 0 [ 46.919689][ T5238] loop0: detected capacity change from 0 to 65536 [ 46.928853][ T5238] XFS: attr2 mount option is deprecated. [ 46.934564][ T5238] XFS: ikeep mount option is deprecated. [ 46.942766][ T5238] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 46.951515][ T5238] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5238] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5238] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5238] chdir("./file0") = 0 [pid 5238] ioctl(4, LOOP_CLR_FD) = 0 [pid 5238] close(4) = 0 [pid 5238] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5237] <... futex resumed>) = 0 [pid 5238] creat("./bus", 000 [pid 5237] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5237] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5238] <... creat resumed>) = 4 [pid 5238] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] <... futex resumed>) = 0 [pid 5237] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5237] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5238] <... futex resumed>) = 1 [pid 5238] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5238] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5237] <... futex resumed>) = 0 [pid 5238] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5237] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5238] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5237] <... futex resumed>) = 0 [pid 5238] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5237] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5238] <... futex resumed>) = 0 [pid 5237] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5238] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5237] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5238] <... openat resumed>) = 6 [pid 5237] <... futex resumed>) = 0 [pid 5238] write(6, "15", 2 [pid 5237] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5238] <... write resumed>) = 2 [pid 5238] lchown("./bus", 3327, 0) = 0 [pid 5238] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5237] <... futex resumed>) = 0 [pid 5238] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5237] exit_group(0 [pid 5238] <... futex resumed>) = ? [pid 5237] <... exit_group resumed>) = ? [pid 5238] +++ exited with 0 +++ [pid 5237] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5237, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./17/binderfs") = 0 [ 46.977208][ T5238] XFS (loop0): Ending clean mount [ 46.984362][ T5238] XFS (loop0): Quotacheck needed: Please wait. [ 47.001647][ T5238] XFS (loop0): Quotacheck: Done. [ 47.006881][ T5238] xfs filesystem being mounted at /root/syzkaller.Gu7569/17/file0 supports timestamps until 2038 (0x7fffffff) [ 47.043098][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./17/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./17") = 0 mkdir("./18", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5247 ./strace-static-x86_64: Process 5247 attached [pid 5247] set_robust_list(0x5555566485e0, 24) = 0 [pid 5247] chdir("./18") = 0 [pid 5247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5247] setpgid(0, 0) = 0 [pid 5247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5247] write(3, "1000", 4) = 4 [pid 5247] close(3) = 0 [pid 5247] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5247] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5247] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5247] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5247] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5248], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5248 [pid 5247] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5247] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5248 attached [pid 5248] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5248] memfd_create("syzkaller", 0) = 3 [pid 5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5248] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5248] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5248] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5248] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5248] close(3) = 0 [pid 5248] mkdir("./file0", 0777) = 0 [ 47.351178][ T5248] loop0: detected capacity change from 0 to 65536 [ 47.359820][ T5248] XFS: attr2 mount option is deprecated. [ 47.365493][ T5248] XFS: ikeep mount option is deprecated. [ 47.373768][ T5248] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 47.381997][ T5248] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5248] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5248] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5248] chdir("./file0") = 0 [pid 5248] ioctl(4, LOOP_CLR_FD) = 0 [pid 5248] close(4) = 0 [pid 5248] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = 0 [pid 5247] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5247] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5248] <... futex resumed>) = 1 [pid 5248] creat("./bus", 000) = 4 [pid 5248] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = 0 [pid 5247] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5247] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5248] <... futex resumed>) = 1 [pid 5248] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5248] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = 0 [pid 5247] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5247] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5248] <... futex resumed>) = 1 [pid 5248] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5248] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = 0 [pid 5247] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5247] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5248] <... futex resumed>) = 1 [pid 5248] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5248] write(6, "15", 2) = 2 [pid 5248] lchown("./bus", 3327, 0) = 0 [pid 5248] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = 0 [pid 5247] exit_group(0) = ? [pid 5248] <... futex resumed>) = ? [pid 5248] +++ exited with 0 +++ [pid 5247] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5247, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=22 /* 0.22 s */} --- umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./18/binderfs") = 0 [ 47.406253][ T5248] XFS (loop0): Ending clean mount [ 47.412429][ T5248] XFS (loop0): Quotacheck needed: Please wait. [ 47.429485][ T5248] XFS (loop0): Quotacheck: Done. [ 47.434753][ T5248] xfs filesystem being mounted at /root/syzkaller.Gu7569/18/file0 supports timestamps until 2038 (0x7fffffff) [ 47.478524][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./18/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./18") = 0 mkdir("./19", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5257 ./strace-static-x86_64: Process 5257 attached [pid 5257] set_robust_list(0x5555566485e0, 24) = 0 [pid 5257] chdir("./19") = 0 [pid 5257] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5257] setpgid(0, 0) = 0 [pid 5257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5257] write(3, "1000", 4) = 4 [pid 5257] close(3) = 0 [pid 5257] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5257] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5257] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5257] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5257] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5258], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5258 ./strace-static-x86_64: Process 5258 attached [pid 5257] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5258] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5257] <... futex resumed>) = 0 [pid 5258] memfd_create("syzkaller", 0 [pid 5257] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5258] <... memfd_create resumed>) = 3 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5258] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5258] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5258] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5258] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5258] close(3) = 0 [pid 5258] mkdir("./file0", 0777) = 0 [ 47.763168][ T5258] loop0: detected capacity change from 0 to 65536 [ 47.772343][ T5258] XFS: attr2 mount option is deprecated. [ 47.778119][ T5258] XFS: ikeep mount option is deprecated. [ 47.786544][ T5258] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 47.795032][ T5258] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5258] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5258] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5258] chdir("./file0") = 0 [pid 5258] ioctl(4, LOOP_CLR_FD) = 0 [pid 5258] close(4) = 0 [pid 5258] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5258] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5257] <... futex resumed>) = 0 [pid 5257] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5257] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5258] <... futex resumed>) = 0 [pid 5258] creat("./bus", 000) = 4 [pid 5258] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5257] <... futex resumed>) = 0 [pid 5257] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5257] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5258] <... futex resumed>) = 1 [pid 5258] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5258] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5257] <... futex resumed>) = 0 [pid 5257] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5257] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5258] <... futex resumed>) = 1 [pid 5258] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5258] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5257] <... futex resumed>) = 0 [pid 5257] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5257] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5258] <... futex resumed>) = 1 [pid 5258] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5258] write(6, "15", 2) = 2 [pid 5258] lchown("./bus", 3327, 0) = 0 [pid 5258] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5257] <... futex resumed>) = 0 [pid 5257] exit_group(0) = ? [pid 5258] <... futex resumed>) = ? [pid 5258] +++ exited with 0 +++ [pid 5257] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5257, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./19/binderfs") = 0 [ 47.822865][ T5258] XFS (loop0): Ending clean mount [ 47.829894][ T5258] XFS (loop0): Quotacheck needed: Please wait. [ 47.845219][ T5258] XFS (loop0): Quotacheck: Done. [ 47.850418][ T5258] xfs filesystem being mounted at /root/syzkaller.Gu7569/19/file0 supports timestamps until 2038 (0x7fffffff) [ 47.899330][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./19/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./19") = 0 mkdir("./20", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5267 ./strace-static-x86_64: Process 5267 attached [pid 5267] set_robust_list(0x5555566485e0, 24) = 0 [pid 5267] chdir("./20") = 0 [pid 5267] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5267] setpgid(0, 0) = 0 [pid 5267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5267] write(3, "1000", 4) = 4 [pid 5267] close(3) = 0 [pid 5267] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5267] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5267] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5267] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5267] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5268], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5268 [pid 5267] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5267] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5268 attached [pid 5268] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5268] memfd_create("syzkaller", 0) = 3 [pid 5268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5268] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5268] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5268] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5268] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5268] close(3) = 0 [pid 5268] mkdir("./file0", 0777) = 0 [ 48.201993][ T5268] loop0: detected capacity change from 0 to 65536 [ 48.211535][ T5268] XFS: attr2 mount option is deprecated. [ 48.217185][ T5268] XFS: ikeep mount option is deprecated. [ 48.225494][ T5268] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 48.234097][ T5268] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5268] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5268] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5268] chdir("./file0") = 0 [pid 5268] ioctl(4, LOOP_CLR_FD) = 0 [pid 5268] close(4) = 0 [pid 5268] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5267] <... futex resumed>) = 0 [pid 5268] creat("./bus", 000 [pid 5267] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5267] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5268] <... creat resumed>) = 4 [pid 5268] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5267] <... futex resumed>) = 0 [pid 5268] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE [pid 5267] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5268] <... socket resumed>) = 5 [pid 5267] <... futex resumed>) = 0 [pid 5268] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5267] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5268] <... futex resumed>) = 0 [pid 5267] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5268] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5267] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5268] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5267] <... futex resumed>) = 0 [pid 5268] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5267] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5268] <... futex resumed>) = 0 [pid 5267] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5268] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5267] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5268] <... openat resumed>) = 6 [pid 5267] <... futex resumed>) = 0 [pid 5268] write(6, "15", 2 [pid 5267] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5268] <... write resumed>) = 2 [pid 5268] lchown("./bus", 3327, 0) = 0 [pid 5268] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5267] <... futex resumed>) = 0 [pid 5268] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5267] exit_group(0) = ? [pid 5268] <... futex resumed>) = ? [pid 5268] +++ exited with 0 +++ [pid 5267] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5267, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=24 /* 0.24 s */} --- umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./20/binderfs") = 0 [ 48.259138][ T5268] XFS (loop0): Ending clean mount [ 48.265332][ T5268] XFS (loop0): Quotacheck needed: Please wait. [ 48.280200][ T5268] XFS (loop0): Quotacheck: Done. [ 48.285348][ T5268] xfs filesystem being mounted at /root/syzkaller.Gu7569/20/file0 supports timestamps until 2038 (0x7fffffff) [ 48.322041][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./20/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./20") = 0 mkdir("./21", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5277 ./strace-static-x86_64: Process 5277 attached [pid 5277] set_robust_list(0x5555566485e0, 24) = 0 [pid 5277] chdir("./21") = 0 [pid 5277] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5277] setpgid(0, 0) = 0 [pid 5277] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5277] write(3, "1000", 4) = 4 [pid 5277] close(3) = 0 [pid 5277] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5277] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5277] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5277] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5277] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5278], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5278 [pid 5277] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5277] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5278 attached [pid 5278] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5278] memfd_create("syzkaller", 0) = 3 [pid 5278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5278] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5278] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5278] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5278] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5278] close(3) = 0 [pid 5278] mkdir("./file0", 0777) = 0 [ 48.613889][ T5278] loop0: detected capacity change from 0 to 65536 [ 48.622511][ T5278] XFS: attr2 mount option is deprecated. [ 48.628168][ T5278] XFS: ikeep mount option is deprecated. [ 48.636687][ T5278] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 48.645174][ T5278] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5278] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5278] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5278] chdir("./file0") = 0 [pid 5278] ioctl(4, LOOP_CLR_FD) = 0 [pid 5278] close(4) = 0 [pid 5278] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5278] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5277] <... futex resumed>) = 0 [pid 5277] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5278] <... futex resumed>) = 0 [pid 5277] <... futex resumed>) = 1 [pid 5278] creat("./bus", 000 [pid 5277] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5278] <... creat resumed>) = 4 [pid 5278] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5277] <... futex resumed>) = 0 [pid 5278] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5277] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5278] <... futex resumed>) = 0 [pid 5277] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5278] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5278] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5277] <... futex resumed>) = 0 [pid 5278] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5277] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5278] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5277] <... futex resumed>) = 0 [pid 5278] getsockopt(5, SOL_SOCKET, SO_PEERCRED, [pid 5277] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5278] <... getsockopt resumed>{pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5278] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5277] <... futex resumed>) = 0 [pid 5278] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5277] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5278] <... openat resumed>) = 6 [pid 5277] <... futex resumed>) = 0 [pid 5278] write(6, "15", 2 [pid 5277] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5278] <... write resumed>) = 2 [pid 5278] lchown("./bus", 3327, 0) = 0 [pid 5278] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5277] <... futex resumed>) = 0 [pid 5278] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5277] exit_group(0 [pid 5278] <... futex resumed>) = ? [pid 5277] <... exit_group resumed>) = ? [pid 5278] +++ exited with 0 +++ [pid 5277] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5277, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=25 /* 0.25 s */} --- umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./21/binderfs") = 0 [ 48.670377][ T5278] XFS (loop0): Ending clean mount [ 48.676624][ T5278] XFS (loop0): Quotacheck needed: Please wait. [ 48.691809][ T5278] XFS (loop0): Quotacheck: Done. [ 48.696958][ T5278] xfs filesystem being mounted at /root/syzkaller.Gu7569/21/file0 supports timestamps until 2038 (0x7fffffff) [ 48.737083][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./21/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./21") = 0 mkdir("./22", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5287 ./strace-static-x86_64: Process 5287 attached [pid 5287] set_robust_list(0x5555566485e0, 24) = 0 [pid 5287] chdir("./22") = 0 [pid 5287] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5287] setpgid(0, 0) = 0 [pid 5287] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5287] write(3, "1000", 4) = 4 [pid 5287] close(3) = 0 [pid 5287] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5287] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5287] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5287] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5287] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5288 attached , parent_tid=[5288], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5288 [pid 5288] set_robust_list(0x7f5a2fc3b9e0, 24 [pid 5287] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5288] <... set_robust_list resumed>) = 0 [pid 5287] <... futex resumed>) = 0 [pid 5287] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5288] memfd_create("syzkaller", 0) = 3 [pid 5288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5288] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5288] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5288] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5288] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5288] close(3) = 0 [pid 5288] mkdir("./file0", 0777) = 0 [ 49.035671][ T5288] loop0: detected capacity change from 0 to 65536 [ 49.045069][ T5288] XFS: attr2 mount option is deprecated. [ 49.050874][ T5288] XFS: ikeep mount option is deprecated. [ 49.059283][ T5288] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 49.067577][ T5288] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5288] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5288] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5288] chdir("./file0") = 0 [pid 5288] ioctl(4, LOOP_CLR_FD) = 0 [pid 5288] close(4) = 0 [pid 5288] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5287] <... futex resumed>) = 0 [pid 5287] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5287] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5288] <... futex resumed>) = 1 [pid 5288] creat("./bus", 000) = 4 [pid 5288] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5287] <... futex resumed>) = 0 [pid 5287] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5287] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5288] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5288] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5287] <... futex resumed>) = 0 [pid 5287] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5287] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5288] <... futex resumed>) = 1 [pid 5288] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5288] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5287] <... futex resumed>) = 0 [pid 5287] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5287] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5288] <... futex resumed>) = 1 [pid 5288] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5288] write(6, "15", 2) = 2 [pid 5288] lchown("./bus", 3327, 0) = 0 [pid 5288] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5287] <... futex resumed>) = 0 [pid 5288] <... futex resumed>) = 1 [pid 5287] exit_group(0) = ? [pid 5288] +++ exited with 0 +++ [pid 5287] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5287, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./22/binderfs") = 0 [ 49.092966][ T5288] XFS (loop0): Ending clean mount [ 49.098970][ T5288] XFS (loop0): Quotacheck needed: Please wait. [ 49.113551][ T5288] XFS (loop0): Quotacheck: Done. [ 49.118655][ T5288] xfs filesystem being mounted at /root/syzkaller.Gu7569/22/file0 supports timestamps until 2038 (0x7fffffff) [ 49.160732][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./22/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./22") = 0 mkdir("./23", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5297 ./strace-static-x86_64: Process 5297 attached [pid 5297] set_robust_list(0x5555566485e0, 24) = 0 [pid 5297] chdir("./23") = 0 [pid 5297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5297] setpgid(0, 0) = 0 [pid 5297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5297] write(3, "1000", 4) = 4 [pid 5297] close(3) = 0 [pid 5297] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5297] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5297] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5297] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5297] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5298 attached [pid 5298] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5298] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5297] <... clone resumed>, parent_tid=[5298], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5298 [pid 5297] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5298] <... futex resumed>) = 0 [pid 5297] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5298] memfd_create("syzkaller", 0) = 3 [pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5298] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5298] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5298] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5298] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5298] close(3) = 0 [pid 5298] mkdir("./file0", 0777) = 0 [ 49.450895][ T5298] loop0: detected capacity change from 0 to 65536 [ 49.458961][ T5298] XFS: attr2 mount option is deprecated. [ 49.464664][ T5298] XFS: ikeep mount option is deprecated. [ 49.472876][ T5298] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 49.481118][ T5298] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5298] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5298] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5298] chdir("./file0") = 0 [pid 5298] ioctl(4, LOOP_CLR_FD) = 0 [pid 5298] close(4) = 0 [pid 5298] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5297] <... futex resumed>) = 0 [pid 5297] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5297] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5298] <... futex resumed>) = 1 [pid 5298] creat("./bus", 000) = 4 [pid 5298] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5297] <... futex resumed>) = 0 [pid 5297] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5297] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5298] <... futex resumed>) = 1 [pid 5298] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5298] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5297] <... futex resumed>) = 0 [pid 5297] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5297] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5298] <... futex resumed>) = 1 [pid 5298] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5298] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5297] <... futex resumed>) = 0 [pid 5297] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5297] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5298] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5298] write(6, "15", 2) = 2 [pid 5298] lchown("./bus", 3327, 0) = 0 [pid 5298] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5297] <... futex resumed>) = 0 [pid 5297] exit_group(0) = ? [pid 5298] +++ exited with 0 +++ [pid 5297] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5297, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=21 /* 0.21 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./23/binderfs") = 0 [ 49.506128][ T5298] XFS (loop0): Ending clean mount [ 49.512291][ T5298] XFS (loop0): Quotacheck needed: Please wait. [ 49.527699][ T5298] XFS (loop0): Quotacheck: Done. [ 49.532784][ T5298] xfs filesystem being mounted at /root/syzkaller.Gu7569/23/file0 supports timestamps until 2038 (0x7fffffff) [ 49.580877][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./23/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./23") = 0 mkdir("./24", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566485d0) = 5307 ./strace-static-x86_64: Process 5307 attached [pid 5307] set_robust_list(0x5555566485e0, 24) = 0 [pid 5307] chdir("./24") = 0 [pid 5307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5307] setpgid(0, 0) = 0 [pid 5307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5307] write(3, "1000", 4) = 4 [pid 5307] close(3) = 0 [pid 5307] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5307] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5307] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5307] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5307] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5308 attached , parent_tid=[5308], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5308 [pid 5308] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5308] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5307] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5308] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5307] <... futex resumed>) = 0 [pid 5307] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5308] memfd_create("syzkaller", 0) = 3 [pid 5308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5308] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5308] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5308] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5308] close(3) = 0 [pid 5308] mkdir("./file0", 0777) = 0 [ 49.889473][ T5308] loop0: detected capacity change from 0 to 65536 [ 49.898231][ T5308] XFS: attr2 mount option is deprecated. [ 49.904032][ T5308] XFS: ikeep mount option is deprecated. [ 49.912554][ T5308] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 49.920905][ T5308] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5308] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5308] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5308] chdir("./file0") = 0 [pid 5308] ioctl(4, LOOP_CLR_FD) = 0 [pid 5308] close(4) = 0 [pid 5308] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5307] <... futex resumed>) = 0 [pid 5307] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5307] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5308] <... futex resumed>) = 1 [pid 5308] creat("./bus", 000) = 4 [pid 5308] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5307] <... futex resumed>) = 0 [pid 5307] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5307] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5308] <... futex resumed>) = 1 [pid 5308] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5308] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5307] <... futex resumed>) = 0 [pid 5307] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5307] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5308] <... futex resumed>) = 1 [pid 5308] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5308] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5307] <... futex resumed>) = 0 [pid 5308] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5307] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5308] <... openat resumed>) = 6 [pid 5307] <... futex resumed>) = 0 [pid 5308] write(6, "15", 2 [pid 5307] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5308] <... write resumed>) = 2 [pid 5308] lchown("./bus", 3327, 0) = 0 [pid 5308] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5307] <... futex resumed>) = 0 [pid 5307] exit_group(0) = ? [pid 5308] +++ exited with 0 +++ [pid 5307] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5307, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=20 /* 0.20 s */} --- umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556649620 /* 4 entries */, 32768) = 112 umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./24/binderfs") = 0 [ 49.945753][ T5308] XFS (loop0): Ending clean mount [ 49.952231][ T5308] XFS (loop0): Quotacheck needed: Please wait. [ 49.968526][ T5308] XFS (loop0): Quotacheck: Done. [ 49.973732][ T5308] xfs filesystem being mounted at /root/syzkaller.Gu7569/24/file0 supports timestamps until 2038 (0x7fffffff) [ 50.018272][ T5065] XFS (loop0): Unmounting Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556651660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556651660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./24/file0") = 0 getdents64(3, 0x555556649620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./24") = 0 mkdir("./25", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5317 attached [pid 5317] set_robust_list(0x5555566485e0, 24) = 0 [pid 5317] chdir("./25") = 0 [pid 5317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5317] setpgid(0, 0) = 0 [pid 5065] <... clone resumed>, child_tidptr=0x5555566485d0) = 5317 [pid 5317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5317] write(3, "1000", 4) = 4 [pid 5317] close(3) = 0 [pid 5317] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5317] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5317] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5a2fc1b000 [pid 5317] mprotect(0x7f5a2fc1c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5317] clone(child_stack=0x7f5a2fc3b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5318 attached , parent_tid=[5318], tls=0x7f5a2fc3b700, child_tidptr=0x7f5a2fc3b9d0) = 5318 [pid 5318] set_robust_list(0x7f5a2fc3b9e0, 24) = 0 [pid 5318] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5317] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5318] <... futex resumed>) = 0 [pid 5317] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5318] memfd_create("syzkaller", 0) = 3 [pid 5318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5a2781b000 [pid 5318] write(3, "\x58\x46\x53\x42\x00\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5e\x62\x73\xb8\x21\x67\x42\xbb\x91\x1b\x41\x8a\xa1\x4a\x12\x61\x00\x00\x00\x00\x00\x00\x80\x40\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x22\x00\x00\x00\x08\x00\x00\x80\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x0b\x40"..., 33554432) = 33554432 [pid 5318] munmap(0x7f5a2781b000, 33554432) = 0 [pid 5318] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5318] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5318] close(3) = 0 [pid 5318] mkdir("./file0", 0777) = 0 [ 50.304830][ T5318] loop0: detected capacity change from 0 to 65536 [ 50.313473][ T5318] XFS: attr2 mount option is deprecated. [ 50.319231][ T5318] XFS: ikeep mount option is deprecated. [ 50.327443][ T5318] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 50.335913][ T5318] XFS (loop0): Mounting V4 Filesystem 5e6273b8-2167-42bb-911b-418aa14a1261 [pid 5318] mount("/dev/loop0", "./file0", "xfs", 0, "pqnoenforce,attr2,ikeep,wsync,uquota,dax,,nouuid") = 0 [pid 5318] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5318] chdir("./file0") = 0 [pid 5318] ioctl(4, LOOP_CLR_FD) = 0 [pid 5318] close(4) = 0 [pid 5318] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5318] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5317] <... futex resumed>) = 0 [pid 5317] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5318] <... futex resumed>) = 0 [pid 5317] <... futex resumed>) = 1 [pid 5318] creat("./bus", 000 [pid 5317] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5318] <... creat resumed>) = 4 [pid 5318] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5317] <... futex resumed>) = 0 [pid 5318] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5317] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5318] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5317] <... futex resumed>) = 0 [pid 5317] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5318] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5318] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5317] <... futex resumed>) = 0 [pid 5318] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5317] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5318] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5317] <... futex resumed>) = 0 [pid 5317] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5318] getsockopt(5, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=3327, gid=4294967040}, [12]) = 0 [pid 5318] futex(0x7f5a2fd207ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5317] <... futex resumed>) = 0 [pid 5318] futex(0x7f5a2fd207a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5317] futex(0x7f5a2fd207a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5318] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5317] futex(0x7f5a2fd207ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5318] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5318] write(6, "15", 2) = 2 [ 50.360769][ T5318] XFS (loop0): Ending clean mount [ 50.366785][ T5318] XFS (loop0): Quotacheck needed: Please wait. [ 50.381844][ T5318] XFS (loop0): Quotacheck: Done. [ 50.386945][ T5318] xfs filesystem being mounted at /root/syzkaller.Gu7569/25/file0 supports timestamps until 2038 (0x7fffffff) [ 50.427675][ T5318] FAULT_INJECTION: forcing a failure. [ 50.427675][ T5318] name failslab, interval 1, probability 0, space 0, times 0 [ 50.440766][ T5318] CPU: 0 PID: 5318 Comm: syz-executor204 Not tainted 6.2.0-rc7-syzkaller-00199-g420b2d431d18 #0 [ 50.451207][ T5318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 50.461351][ T5318] Call Trace: [ 50.464638][ T5318] [ 50.467560][ T5318] dump_stack_lvl+0xd1/0x138 [ 50.472186][ T5318] should_fail_ex.cold+0x5/0xa [ 50.476947][ T5318] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 50.483359][ T5318] should_failslab+0x9/0x20 [ 50.487853][ T5318] kmem_cache_alloc+0x5a/0x430 [ 50.492617][ T5318] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 50.498855][ T5318] radix_tree_insert+0x23f/0x640 [ 50.503790][ T5318] xfs_qm_dqget_cache_insert.constprop.0+0x38/0x410 [ 50.510462][ T5318] xfs_qm_dqget+0x16e/0x7a0 [ 50.514957][ T5318] ? xfs_dquot_to_disk+0x750/0x750 [ 50.520058][ T5318] ? map_id_up+0x2f0/0x2f0 [ 50.524462][ T5318] ? rcu_read_lock_sched_held+0x3e/0x70 [ 50.530027][ T5318] xfs_qm_vop_dqalloc+0x473/0xfc0 [ 50.535038][ T5318] ? xfs_qm_mount_quotas+0x690/0x690 [ 50.540307][ T5318] ? xfs_attr_get+0x3ba/0x510 [ 50.544970][ T5318] ? rcu_read_lock_sched_held+0x3e/0x70 [ 50.550512][ T5318] ? from_kuid_munged+0x130/0x130 [ 50.555537][ T5318] xfs_setattr_nonsize+0xc3d/0xed0 [ 50.560638][ T5318] ? xfs_initxattrs+0x1f0/0x1f0 [ 50.565477][ T5318] ? setattr_prepare+0x13c/0xc30 [ 50.570428][ T5318] ? xfs_vn_change_ok+0xc0/0x160 [ 50.575361][ T5318] xfs_vn_setattr+0x358/0x8d0 [ 50.580028][ T5318] ? xfs_setattr_size+0xd70/0xd70 [ 50.585046][ T5318] ? xfs_setattr_size+0xd70/0xd70 [ 50.590080][ T5318] notify_change+0xca7/0x1420 [ 50.595196][ T5318] ? chown_common+0x60a/0x6f0 [ 50.599862][ T5318] chown_common+0x60a/0x6f0 [ 50.604385][ T5318] ? __ia32_sys_chmod+0x80/0x80 [ 50.609243][ T5318] ? lock_release+0x810/0x810 [ 50.614008][ T5318] ? __mnt_want_write+0x1fe/0x2e0 [ 50.619044][ T5318] do_fchownat+0x12a/0x1e0 [ 50.623459][ T5318] ? chown_common+0x6f0/0x6f0 [ 50.628236][ T5318] ? _raw_spin_unlock_irq+0x23/0x50 [ 50.633416][ T5318] ? lockdep_hardirqs_on+0x7d/0x100 [ 50.638599][ T5318] ? _raw_spin_unlock_irq+0x2e/0x50 [ 50.643794][ T5318] __x64_sys_lchown+0x7e/0xc0 [ 50.648462][ T5318] do_syscall_64+0x39/0xb0 [ 50.652875][ T5318] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.658762][ T5318] RIP: 0033:0x7f5a2fc8f6a9 [ 50.663183][ T5318] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 50.682957][ T5318] RSP: 002b:00007f5a2fc3b2e8 EFLAGS: 00000246 ORIG_RAX: 000000000000005e [ 50.691359][ T5318] RAX: ffffffffffffffda RBX: 00007f5a2fd207a0 RCX: 00007f5a2fc8f6a9 [ 50.699316][ T5318] RDX: 0000000000000000 RSI: 0000000000000cff RDI: 0000000020000340 [ 50.707271][ T5318] RBP: 00007f5a2fcecbb0 R08: 0000000000000002 R09: 0000000000003531 [ 50.715223][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5a2fc3b2f0 [pid 5318] lchown("./bus", 3327, 0 [pid 5317] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 50.723190][ T5318] R13: 00007f5a2fd207a8 R14: 0030656c69662f2e R15: 0000000000000002 [ 50.731171][ T5318] [ 50.735932][ T5318] ------------[ cut here ]------------ [ 50.741876][ T5318] WARNING: CPU: 0 PID: 5318 at fs/xfs/xfs_dquot.c:801 xfs_qm_dqget_cache_insert.constprop.0+0x36a/0x410 [ 50.753263][ T5318] Modules linked in: [ 50.757368][ T5318] CPU: 1 PID: 5318 Comm: syz-executor204 Not tainted 6.2.0-rc7-syzkaller-00199-g420b2d431d18 #0 [ 50.768236][ T5318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 50.778335][ T5318] RIP: 0010:xfs_qm_dqget_cache_insert.constprop.0+0x36a/0x410 [ 50.785848][ T5318] Code: e9 c4 fd ff ff e8 e6 95 69 fe 0f 0b e9 1c ff ff ff e8 0a a8 b7 fe e9 59 fd ff ff e8 a0 a8 b7 fe e9 20 fd ff ff e8 c6 95 69 fe <0f> 0b e9 7f fd ff ff e8 ba 95 69 fe e8 45 2b f1 06 31 ff 89 c3 89 [ 50.805513][ T5318] RSP: 0018:ffffc90004b5f898 EFLAGS: 00010293 [ 50.811622][ T5318] RAX: 0000000000000000 RBX: ffff88807cc83000 RCX: 0000000000000000 [ 50.819666][ T5318] RDX: ffff888026408000 RSI: ffffffff8317624a RDI: 0000000000000005 [ 50.827642][ T5318] RBP: ffff88802872c9c0 R08: 0000000000000005 R09: 00000000ffffffef [ 50.835637][ T5318] R10: 00000000fffffff4 R11: 0000000000000000 R12: 00000000fffffff4 [ 50.843663][ T5318] R13: ffff88807cc830f0 R14: ffff88807cc83000 R15: 0000000000000000 [ 50.851660][ T5318] FS: 00007f5a2fc3b700(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 50.860655][ T5318] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.867252][ T5318] CR2: 0000000020caaffb CR3: 000000001f799000 CR4: 0000000000350ee0 [ 50.875303][ T5318] Call Trace: [pid 5317] exit_group(0) = ? [ 50.878596][ T5318] [ 50.881598][ T5318] xfs_qm_dqget+0x16e/0x7a0 [ 50.886143][ T5318] ? xfs_dquot_to_disk+0x750/0x750 [ 50.891426][ T5318] ? map_id_up+0x2f0/0x2f0 [ 50.896016][ T5318] ? rcu_read_lock_sched_held+0x3e/0x70 [ 50.901633][ T5318] xfs_qm_vop_dqalloc+0x473/0xfc0 [ 50.906666][ T5318] ? xfs_qm_mount_quotas+0x690/0x690 [ 50.912010][ T5318] ? xfs_attr_get+0x3ba/0x510 [ 50.916977][ T5318] ? rcu_read_lock_sched_held+0x3e/0x70 [ 50.922604][ T5318] ? from_kuid_munged+0x130/0x130 [ 50.927665][ T5318] xfs_setattr_nonsize+0xc3d/0xed0 [ 50.932839][ T5318] ? xfs_initxattrs+0x1f0/0x1f0 [ 50.937702][ T5318] ? setattr_prepare+0x13c/0xc30 [ 50.942699][ T5318] ? xfs_vn_change_ok+0xc0/0x160 [ 50.947682][ T5318] xfs_vn_setattr+0x358/0x8d0 [ 50.952419][ T5318] ? xfs_setattr_size+0xd70/0xd70 [ 50.957473][ T5318] ? xfs_setattr_size+0xd70/0xd70 [ 50.962559][ T5318] notify_change+0xca7/0x1420 [ 50.967263][ T5318] ? chown_common+0x60a/0x6f0 [ 50.972077][ T5318] chown_common+0x60a/0x6f0 [ 50.976608][ T5318] ? __ia32_sys_chmod+0x80/0x80 [ 50.981530][ T5318] ? lock_release+0x810/0x810 [ 50.986237][ T5318] ? __mnt_want_write+0x1fe/0x2e0 [ 50.991327][ T5318] do_fchownat+0x12a/0x1e0 [ 50.995800][ T5318] ? chown_common+0x6f0/0x6f0 [ 51.000607][ T5318] ? _raw_spin_unlock_irq+0x23/0x50 [ 51.005821][ T5318] ? lockdep_hardirqs_on+0x7d/0x100 [ 51.011061][ T5318] ? _raw_spin_unlock_irq+0x2e/0x50 [ 51.016277][ T5318] __x64_sys_lchown+0x7e/0xc0 [ 51.021024][ T5318] do_syscall_64+0x39/0xb0 [ 51.025450][ T5318] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.031530][ T5318] RIP: 0033:0x7f5a2fc8f6a9 [ 51.035965][ T5318] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 51.055733][ T5318] RSP: 002b:00007f5a2fc3b2e8 EFLAGS: 00000246 ORIG_RAX: 000000000000005e [ 51.064181][ T5318] RAX: ffffffffffffffda RBX: 00007f5a2fd207a0 RCX: 00007f5a2fc8f6a9 [ 51.072291][ T5318] RDX: 0000000000000000 RSI: 0000000000000cff RDI: 0000000020000340 [ 51.080285][ T5318] RBP: 00007f5a2fcecbb0 R08: 0000000000000002 R09: 0000000000003531 [ 51.088264][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5a2fc3b2f0 [ 51.096438][ T5318] R13: 00007f5a2fd207a8 R14: 0030656c69662f2e R15: 0000000000000002 [ 51.104495][ T5318] [ 51.107525][ T5318] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 51.114786][ T5318] CPU: 1 PID: 5318 Comm: syz-executor204 Not tainted 6.2.0-rc7-syzkaller-00199-g420b2d431d18 #0 [ 51.125183][ T5318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 51.135249][ T5318] Call Trace: [ 51.138531][ T5318] [ 51.141513][ T5318] dump_stack_lvl+0xd1/0x138 [ 51.146102][ T5318] panic+0x2cc/0x626 [ 51.149999][ T5318] ? panic_print_sys_info.part.0+0x110/0x110 [ 51.156000][ T5318] ? xfs_qm_dqget_cache_insert.constprop.0+0x36a/0x410 [ 51.162847][ T5318] check_panic_on_warn.cold+0x19/0x35 [ 51.168212][ T5318] __warn+0xf2/0x1a0 [ 51.172730][ T5318] ? xfs_qm_dqget_cache_insert.constprop.0+0x36a/0x410 [ 51.179706][ T5318] report_bug+0x1c0/0x210 [ 51.184046][ T5318] handle_bug+0x3c/0x70 [ 51.188396][ T5318] exc_invalid_op+0x18/0x50 [ 51.192892][ T5318] asm_exc_invalid_op+0x1a/0x20 [ 51.197737][ T5318] RIP: 0010:xfs_qm_dqget_cache_insert.constprop.0+0x36a/0x410 [ 51.205234][ T5318] Code: e9 c4 fd ff ff e8 e6 95 69 fe 0f 0b e9 1c ff ff ff e8 0a a8 b7 fe e9 59 fd ff ff e8 a0 a8 b7 fe e9 20 fd ff ff e8 c6 95 69 fe <0f> 0b e9 7f fd ff ff e8 ba 95 69 fe e8 45 2b f1 06 31 ff 89 c3 89 [ 51.224849][ T5318] RSP: 0018:ffffc90004b5f898 EFLAGS: 00010293 [ 51.230916][ T5318] RAX: 0000000000000000 RBX: ffff88807cc83000 RCX: 0000000000000000 [ 51.238988][ T5318] RDX: ffff888026408000 RSI: ffffffff8317624a RDI: 0000000000000005 [ 51.246966][ T5318] RBP: ffff88802872c9c0 R08: 0000000000000005 R09: 00000000ffffffef [ 51.255024][ T5318] R10: 00000000fffffff4 R11: 0000000000000000 R12: 00000000fffffff4 [ 51.263024][ T5318] R13: ffff88807cc830f0 R14: ffff88807cc83000 R15: 0000000000000000 [ 51.270997][ T5318] ? xfs_qm_dqget_cache_insert.constprop.0+0x36a/0x410 [ 51.277942][ T5318] ? xfs_qm_dqget_cache_insert.constprop.0+0x36a/0x410 [ 51.284795][ T5318] xfs_qm_dqget+0x16e/0x7a0 [ 51.289304][ T5318] ? xfs_dquot_to_disk+0x750/0x750 [ 51.294592][ T5318] ? map_id_up+0x2f0/0x2f0 [ 51.299033][ T5318] ? rcu_read_lock_sched_held+0x3e/0x70 [ 51.304586][ T5318] xfs_qm_vop_dqalloc+0x473/0xfc0 [ 51.309632][ T5318] ? xfs_qm_mount_quotas+0x690/0x690 [ 51.314909][ T5318] ? xfs_attr_get+0x3ba/0x510 [ 51.319590][ T5318] ? rcu_read_lock_sched_held+0x3e/0x70 [ 51.325165][ T5318] ? from_kuid_munged+0x130/0x130 [ 51.330193][ T5318] xfs_setattr_nonsize+0xc3d/0xed0 [ 51.335392][ T5318] ? xfs_initxattrs+0x1f0/0x1f0 [ 51.340234][ T5318] ? setattr_prepare+0x13c/0xc30 [ 51.345205][ T5318] ? xfs_vn_change_ok+0xc0/0x160 [ 51.350149][ T5318] xfs_vn_setattr+0x358/0x8d0 [ 51.354823][ T5318] ? xfs_setattr_size+0xd70/0xd70 [ 51.359843][ T5318] ? xfs_setattr_size+0xd70/0xd70 [ 51.365206][ T5318] notify_change+0xca7/0x1420 [ 51.369891][ T5318] ? chown_common+0x60a/0x6f0 [ 51.374563][ T5318] chown_common+0x60a/0x6f0 [ 51.379066][ T5318] ? __ia32_sys_chmod+0x80/0x80 [ 51.383922][ T5318] ? lock_release+0x810/0x810 [ 51.388637][ T5318] ? __mnt_want_write+0x1fe/0x2e0 [ 51.393675][ T5318] do_fchownat+0x12a/0x1e0 [ 51.398093][ T5318] ? chown_common+0x6f0/0x6f0 [ 51.402793][ T5318] ? _raw_spin_unlock_irq+0x23/0x50 [ 51.407984][ T5318] ? lockdep_hardirqs_on+0x7d/0x100 [ 51.413217][ T5318] ? _raw_spin_unlock_irq+0x2e/0x50 [ 51.418407][ T5318] __x64_sys_lchown+0x7e/0xc0 [ 51.423086][ T5318] do_syscall_64+0x39/0xb0 [ 51.427511][ T5318] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.433493][ T5318] RIP: 0033:0x7f5a2fc8f6a9 [ 51.437901][ T5318] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 51.457614][ T5318] RSP: 002b:00007f5a2fc3b2e8 EFLAGS: 00000246 ORIG_RAX: 000000000000005e [ 51.466031][ T5318] RAX: ffffffffffffffda RBX: 00007f5a2fd207a0 RCX: 00007f5a2fc8f6a9 [ 51.474140][ T5318] RDX: 0000000000000000 RSI: 0000000000000cff RDI: 0000000020000340 [ 51.482120][ T5318] RBP: 00007f5a2fcecbb0 R08: 0000000000000002 R09: 0000000000003531 [ 51.490086][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5a2fc3b2f0 [ 51.498050][ T5318] R13: 00007f5a2fd207a8 R14: 0030656c69662f2e R15: 0000000000000002 [ 51.506070][ T5318] [ 51.509905][ T5318] Kernel Offset: disabled [ 51.514299][ T5318] Rebooting in 86400 seconds..