./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3855380063 <...> [ 28.592098][ T4655] dhcpcd-run-hook (4655) used greatest stack depth: 16320 bytes left forked to background, child pid 4651 [ 30.450611][ T4652] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.460533][ T4652] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.205' (ECDSA) to the list of known hosts. execve("./syz-executor3855380063", ["./syz-executor3855380063"], 0x7ffc1ad3f700 /* 10 vars */) = 0 brk(NULL) = 0x55555738c000 brk(0x55555738cc40) = 0x55555738cc40 arch_prctl(ARCH_SET_FS, 0x55555738c300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3855380063", 4096) = 28 brk(0x5555573adc40) = 0x5555573adc40 brk(0x5555573ae000) = 0x5555573ae000 mprotect(0x7f53cf305000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3 socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4 sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=704, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=5073}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1c\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x26\x00\x00\x00\x48\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 704 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5073}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 access("/proc/net", R_OK) = 0 access("/proc/net/unix", R_OK) = 0 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0 close(5) = 0 sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5073}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0 close(5) = 0 sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5073}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5073}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0 close(5) = 0 sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5073}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0 close(5) = 0 sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5073}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 close(3) = 0 close(4) = 0 getpid() = 5073 mkdir("./syzkaller.UBILlN", 0700) = 0 chmod("./syzkaller.UBILlN", 0777) = 0 chdir("./syzkaller.UBILlN") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5076 ./strace-static-x86_64: Process 5076 attached [pid 5076] chdir("./0") = 0 [pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5076] setpgid(0, 0) = 0 [pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5076] write(3, "1000", 4) = 4 [pid 5076] close(3) = 0 [pid 5076] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] memfd_create("syzkaller", 0) = 3 [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5076] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5076] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5076] close(3) = 0 [pid 5076] mkdir("./file1", 0777) = 0 syzkaller login: [ 65.363605][ T5076] loop0: detected capacity change from 0 to 8192 [ 65.374683][ T5076] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 65.388209][ T5076] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 65.397773][ T5076] REISERFS (device loop0): using ordered data mode [ 65.404281][ T5076] reiserfs: using flush barriers [ 65.410453][ T5076] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 65.426978][ T5076] REISERFS (device loop0): checking transaction log (loop0) [pid 5076] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5076] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5076] chdir("./file1") = 0 [pid 5076] ioctl(4, LOOP_CLR_FD) = 0 [pid 5076] close(4) = 0 [pid 5076] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5076] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5076] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5076] exit_group(0) = ? [pid 5076] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./0/binderfs") = 0 [ 65.477305][ T5076] REISERFS (device loop0): Using r5 hash to sort names [ 65.484910][ T5076] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5078 ./strace-static-x86_64: Process 5078 attached [pid 5078] chdir("./1") = 0 [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] setpgid(0, 0) = 0 [pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "1000", 4) = 4 [pid 5078] close(3) = 0 [pid 5078] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] memfd_create("syzkaller", 0) = 3 [pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5078] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5078] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5078] close(3) = 0 [pid 5078] mkdir("./file1", 0777) = 0 [ 65.633881][ T5078] loop0: detected capacity change from 0 to 8192 [ 65.643716][ T5078] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 65.657126][ T5078] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 65.666323][ T5078] REISERFS (device loop0): using ordered data mode [ 65.672854][ T5078] reiserfs: using flush barriers [ 65.678617][ T5078] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 65.695043][ T5078] REISERFS (device loop0): checking transaction log (loop0) [pid 5078] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5078] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5078] chdir("./file1") = 0 [pid 5078] ioctl(4, LOOP_CLR_FD) = 0 [pid 5078] close(4) = 0 [pid 5078] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5078] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5078] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5078] exit_group(0) = ? [pid 5078] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1/binderfs") = 0 [ 65.744743][ T5078] REISERFS (device loop0): Using r5 hash to sort names [ 65.752333][ T5078] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5080 attached [pid 5080] chdir("./2") = 0 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5080] setpgid(0, 0) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555738c5d0) = 5080 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] write(3, "1000", 4) = 4 [pid 5080] close(3) = 0 [pid 5080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] memfd_create("syzkaller", 0) = 3 [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5080] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5080] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5080] close(3) = 0 [pid 5080] mkdir("./file1", 0777) = 0 [ 65.896423][ T5080] loop0: detected capacity change from 0 to 8192 [ 65.907459][ T5080] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 65.920429][ T5080] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 65.929663][ T5080] REISERFS (device loop0): using ordered data mode [ 65.936164][ T5080] reiserfs: using flush barriers [ 65.942168][ T5080] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 65.958537][ T5080] REISERFS (device loop0): checking transaction log (loop0) [pid 5080] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5080] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] chdir("./file1") = 0 [pid 5080] ioctl(4, LOOP_CLR_FD) = 0 [pid 5080] close(4) = 0 [pid 5080] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5080] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5080] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5080] exit_group(0) = ? [pid 5080] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./2/binderfs") = 0 [ 66.005659][ T5080] REISERFS (device loop0): Using r5 hash to sort names [ 66.012796][ T5080] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./2/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./2") = 0 mkdir("./3", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5082 ./strace-static-x86_64: Process 5082 attached [pid 5082] chdir("./3") = 0 [pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5082] setpgid(0, 0) = 0 [pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5082] write(3, "1000", 4) = 4 [pid 5082] close(3) = 0 [pid 5082] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5082] memfd_create("syzkaller", 0) = 3 [pid 5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5082] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5082] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5082] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5082] close(3) = 0 [pid 5082] mkdir("./file1", 0777) = 0 [ 66.158003][ T5082] loop0: detected capacity change from 0 to 8192 [ 66.168794][ T5082] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 66.181835][ T5082] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 66.191100][ T5082] REISERFS (device loop0): using ordered data mode [ 66.197645][ T5082] reiserfs: using flush barriers [ 66.203367][ T5082] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 66.219985][ T5082] REISERFS (device loop0): checking transaction log (loop0) [pid 5082] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5082] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5082] chdir("./file1") = 0 [pid 5082] ioctl(4, LOOP_CLR_FD) = 0 [pid 5082] close(4) = 0 [pid 5082] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5082] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5082] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5082] exit_group(0) = ? [pid 5082] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./3/binderfs") = 0 [ 66.263573][ T5082] REISERFS (device loop0): Using r5 hash to sort names [ 66.270669][ T5082] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./3/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./3") = 0 mkdir("./4", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5084 attached , child_tidptr=0x55555738c5d0) = 5084 [pid 5084] chdir("./4") = 0 [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5084] setpgid(0, 0) = 0 [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5084] write(3, "1000", 4) = 4 [pid 5084] close(3) = 0 [pid 5084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5084] memfd_create("syzkaller", 0) = 3 [pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5084] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5084] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5084] close(3) = 0 [pid 5084] mkdir("./file1", 0777) = 0 [ 66.410846][ T5084] loop0: detected capacity change from 0 to 8192 [ 66.420289][ T5084] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 66.433306][ T5084] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 66.442758][ T5084] REISERFS (device loop0): using ordered data mode [ 66.449383][ T5084] reiserfs: using flush barriers [ 66.455041][ T5084] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 66.471460][ T5084] REISERFS (device loop0): checking transaction log (loop0) [pid 5084] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5084] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5084] chdir("./file1") = 0 [pid 5084] ioctl(4, LOOP_CLR_FD) = 0 [pid 5084] close(4) = 0 [pid 5084] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5084] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5084] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5084] exit_group(0) = ? [pid 5084] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./4/binderfs") = 0 [ 66.516738][ T5084] REISERFS (device loop0): Using r5 hash to sort names [ 66.524108][ T5084] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./4/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./4") = 0 mkdir("./5", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5086 ./strace-static-x86_64: Process 5086 attached [pid 5086] chdir("./5") = 0 [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5086] setpgid(0, 0) = 0 [pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "1000", 4) = 4 [pid 5086] close(3) = 0 [pid 5086] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5086] memfd_create("syzkaller", 0) = 3 [pid 5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5086] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5086] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5086] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5086] close(3) = 0 [pid 5086] mkdir("./file1", 0777) = 0 [ 66.669429][ T5086] loop0: detected capacity change from 0 to 8192 [ 66.680494][ T5086] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 66.693510][ T5086] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 66.702907][ T5086] REISERFS (device loop0): using ordered data mode [ 66.709568][ T5086] reiserfs: using flush barriers [ 66.715476][ T5086] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 66.732172][ T5086] REISERFS (device loop0): checking transaction log (loop0) [pid 5086] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5086] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5086] chdir("./file1") = 0 [pid 5086] ioctl(4, LOOP_CLR_FD) = 0 [pid 5086] close(4) = 0 [pid 5086] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5086] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5086] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5086] exit_group(0) = ? [pid 5086] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./5/binderfs") = 0 [ 66.780185][ T5086] REISERFS (device loop0): Using r5 hash to sort names [ 66.787383][ T5086] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./5/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./5/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./5") = 0 mkdir("./6", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5088 ./strace-static-x86_64: Process 5088 attached [pid 5088] chdir("./6") = 0 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] setpgid(0, 0) = 0 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] write(3, "1000", 4) = 4 [pid 5088] close(3) = 0 [pid 5088] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5088] memfd_create("syzkaller", 0) = 3 [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5088] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5088] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5088] close(3) = 0 [pid 5088] mkdir("./file1", 0777) = 0 [ 66.932112][ T5088] loop0: detected capacity change from 0 to 8192 [ 66.942809][ T5088] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 66.955866][ T5088] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 66.965082][ T5088] REISERFS (device loop0): using ordered data mode [ 66.971610][ T5088] reiserfs: using flush barriers [ 66.977505][ T5088] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 66.993791][ T5088] REISERFS (device loop0): checking transaction log (loop0) [pid 5088] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5088] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5088] chdir("./file1") = 0 [pid 5088] ioctl(4, LOOP_CLR_FD) = 0 [pid 5088] close(4) = 0 [pid 5088] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5088] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5088] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5088] exit_group(0) = ? [pid 5088] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./6/binderfs") = 0 [ 67.040986][ T5088] REISERFS (device loop0): Using r5 hash to sort names [ 67.048242][ T5088] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./6/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./6/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./6") = 0 mkdir("./7", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5090 ./strace-static-x86_64: Process 5090 attached [pid 5090] chdir("./7") = 0 [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] setpgid(0, 0) = 0 [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] write(3, "1000", 4) = 4 [pid 5090] close(3) = 0 [pid 5090] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5090] memfd_create("syzkaller", 0) = 3 [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5090] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5090] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5090] close(3) = 0 [pid 5090] mkdir("./file1", 0777) = 0 [ 67.178856][ T5090] loop0: detected capacity change from 0 to 8192 [ 67.190214][ T5090] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.203233][ T5090] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 67.212644][ T5090] REISERFS (device loop0): using ordered data mode [ 67.219666][ T5090] reiserfs: using flush barriers [ 67.225757][ T5090] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.242291][ T5090] REISERFS (device loop0): checking transaction log (loop0) [pid 5090] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5090] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5090] chdir("./file1") = 0 [pid 5090] ioctl(4, LOOP_CLR_FD) = 0 [pid 5090] close(4) = 0 [pid 5090] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5090] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5090] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5090] exit_group(0) = ? [pid 5090] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./7/binderfs") = 0 [ 67.287688][ T5090] REISERFS (device loop0): Using r5 hash to sort names [ 67.294812][ T5090] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./7/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./7/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./7") = 0 mkdir("./8", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5092 ./strace-static-x86_64: Process 5092 attached [pid 5092] chdir("./8") = 0 [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5092] setpgid(0, 0) = 0 [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5092] write(3, "1000", 4) = 4 [pid 5092] close(3) = 0 [pid 5092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5092] memfd_create("syzkaller", 0) = 3 [pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5092] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5092] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5092] close(3) = 0 [pid 5092] mkdir("./file1", 0777) = 0 [ 67.426403][ T5092] loop0: detected capacity change from 0 to 8192 [ 67.438103][ T5092] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.451129][ T5092] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 67.460340][ T5092] REISERFS (device loop0): using ordered data mode [ 67.466891][ T5092] reiserfs: using flush barriers [ 67.472765][ T5092] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.489206][ T5092] REISERFS (device loop0): checking transaction log (loop0) [pid 5092] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5092] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5092] chdir("./file1") = 0 [pid 5092] ioctl(4, LOOP_CLR_FD) = 0 [pid 5092] close(4) = 0 [pid 5092] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5092] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5092] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5092] exit_group(0) = ? [pid 5092] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./8/binderfs") = 0 [ 67.536392][ T5092] REISERFS (device loop0): Using r5 hash to sort names [ 67.543867][ T5092] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./8/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./8/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./8") = 0 mkdir("./9", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5094 ./strace-static-x86_64: Process 5094 attached [pid 5094] chdir("./9") = 0 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5094] setpgid(0, 0) = 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1000", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5094] memfd_create("syzkaller", 0) = 3 [pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5094] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5094] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5094] close(3) = 0 [pid 5094] mkdir("./file1", 0777) = 0 [ 67.688933][ T5094] loop0: detected capacity change from 0 to 8192 [ 67.698329][ T5094] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.711570][ T5094] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 67.721120][ T5094] REISERFS (device loop0): using ordered data mode [ 67.727839][ T5094] reiserfs: using flush barriers [ 67.733487][ T5094] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.750100][ T5094] REISERFS (device loop0): checking transaction log (loop0) [pid 5094] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5094] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5094] chdir("./file1") = 0 [pid 5094] ioctl(4, LOOP_CLR_FD) = 0 [pid 5094] close(4) = 0 [pid 5094] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5094] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5094] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5094] exit_group(0) = ? [pid 5094] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./9/binderfs") = 0 [ 67.798208][ T5094] REISERFS (device loop0): Using r5 hash to sort names [ 67.805367][ T5094] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./9/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./9/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./9") = 0 mkdir("./10", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5096 ./strace-static-x86_64: Process 5096 attached [pid 5096] chdir("./10") = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5096] setpgid(0, 0) = 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5096] write(3, "1000", 4) = 4 [pid 5096] close(3) = 0 [pid 5096] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5096] memfd_create("syzkaller", 0) = 3 [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5096] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5096] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5096] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5096] close(3) = 0 [pid 5096] mkdir("./file1", 0777) = 0 [ 67.932098][ T5096] loop0: detected capacity change from 0 to 8192 [ 67.942834][ T5096] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.955881][ T5096] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 67.965070][ T5096] REISERFS (device loop0): using ordered data mode [ 67.971632][ T5096] reiserfs: using flush barriers [ 67.977472][ T5096] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.993869][ T5096] REISERFS (device loop0): checking transaction log (loop0) [pid 5096] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5096] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5096] chdir("./file1") = 0 [pid 5096] ioctl(4, LOOP_CLR_FD) = 0 [pid 5096] close(4) = 0 [pid 5096] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5096] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5096] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5096] exit_group(0) = ? [pid 5096] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./10/binderfs") = 0 [ 68.040374][ T5096] REISERFS (device loop0): Using r5 hash to sort names [ 68.047819][ T5096] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./10/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./10/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./10") = 0 mkdir("./11", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5098 ./strace-static-x86_64: Process 5098 attached [pid 5098] chdir("./11") = 0 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5098] setpgid(0, 0) = 0 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5098] write(3, "1000", 4) = 4 [pid 5098] close(3) = 0 [pid 5098] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5098] memfd_create("syzkaller", 0) = 3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5098] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5098] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5098] close(3) = 0 [pid 5098] mkdir("./file1", 0777) = 0 [ 68.202105][ T5098] loop0: detected capacity change from 0 to 8192 [ 68.212665][ T5098] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.225729][ T5098] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 68.234974][ T5098] REISERFS (device loop0): using ordered data mode [ 68.241527][ T5098] reiserfs: using flush barriers [ 68.247512][ T5098] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.263910][ T5098] REISERFS (device loop0): checking transaction log (loop0) [pid 5098] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5098] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5098] chdir("./file1") = 0 [pid 5098] ioctl(4, LOOP_CLR_FD) = 0 [pid 5098] close(4) = 0 [pid 5098] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5098] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5098] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5098] exit_group(0) = ? [pid 5098] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./11/binderfs") = 0 [ 68.310507][ T5098] REISERFS (device loop0): Using r5 hash to sort names [ 68.318049][ T5098] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./11/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./11") = 0 mkdir("./12", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5100 ./strace-static-x86_64: Process 5100 attached [pid 5100] chdir("./12") = 0 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5100] setpgid(0, 0) = 0 [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5100] write(3, "1000", 4) = 4 [pid 5100] close(3) = 0 [pid 5100] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5100] memfd_create("syzkaller", 0) = 3 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5100] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5100] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5100] close(3) = 0 [pid 5100] mkdir("./file1", 0777) = 0 [ 68.465875][ T5100] loop0: detected capacity change from 0 to 8192 [ 68.476985][ T5100] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.489975][ T5100] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 68.499179][ T5100] REISERFS (device loop0): using ordered data mode [ 68.505679][ T5100] reiserfs: using flush barriers [ 68.511588][ T5100] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.527973][ T5100] REISERFS (device loop0): checking transaction log (loop0) [pid 5100] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5100] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5100] chdir("./file1") = 0 [pid 5100] ioctl(4, LOOP_CLR_FD) = 0 [pid 5100] close(4) = 0 [pid 5100] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5100] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5100] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5100] exit_group(0) = ? [pid 5100] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./12/binderfs") = 0 [ 68.577100][ T5100] REISERFS (device loop0): Using r5 hash to sort names [ 68.584225][ T5100] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./12/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./12/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./12") = 0 mkdir("./13", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5102 ./strace-static-x86_64: Process 5102 attached [pid 5102] chdir("./13") = 0 [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5102] setpgid(0, 0) = 0 [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5102] write(3, "1000", 4) = 4 [pid 5102] close(3) = 0 [pid 5102] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5102] memfd_create("syzkaller", 0) = 3 [pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5102] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5102] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5102] close(3) = 0 [pid 5102] mkdir("./file1", 0777) = 0 [ 68.736136][ T5102] loop0: detected capacity change from 0 to 8192 [ 68.746797][ T5102] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.759878][ T5102] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 68.769112][ T5102] REISERFS (device loop0): using ordered data mode [ 68.775620][ T5102] reiserfs: using flush barriers [ 68.781562][ T5102] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.798264][ T5102] REISERFS (device loop0): checking transaction log (loop0) [pid 5102] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5102] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5102] chdir("./file1") = 0 [pid 5102] ioctl(4, LOOP_CLR_FD) = 0 [pid 5102] close(4) = 0 [pid 5102] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5102] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5102] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5102] exit_group(0) = ? [pid 5102] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./13/binderfs") = 0 [ 68.840141][ T5102] REISERFS (device loop0): Using r5 hash to sort names [ 68.847224][ T5102] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./13/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./13/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./13") = 0 mkdir("./14", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5104 attached , child_tidptr=0x55555738c5d0) = 5104 [pid 5104] chdir("./14") = 0 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5104] setpgid(0, 0) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5104] write(3, "1000", 4) = 4 [pid 5104] close(3) = 0 [pid 5104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5104] memfd_create("syzkaller", 0) = 3 [pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5104] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5104] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5104] close(3) = 0 [pid 5104] mkdir("./file1", 0777) = 0 [ 68.981190][ T5104] loop0: detected capacity change from 0 to 8192 [ 68.991331][ T5104] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.004457][ T5104] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 69.013736][ T5104] REISERFS (device loop0): using ordered data mode [ 69.020455][ T5104] reiserfs: using flush barriers [ 69.026403][ T5104] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.042760][ T5104] REISERFS (device loop0): checking transaction log (loop0) [pid 5104] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5104] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5104] chdir("./file1") = 0 [pid 5104] ioctl(4, LOOP_CLR_FD) = 0 [pid 5104] close(4) = 0 [pid 5104] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5104] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5104] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5104] exit_group(0) = ? [pid 5104] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./14/binderfs") = 0 [ 69.089486][ T5104] REISERFS (device loop0): Using r5 hash to sort names [ 69.096532][ T5104] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./14/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./14/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./14") = 0 mkdir("./15", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5106 ./strace-static-x86_64: Process 5106 attached [pid 5106] chdir("./15") = 0 [pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5106] setpgid(0, 0) = 0 [pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5106] write(3, "1000", 4) = 4 [pid 5106] close(3) = 0 [pid 5106] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5106] memfd_create("syzkaller", 0) = 3 [pid 5106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5106] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5106] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5106] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5106] close(3) = 0 [pid 5106] mkdir("./file1", 0777) = 0 [ 69.243094][ T5106] loop0: detected capacity change from 0 to 8192 [ 69.253794][ T5106] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.266889][ T5106] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 69.276044][ T5106] REISERFS (device loop0): using ordered data mode [ 69.282642][ T5106] reiserfs: using flush barriers [ 69.288416][ T5106] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.304847][ T5106] REISERFS (device loop0): checking transaction log (loop0) [pid 5106] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5106] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5106] chdir("./file1") = 0 [pid 5106] ioctl(4, LOOP_CLR_FD) = 0 [pid 5106] close(4) = 0 [pid 5106] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5106] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5106] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5106] exit_group(0) = ? [pid 5106] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./15/binderfs") = 0 [ 69.346377][ T5106] REISERFS (device loop0): Using r5 hash to sort names [ 69.353510][ T5106] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./15/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./15/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./15") = 0 mkdir("./16", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5108 ./strace-static-x86_64: Process 5108 attached [pid 5108] chdir("./16") = 0 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5108] setpgid(0, 0) = 0 [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5108] write(3, "1000", 4) = 4 [pid 5108] close(3) = 0 [pid 5108] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5108] memfd_create("syzkaller", 0) = 3 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5108] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5108] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5108] close(3) = 0 [pid 5108] mkdir("./file1", 0777) = 0 [ 69.497118][ T5108] loop0: detected capacity change from 0 to 8192 [ 69.507578][ T5108] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.520809][ T5108] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 69.530350][ T5108] REISERFS (device loop0): using ordered data mode [ 69.536927][ T5108] reiserfs: using flush barriers [ 69.542596][ T5108] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.559008][ T5108] REISERFS (device loop0): checking transaction log (loop0) [pid 5108] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5108] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5108] chdir("./file1") = 0 [pid 5108] ioctl(4, LOOP_CLR_FD) = 0 [pid 5108] close(4) = 0 [pid 5108] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5108] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5108] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5108] exit_group(0) = ? [pid 5108] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./16/binderfs") = 0 [ 69.607121][ T5108] REISERFS (device loop0): Using r5 hash to sort names [ 69.614177][ T5108] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./16/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./16/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./16") = 0 mkdir("./17", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5110 ./strace-static-x86_64: Process 5110 attached [pid 5110] chdir("./17") = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5110] setpgid(0, 0) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5110] write(3, "1000", 4) = 4 [pid 5110] close(3) = 0 [pid 5110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5110] memfd_create("syzkaller", 0) = 3 [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5110] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5110] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5110] close(3) = 0 [pid 5110] mkdir("./file1", 0777) = 0 [ 69.751845][ T5110] loop0: detected capacity change from 0 to 8192 [ 69.762470][ T5110] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.775676][ T5110] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 69.785016][ T5110] REISERFS (device loop0): using ordered data mode [ 69.791640][ T5110] reiserfs: using flush barriers [ 69.797493][ T5110] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.813776][ T5110] REISERFS (device loop0): checking transaction log (loop0) [pid 5110] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5110] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5110] chdir("./file1") = 0 [pid 5110] ioctl(4, LOOP_CLR_FD) = 0 [pid 5110] close(4) = 0 [pid 5110] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5110] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5110] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5110] exit_group(0) = ? [pid 5110] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./17/binderfs") = 0 [ 69.861222][ T5110] REISERFS (device loop0): Using r5 hash to sort names [ 69.868597][ T5110] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./17/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./17/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./17") = 0 mkdir("./18", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5112 ./strace-static-x86_64: Process 5112 attached [pid 5112] chdir("./18") = 0 [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5112] setpgid(0, 0) = 0 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5112] write(3, "1000", 4) = 4 [pid 5112] close(3) = 0 [pid 5112] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5112] memfd_create("syzkaller", 0) = 3 [pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5112] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5112] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5112] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5112] close(3) = 0 [pid 5112] mkdir("./file1", 0777) = 0 [ 70.014130][ T5112] loop0: detected capacity change from 0 to 8192 [ 70.023550][ T5112] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.036573][ T5112] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 70.045987][ T5112] REISERFS (device loop0): using ordered data mode [ 70.052624][ T5112] reiserfs: using flush barriers [ 70.058331][ T5112] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.074764][ T5112] REISERFS (device loop0): checking transaction log (loop0) [pid 5112] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5112] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5112] chdir("./file1") = 0 [pid 5112] ioctl(4, LOOP_CLR_FD) = 0 [pid 5112] close(4) = 0 [pid 5112] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5112] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5112] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5112] exit_group(0) = ? [pid 5112] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./18/binderfs") = 0 [ 70.121222][ T5112] REISERFS (device loop0): Using r5 hash to sort names [ 70.128691][ T5112] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./18/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./18/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./18") = 0 mkdir("./19", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5114 ./strace-static-x86_64: Process 5114 attached [pid 5114] chdir("./19") = 0 [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5114] setpgid(0, 0) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5114] write(3, "1000", 4) = 4 [pid 5114] close(3) = 0 [pid 5114] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5114] memfd_create("syzkaller", 0) = 3 [pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5114] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5114] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5114] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5114] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5114] close(3) = 0 [pid 5114] mkdir("./file1", 0777) = 0 [ 70.263922][ T5114] loop0: detected capacity change from 0 to 8192 [ 70.275894][ T5114] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.289028][ T5114] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 70.298310][ T5114] REISERFS (device loop0): using ordered data mode [ 70.304834][ T5114] reiserfs: using flush barriers [ 70.310734][ T5114] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.327167][ T5114] REISERFS (device loop0): checking transaction log (loop0) [pid 5114] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5114] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5114] chdir("./file1") = 0 [pid 5114] ioctl(4, LOOP_CLR_FD) = 0 [pid 5114] close(4) = 0 [pid 5114] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5114] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5114] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5114] exit_group(0) = ? [pid 5114] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./19/binderfs") = 0 [ 70.378731][ T5114] REISERFS (device loop0): Using r5 hash to sort names [ 70.385890][ T5114] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./19/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./19/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./19") = 0 mkdir("./20", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5116 ./strace-static-x86_64: Process 5116 attached [pid 5116] chdir("./20") = 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5116] setpgid(0, 0) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5116] write(3, "1000", 4) = 4 [pid 5116] close(3) = 0 [pid 5116] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5116] memfd_create("syzkaller", 0) = 3 [pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5116] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5116] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5116] close(3) = 0 [pid 5116] mkdir("./file1", 0777) = 0 [ 70.527770][ T5116] loop0: detected capacity change from 0 to 8192 [ 70.539055][ T5116] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.552015][ T5116] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 70.561268][ T5116] REISERFS (device loop0): using ordered data mode [ 70.568095][ T5116] reiserfs: using flush barriers [ 70.574110][ T5116] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.590835][ T5116] REISERFS (device loop0): checking transaction log (loop0) [pid 5116] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5116] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5116] chdir("./file1") = 0 [pid 5116] ioctl(4, LOOP_CLR_FD) = 0 [pid 5116] close(4) = 0 [pid 5116] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5116] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5116] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5116] exit_group(0) = ? [pid 5116] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./20/binderfs") = 0 [ 70.638088][ T5116] REISERFS (device loop0): Using r5 hash to sort names [ 70.645138][ T5116] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./20/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./20/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./20") = 0 mkdir("./21", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5118 ./strace-static-x86_64: Process 5118 attached [pid 5118] chdir("./21") = 0 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5118] setpgid(0, 0) = 0 [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5118] write(3, "1000", 4) = 4 [pid 5118] close(3) = 0 [pid 5118] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5118] memfd_create("syzkaller", 0) = 3 [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5118] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5118] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5118] close(3) = 0 [pid 5118] mkdir("./file1", 0777) = 0 [ 70.767095][ T5118] loop0: detected capacity change from 0 to 8192 [ 70.776672][ T5118] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.789683][ T5118] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 70.798888][ T5118] REISERFS (device loop0): using ordered data mode [ 70.805394][ T5118] reiserfs: using flush barriers [ 70.811221][ T5118] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.827551][ T5118] REISERFS (device loop0): checking transaction log (loop0) [pid 5118] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5118] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5118] chdir("./file1") = 0 [pid 5118] ioctl(4, LOOP_CLR_FD) = 0 [pid 5118] close(4) = 0 [pid 5118] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5118] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5118] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5118] exit_group(0) = ? [pid 5118] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./21/binderfs") = 0 umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./21/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./21/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./21") = 0 mkdir("./22", 0777) = 0 [ 70.872781][ T5118] REISERFS (device loop0): Using r5 hash to sort names [ 70.879924][ T5118] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5120 ./strace-static-x86_64: Process 5120 attached [pid 5120] chdir("./22") = 0 [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5120] setpgid(0, 0) = 0 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5120] write(3, "1000", 4) = 4 [pid 5120] close(3) = 0 [pid 5120] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5120] memfd_create("syzkaller", 0) = 3 [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5120] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5120] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5120] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5120] close(3) = 0 [pid 5120] mkdir("./file1", 0777) = 0 [ 71.011005][ T5120] loop0: detected capacity change from 0 to 8192 [ 71.020570][ T5120] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.033552][ T5120] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 71.042750][ T5120] REISERFS (device loop0): using ordered data mode [ 71.049374][ T5120] reiserfs: using flush barriers [ 71.055161][ T5120] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.071613][ T5120] REISERFS (device loop0): checking transaction log (loop0) [ 71.089769][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.096230][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [pid 5120] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5120] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5120] chdir("./file1") = 0 [pid 5120] ioctl(4, LOOP_CLR_FD) = 0 [pid 5120] close(4) = 0 [pid 5120] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5120] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5120] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5120] exit_group(0) = ? [pid 5120] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./22/binderfs") = 0 [ 71.184564][ T5120] REISERFS (device loop0): Using r5 hash to sort names [ 71.192178][ T5120] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./22/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./22/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./22") = 0 mkdir("./23", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5122 ./strace-static-x86_64: Process 5122 attached [pid 5122] chdir("./23") = 0 [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5122] setpgid(0, 0) = 0 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5122] write(3, "1000", 4) = 4 [pid 5122] close(3) = 0 [pid 5122] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5122] memfd_create("syzkaller", 0) = 3 [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5122] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5122] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5122] close(3) = 0 [pid 5122] mkdir("./file1", 0777) = 0 [ 71.407894][ T5122] loop0: detected capacity change from 0 to 8192 [ 71.417707][ T5122] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.430824][ T5122] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 71.440573][ T5122] REISERFS (device loop0): using ordered data mode [ 71.447373][ T5122] reiserfs: using flush barriers [ 71.453462][ T5122] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.470299][ T5122] REISERFS (device loop0): checking transaction log (loop0) [pid 5122] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5122] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5122] chdir("./file1") = 0 [pid 5122] ioctl(4, LOOP_CLR_FD) = 0 [pid 5122] close(4) = 0 [pid 5122] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5122] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5122] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5122] exit_group(0) = ? [pid 5122] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./23/binderfs") = 0 [ 71.553430][ T5122] REISERFS (device loop0): Using r5 hash to sort names [ 71.560626][ T5122] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./23/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./23/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./23") = 0 mkdir("./24", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5124 ./strace-static-x86_64: Process 5124 attached [pid 5124] chdir("./24") = 0 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5124] setpgid(0, 0) = 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5124] write(3, "1000", 4) = 4 [pid 5124] close(3) = 0 [pid 5124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5124] memfd_create("syzkaller", 0) = 3 [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5124] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5124] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5124] close(3) = 0 [pid 5124] mkdir("./file1", 0777) = 0 [ 71.740869][ T5124] loop0: detected capacity change from 0 to 8192 [ 71.750582][ T5124] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.763807][ T5124] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 71.773142][ T5124] REISERFS (device loop0): using ordered data mode [ 71.780004][ T5124] reiserfs: using flush barriers [ 71.785731][ T5124] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.802244][ T5124] REISERFS (device loop0): checking transaction log (loop0) [pid 5124] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5124] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5124] chdir("./file1") = 0 [pid 5124] ioctl(4, LOOP_CLR_FD) = 0 [pid 5124] close(4) = 0 [pid 5124] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5124] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5124] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5124] exit_group(0) = ? [pid 5124] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./24/binderfs") = 0 [ 71.848765][ T5124] REISERFS (device loop0): Using r5 hash to sort names [ 71.855905][ T5124] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./24/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./24/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./24") = 0 mkdir("./25", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5126 ./strace-static-x86_64: Process 5126 attached [pid 5126] chdir("./25") = 0 [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5126] setpgid(0, 0) = 0 [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5126] write(3, "1000", 4) = 4 [pid 5126] close(3) = 0 [pid 5126] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5126] memfd_create("syzkaller", 0) = 3 [pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5126] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5126] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5126] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5126] close(3) = 0 [pid 5126] mkdir("./file1", 0777) = 0 [ 71.995632][ T5126] loop0: detected capacity change from 0 to 8192 [ 72.007162][ T5126] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.020203][ T5126] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 72.029433][ T5126] REISERFS (device loop0): using ordered data mode [ 72.035936][ T5126] reiserfs: using flush barriers [ 72.042060][ T5126] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.058533][ T5126] REISERFS (device loop0): checking transaction log (loop0) [pid 5126] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5126] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5126] chdir("./file1") = 0 [pid 5126] ioctl(4, LOOP_CLR_FD) = 0 [pid 5126] close(4) = 0 [pid 5126] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5126] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5126] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5126] exit_group(0) = ? [pid 5126] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./25/binderfs") = 0 [ 72.105138][ T5126] REISERFS (device loop0): Using r5 hash to sort names [ 72.112243][ T5126] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./25/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./25/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./25") = 0 mkdir("./26", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5128 ./strace-static-x86_64: Process 5128 attached [pid 5128] chdir("./26") = 0 [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5128] setpgid(0, 0) = 0 [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5128] write(3, "1000", 4) = 4 [pid 5128] close(3) = 0 [pid 5128] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5128] memfd_create("syzkaller", 0) = 3 [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5128] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5128] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5128] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5128] close(3) = 0 [pid 5128] mkdir("./file1", 0777) = 0 [ 72.253312][ T5128] loop0: detected capacity change from 0 to 8192 [ 72.263194][ T5128] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.276607][ T5128] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 72.286138][ T5128] REISERFS (device loop0): using ordered data mode [ 72.292868][ T5128] reiserfs: using flush barriers [ 72.298614][ T5128] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.315018][ T5128] REISERFS (device loop0): checking transaction log (loop0) [pid 5128] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5128] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5128] chdir("./file1") = 0 [pid 5128] ioctl(4, LOOP_CLR_FD) = 0 [pid 5128] close(4) = 0 [pid 5128] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5128] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5128] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5128] exit_group(0) = ? [pid 5128] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./26/binderfs") = 0 [ 72.367598][ T5128] REISERFS (device loop0): Using r5 hash to sort names [ 72.374912][ T5128] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./26/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./26/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./26") = 0 mkdir("./27", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5130 ./strace-static-x86_64: Process 5130 attached [pid 5130] chdir("./27") = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5130] setpgid(0, 0) = 0 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5130] write(3, "1000", 4) = 4 [pid 5130] close(3) = 0 [pid 5130] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5130] memfd_create("syzkaller", 0) = 3 [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5130] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5130] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5130] close(3) = 0 [pid 5130] mkdir("./file1", 0777) = 0 [ 72.541047][ T5130] loop0: detected capacity change from 0 to 8192 [ 72.555934][ T5130] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.569736][ T5130] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 72.580001][ T5130] REISERFS (device loop0): using ordered data mode [ 72.587294][ T5130] reiserfs: using flush barriers [ 72.594255][ T5130] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.611666][ T5130] REISERFS (device loop0): checking transaction log (loop0) [pid 5130] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5130] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5130] chdir("./file1") = 0 [pid 5130] ioctl(4, LOOP_CLR_FD) = 0 [pid 5130] close(4) = 0 [pid 5130] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5130] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5130] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5130] exit_group(0) = ? [pid 5130] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./27/binderfs") = 0 [ 72.679881][ T5130] REISERFS (device loop0): Using r5 hash to sort names [ 72.687105][ T5130] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./27/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./27/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./27") = 0 mkdir("./28", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5132 ./strace-static-x86_64: Process 5132 attached [pid 5132] chdir("./28") = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5132] write(3, "1000", 4) = 4 [pid 5132] close(3) = 0 [pid 5132] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5132] memfd_create("syzkaller", 0) = 3 [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5132] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5132] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5132] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5132] close(3) = 0 [pid 5132] mkdir("./file1", 0777) = 0 [ 72.848719][ T5132] loop0: detected capacity change from 0 to 8192 [ 72.859301][ T5132] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.872983][ T5132] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 72.882185][ T5132] REISERFS (device loop0): using ordered data mode [ 72.888730][ T5132] reiserfs: using flush barriers [ 72.894578][ T5132] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.911076][ T5132] REISERFS (device loop0): checking transaction log (loop0) [pid 5132] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5132] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5132] chdir("./file1") = 0 [pid 5132] ioctl(4, LOOP_CLR_FD) = 0 [pid 5132] close(4) = 0 [pid 5132] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5132] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5132] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5132] exit_group(0) = ? [pid 5132] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./28/binderfs") = 0 [ 72.956703][ T5132] REISERFS (device loop0): Using r5 hash to sort names [ 72.964099][ T5132] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./28/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./28/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./28") = 0 mkdir("./29", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5134 ./strace-static-x86_64: Process 5134 attached [pid 5134] chdir("./29") = 0 [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5134] setpgid(0, 0) = 0 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5134] write(3, "1000", 4) = 4 [pid 5134] close(3) = 0 [pid 5134] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5134] memfd_create("syzkaller", 0) = 3 [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5134] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5134] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5134] close(3) = 0 [pid 5134] mkdir("./file1", 0777) = 0 [ 73.103119][ T5134] loop0: detected capacity change from 0 to 8192 [ 73.122782][ T5134] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.136100][ T5134] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 73.145769][ T5134] REISERFS (device loop0): using ordered data mode [ 73.152455][ T5134] reiserfs: using flush barriers [ 73.158322][ T5134] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.174730][ T5134] REISERFS (device loop0): checking transaction log (loop0) [pid 5134] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5134] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5134] chdir("./file1") = 0 [pid 5134] ioctl(4, LOOP_CLR_FD) = 0 [pid 5134] close(4) = 0 [pid 5134] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5134] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5134] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5134] exit_group(0) = ? [pid 5134] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./29/binderfs") = 0 [ 73.217243][ T5134] REISERFS (device loop0): Using r5 hash to sort names [ 73.224543][ T5134] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./29/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./29/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./29") = 0 mkdir("./30", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5136 ./strace-static-x86_64: Process 5136 attached [pid 5136] chdir("./30") = 0 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [pid 5136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5136] memfd_create("syzkaller", 0) = 3 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5136] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5136] close(3) = 0 [pid 5136] mkdir("./file1", 0777) = 0 [ 73.368682][ T5136] loop0: detected capacity change from 0 to 8192 [ 73.378276][ T5136] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.391520][ T5136] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 73.401100][ T5136] REISERFS (device loop0): using ordered data mode [ 73.407798][ T5136] reiserfs: using flush barriers [ 73.413424][ T5136] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.429907][ T5136] REISERFS (device loop0): checking transaction log (loop0) [pid 5136] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5136] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5136] chdir("./file1") = 0 [pid 5136] ioctl(4, LOOP_CLR_FD) = 0 [pid 5136] close(4) = 0 [pid 5136] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5136] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5136] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5136] exit_group(0) = ? [pid 5136] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./30/binderfs") = 0 [ 73.476619][ T5136] REISERFS (device loop0): Using r5 hash to sort names [ 73.483716][ T5136] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./30/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./30/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./30") = 0 mkdir("./31", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5138 ./strace-static-x86_64: Process 5138 attached [pid 5138] chdir("./31") = 0 [pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5138] setpgid(0, 0) = 0 [pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5138] write(3, "1000", 4) = 4 [pid 5138] close(3) = 0 [pid 5138] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5138] memfd_create("syzkaller", 0) = 3 [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5138] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5138] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5138] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5138] close(3) = 0 [pid 5138] mkdir("./file1", 0777) = 0 [ 73.607117][ T5138] loop0: detected capacity change from 0 to 8192 [ 73.618173][ T5138] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.631199][ T5138] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 73.640414][ T5138] REISERFS (device loop0): using ordered data mode [ 73.647086][ T5138] reiserfs: using flush barriers [ 73.652941][ T5138] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.669393][ T5138] REISERFS (device loop0): checking transaction log (loop0) [pid 5138] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5138] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5138] chdir("./file1") = 0 [pid 5138] ioctl(4, LOOP_CLR_FD) = 0 [pid 5138] close(4) = 0 [pid 5138] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5138] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5138] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5138] exit_group(0) = ? [pid 5138] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./31/binderfs") = 0 [ 73.716571][ T5138] REISERFS (device loop0): Using r5 hash to sort names [ 73.723983][ T5138] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./31/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./31/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./31") = 0 mkdir("./32", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5140 attached [pid 5140] chdir("./32") = 0 [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5140] setpgid(0, 0) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... clone resumed>, child_tidptr=0x55555738c5d0) = 5140 [pid 5140] <... openat resumed>) = 3 [pid 5140] write(3, "1000", 4) = 4 [pid 5140] close(3) = 0 [pid 5140] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5140] memfd_create("syzkaller", 0) = 3 [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5140] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5140] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5140] close(3) = 0 [pid 5140] mkdir("./file1", 0777) = 0 [ 73.868883][ T5140] loop0: detected capacity change from 0 to 8192 [ 73.879782][ T5140] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.892817][ T5140] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 73.902053][ T5140] REISERFS (device loop0): using ordered data mode [ 73.908593][ T5140] reiserfs: using flush barriers [ 73.914457][ T5140] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.931017][ T5140] REISERFS (device loop0): checking transaction log (loop0) [pid 5140] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5140] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5140] chdir("./file1") = 0 [pid 5140] ioctl(4, LOOP_CLR_FD) = 0 [pid 5140] close(4) = 0 [pid 5140] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5140] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5140] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5140] exit_group(0) = ? [pid 5140] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./32/binderfs") = 0 [ 73.973242][ T5140] REISERFS (device loop0): Using r5 hash to sort names [ 73.980368][ T5140] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./32/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./32/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./32") = 0 mkdir("./33", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5142 ./strace-static-x86_64: Process 5142 attached [pid 5142] chdir("./33") = 0 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5142] setpgid(0, 0) = 0 [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5142] write(3, "1000", 4) = 4 [pid 5142] close(3) = 0 [pid 5142] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5142] memfd_create("syzkaller", 0) = 3 [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5142] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5142] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5142] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5142] close(3) = 0 [pid 5142] mkdir("./file1", 0777) = 0 [ 74.128387][ T5142] loop0: detected capacity change from 0 to 8192 [ 74.139115][ T5142] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.152165][ T5142] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 74.161383][ T5142] REISERFS (device loop0): using ordered data mode [ 74.167955][ T5142] reiserfs: using flush barriers [ 74.173956][ T5142] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.190354][ T5142] REISERFS (device loop0): checking transaction log (loop0) [pid 5142] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5142] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5142] chdir("./file1") = 0 [pid 5142] ioctl(4, LOOP_CLR_FD) = 0 [pid 5142] close(4) = 0 [pid 5142] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5142] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5142] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5142] exit_group(0) = ? [pid 5142] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./33/binderfs") = 0 [ 74.232324][ T5142] REISERFS (device loop0): Using r5 hash to sort names [ 74.239413][ T5142] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./33/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./33/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./33") = 0 mkdir("./34", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5144 ./strace-static-x86_64: Process 5144 attached [pid 5144] chdir("./34") = 0 [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5144] setpgid(0, 0) = 0 [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5144] write(3, "1000", 4) = 4 [pid 5144] close(3) = 0 [pid 5144] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5144] memfd_create("syzkaller", 0) = 3 [pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5144] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5144] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5144] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5144] close(3) = 0 [pid 5144] mkdir("./file1", 0777) = 0 [ 74.383615][ T5144] loop0: detected capacity change from 0 to 8192 [ 74.394445][ T5144] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.408232][ T5144] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 74.417586][ T5144] REISERFS (device loop0): using ordered data mode [ 74.424184][ T5144] reiserfs: using flush barriers [ 74.430251][ T5144] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.446627][ T5144] REISERFS (device loop0): checking transaction log (loop0) [pid 5144] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5144] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5144] chdir("./file1") = 0 [pid 5144] ioctl(4, LOOP_CLR_FD) = 0 [pid 5144] close(4) = 0 [pid 5144] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5144] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5144] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5144] exit_group(0) = ? [pid 5144] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./34/binderfs") = 0 [ 74.493825][ T5144] REISERFS (device loop0): Using r5 hash to sort names [ 74.501248][ T5144] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./34/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./34/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./34") = 0 mkdir("./35", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5146 ./strace-static-x86_64: Process 5146 attached [pid 5146] chdir("./35") = 0 [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5146] setpgid(0, 0) = 0 [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5146] write(3, "1000", 4) = 4 [pid 5146] close(3) = 0 [pid 5146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5146] memfd_create("syzkaller", 0) = 3 [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5146] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5146] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5146] close(3) = 0 [pid 5146] mkdir("./file1", 0777) = 0 [ 74.650919][ T5146] loop0: detected capacity change from 0 to 8192 [ 74.661666][ T5146] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.674751][ T5146] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 74.683992][ T5146] REISERFS (device loop0): using ordered data mode [ 74.690559][ T5146] reiserfs: using flush barriers [ 74.696251][ T5146] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.712661][ T5146] REISERFS (device loop0): checking transaction log (loop0) [pid 5146] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5146] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5146] chdir("./file1") = 0 [pid 5146] ioctl(4, LOOP_CLR_FD) = 0 [pid 5146] close(4) = 0 [pid 5146] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5146] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5146] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5146] exit_group(0) = ? [pid 5146] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./35/binderfs") = 0 [ 74.759645][ T5146] REISERFS (device loop0): Using r5 hash to sort names [ 74.766706][ T5146] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./35/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./35/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./35") = 0 mkdir("./36", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5148 attached , child_tidptr=0x55555738c5d0) = 5148 [pid 5148] chdir("./36") = 0 [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5148] setpgid(0, 0) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5148] write(3, "1000", 4) = 4 [pid 5148] close(3) = 0 [pid 5148] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5148] memfd_create("syzkaller", 0) = 3 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5148] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5148] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5148] close(3) = 0 [pid 5148] mkdir("./file1", 0777) = 0 [ 74.905598][ T5148] loop0: detected capacity change from 0 to 8192 [ 74.915881][ T5148] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.928993][ T5148] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 74.938205][ T5148] REISERFS (device loop0): using ordered data mode [ 74.944702][ T5148] reiserfs: using flush barriers [ 74.950678][ T5148] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.967149][ T5148] REISERFS (device loop0): checking transaction log (loop0) [pid 5148] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5148] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5148] chdir("./file1") = 0 [pid 5148] ioctl(4, LOOP_CLR_FD) = 0 [pid 5148] close(4) = 0 [pid 5148] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5148] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5148] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5148] exit_group(0) = ? [pid 5148] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./36/binderfs") = 0 [ 75.010412][ T5148] REISERFS (device loop0): Using r5 hash to sort names [ 75.017526][ T5148] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./36/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./36/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./36") = 0 mkdir("./37", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5150 ./strace-static-x86_64: Process 5150 attached [pid 5150] chdir("./37") = 0 [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5150] setpgid(0, 0) = 0 [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5150] write(3, "1000", 4) = 4 [pid 5150] close(3) = 0 [pid 5150] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5150] memfd_create("syzkaller", 0) = 3 [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5150] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5150] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5150] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5150] close(3) = 0 [pid 5150] mkdir("./file1", 0777) = 0 [ 75.164017][ T5150] loop0: detected capacity change from 0 to 8192 [ 75.174737][ T5150] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.188024][ T5150] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 75.197534][ T5150] REISERFS (device loop0): using ordered data mode [ 75.204037][ T5150] reiserfs: using flush barriers [ 75.209972][ T5150] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.226427][ T5150] REISERFS (device loop0): checking transaction log (loop0) [pid 5150] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5150] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5150] chdir("./file1") = 0 [pid 5150] ioctl(4, LOOP_CLR_FD) = 0 [pid 5150] close(4) = 0 [pid 5150] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5150] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5150] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5150] exit_group(0) = ? [pid 5150] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./37/binderfs") = 0 [ 75.273108][ T5150] REISERFS (device loop0): Using r5 hash to sort names [ 75.280519][ T5150] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./37/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./37/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./37/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./37") = 0 mkdir("./38", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5152 ./strace-static-x86_64: Process 5152 attached [pid 5152] chdir("./38") = 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5152] setpgid(0, 0) = 0 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5152] write(3, "1000", 4) = 4 [pid 5152] close(3) = 0 [pid 5152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5152] memfd_create("syzkaller", 0) = 3 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5152] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5152] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5152] close(3) = 0 [pid 5152] mkdir("./file1", 0777) = 0 [ 75.429769][ T5152] loop0: detected capacity change from 0 to 8192 [ 75.441428][ T5152] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.454448][ T5152] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 75.463856][ T5152] REISERFS (device loop0): using ordered data mode [ 75.470552][ T5152] reiserfs: using flush barriers [ 75.476357][ T5152] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.492952][ T5152] REISERFS (device loop0): checking transaction log (loop0) [pid 5152] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5152] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5152] chdir("./file1") = 0 [pid 5152] ioctl(4, LOOP_CLR_FD) = 0 [pid 5152] close(4) = 0 [pid 5152] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5152] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5152] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5152] exit_group(0) = ? [pid 5152] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./38/binderfs") = 0 [ 75.542801][ T5152] REISERFS (device loop0): Using r5 hash to sort names [ 75.549903][ T5152] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./38/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./38/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./38/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./38") = 0 mkdir("./39", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5154 ./strace-static-x86_64: Process 5154 attached [pid 5154] chdir("./39") = 0 [pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5154] setpgid(0, 0) = 0 [pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5154] write(3, "1000", 4) = 4 [pid 5154] close(3) = 0 [pid 5154] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5154] memfd_create("syzkaller", 0) = 3 [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5154] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5154] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5154] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5154] close(3) = 0 [pid 5154] mkdir("./file1", 0777) = 0 [ 75.690270][ T5154] loop0: detected capacity change from 0 to 8192 [ 75.709744][ T5154] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.723003][ T5154] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 75.732602][ T5154] REISERFS (device loop0): using ordered data mode [ 75.739174][ T5154] reiserfs: using flush barriers [ 75.745013][ T5154] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.761651][ T5154] REISERFS (device loop0): checking transaction log (loop0) [pid 5154] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5154] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5154] chdir("./file1") = 0 [pid 5154] ioctl(4, LOOP_CLR_FD) = 0 [pid 5154] close(4) = 0 [pid 5154] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5154] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5154] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5154] exit_group(0) = ? [pid 5154] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./39/binderfs") = 0 [ 75.808854][ T5154] REISERFS (device loop0): Using r5 hash to sort names [ 75.815916][ T5154] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./39/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./39/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./39/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./39/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./39") = 0 mkdir("./40", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5156 attached , child_tidptr=0x55555738c5d0) = 5156 [pid 5156] chdir("./40") = 0 [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5156] setpgid(0, 0) = 0 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5156] write(3, "1000", 4) = 4 [pid 5156] close(3) = 0 [pid 5156] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5156] memfd_create("syzkaller", 0) = 3 [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5156] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5156] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5156] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5156] close(3) = 0 [pid 5156] mkdir("./file1", 0777) = 0 [ 75.963288][ T5156] loop0: detected capacity change from 0 to 8192 [ 75.972711][ T5156] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.985766][ T5156] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 75.995302][ T5156] REISERFS (device loop0): using ordered data mode [ 76.001866][ T5156] reiserfs: using flush barriers [ 76.007873][ T5156] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.024189][ T5156] REISERFS (device loop0): checking transaction log (loop0) [pid 5156] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5156] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5156] chdir("./file1") = 0 [pid 5156] ioctl(4, LOOP_CLR_FD) = 0 [pid 5156] close(4) = 0 [pid 5156] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5156] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5156] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5156] exit_group(0) = ? [pid 5156] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./40/binderfs") = 0 [ 76.071711][ T5156] REISERFS (device loop0): Using r5 hash to sort names [ 76.078836][ T5156] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./40/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./40/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./40/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./40/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./40") = 0 mkdir("./41", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5158 ./strace-static-x86_64: Process 5158 attached [pid 5158] chdir("./41") = 0 [pid 5158] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5158] setpgid(0, 0) = 0 [pid 5158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5158] write(3, "1000", 4) = 4 [pid 5158] close(3) = 0 [pid 5158] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5158] memfd_create("syzkaller", 0) = 3 [pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5158] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5158] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5158] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5158] close(3) = 0 [pid 5158] mkdir("./file1", 0777) = 0 [ 76.208500][ T7] cfg80211: failed to load regulatory.db [ 76.223777][ T5158] loop0: detected capacity change from 0 to 8192 [ 76.243984][ T5158] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.257020][ T5158] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 76.266260][ T5158] REISERFS (device loop0): using ordered data mode [ 76.273036][ T5158] reiserfs: using flush barriers [ 76.280139][ T5158] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.296724][ T5158] REISERFS (device loop0): checking transaction log (loop0) [pid 5158] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5158] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5158] chdir("./file1") = 0 [pid 5158] ioctl(4, LOOP_CLR_FD) = 0 [pid 5158] close(4) = 0 [pid 5158] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5158] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5158] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5158] exit_group(0) = ? [pid 5158] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5158, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./41/binderfs") = 0 [ 76.349737][ T5158] REISERFS (device loop0): Using r5 hash to sort names [ 76.357259][ T5158] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./41/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./41/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./41/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./41/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./41") = 0 mkdir("./42", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5160 ./strace-static-x86_64: Process 5160 attached [pid 5160] chdir("./42") = 0 [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5160] setpgid(0, 0) = 0 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5160] write(3, "1000", 4) = 4 [pid 5160] close(3) = 0 [pid 5160] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5160] memfd_create("syzkaller", 0) = 3 [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5160] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5160] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5160] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5160] close(3) = 0 [pid 5160] mkdir("./file1", 0777) = 0 [ 76.495616][ T5160] loop0: detected capacity change from 0 to 8192 [ 76.506644][ T5160] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.519945][ T5160] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 76.529317][ T5160] REISERFS (device loop0): using ordered data mode [ 76.535812][ T5160] reiserfs: using flush barriers [ 76.541995][ T5160] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.558677][ T5160] REISERFS (device loop0): checking transaction log (loop0) [pid 5160] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5160] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5160] chdir("./file1") = 0 [pid 5160] ioctl(4, LOOP_CLR_FD) = 0 [pid 5160] close(4) = 0 [pid 5160] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5160] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5160] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5160] exit_group(0) = ? [pid 5160] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./42/binderfs") = 0 [ 76.606228][ T5160] REISERFS (device loop0): Using r5 hash to sort names [ 76.613695][ T5160] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./42/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./42/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./42/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./42/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./42") = 0 mkdir("./43", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5162 ./strace-static-x86_64: Process 5162 attached [pid 5162] chdir("./43") = 0 [pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5162] setpgid(0, 0) = 0 [pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5162] write(3, "1000", 4) = 4 [pid 5162] close(3) = 0 [pid 5162] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5162] memfd_create("syzkaller", 0) = 3 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5162] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5162] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5162] close(3) = 0 [pid 5162] mkdir("./file1", 0777) = 0 [ 76.758451][ T5162] loop0: detected capacity change from 0 to 8192 [ 76.769439][ T5162] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.782498][ T5162] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 76.792035][ T5162] REISERFS (device loop0): using ordered data mode [ 76.798594][ T5162] reiserfs: using flush barriers [ 76.804431][ T5162] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.820887][ T5162] REISERFS (device loop0): checking transaction log (loop0) [pid 5162] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5162] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5162] chdir("./file1") = 0 [pid 5162] ioctl(4, LOOP_CLR_FD) = 0 [pid 5162] close(4) = 0 [pid 5162] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5162] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5162] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5162] exit_group(0) = ? [pid 5162] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./43/binderfs") = 0 [ 76.873242][ T5162] REISERFS (device loop0): Using r5 hash to sort names [ 76.880702][ T5162] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./43/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./43/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./43/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./43/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./43") = 0 mkdir("./44", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5164 ./strace-static-x86_64: Process 5164 attached [pid 5164] chdir("./44") = 0 [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5164] setpgid(0, 0) = 0 [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5164] write(3, "1000", 4) = 4 [pid 5164] close(3) = 0 [pid 5164] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5164] memfd_create("syzkaller", 0) = 3 [pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5164] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5164] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5164] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5164] close(3) = 0 [pid 5164] mkdir("./file1", 0777) = 0 [ 77.017894][ T5164] loop0: detected capacity change from 0 to 8192 [ 77.028650][ T5164] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.041673][ T5164] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 77.051275][ T5164] REISERFS (device loop0): using ordered data mode [ 77.057815][ T5164] reiserfs: using flush barriers [ 77.063631][ T5164] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.080069][ T5164] REISERFS (device loop0): checking transaction log (loop0) [pid 5164] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5164] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5164] chdir("./file1") = 0 [pid 5164] ioctl(4, LOOP_CLR_FD) = 0 [pid 5164] close(4) = 0 [pid 5164] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5164] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5164] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5164] exit_group(0) = ? [pid 5164] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 77.121172][ T5164] REISERFS (device loop0): Using r5 hash to sort names [ 77.128438][ T5164] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./44/binderfs") = 0 umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./44/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./44/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./44/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./44/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./44") = 0 mkdir("./45", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5166 attached [pid 5166] chdir("./45" [pid 5073] <... clone resumed>, child_tidptr=0x55555738c5d0) = 5166 [pid 5166] <... chdir resumed>) = 0 [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5166] setpgid(0, 0) = 0 [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5166] write(3, "1000", 4) = 4 [pid 5166] close(3) = 0 [pid 5166] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5166] memfd_create("syzkaller", 0) = 3 [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5166] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5166] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5166] close(3) = 0 [pid 5166] mkdir("./file1", 0777) = 0 [ 77.302372][ T5166] loop0: detected capacity change from 0 to 8192 [ 77.312832][ T5166] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.325908][ T5166] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 77.335107][ T5166] REISERFS (device loop0): using ordered data mode [ 77.341757][ T5166] reiserfs: using flush barriers [ 77.347611][ T5166] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.363956][ T5166] REISERFS (device loop0): checking transaction log (loop0) [pid 5166] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5166] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5166] chdir("./file1") = 0 [pid 5166] ioctl(4, LOOP_CLR_FD) = 0 [pid 5166] close(4) = 0 [pid 5166] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5166] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5166] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5166] exit_group(0) = ? [pid 5166] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./45/binderfs") = 0 [ 77.411102][ T5166] REISERFS (device loop0): Using r5 hash to sort names [ 77.418541][ T5166] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./45/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./45/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./45/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./45/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./45") = 0 mkdir("./46", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5168 ./strace-static-x86_64: Process 5168 attached [pid 5168] chdir("./46") = 0 [pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5168] setpgid(0, 0) = 0 [pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5168] write(3, "1000", 4) = 4 [pid 5168] close(3) = 0 [pid 5168] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5168] memfd_create("syzkaller", 0) = 3 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5168] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5168] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5168] close(3) = 0 [pid 5168] mkdir("./file1", 0777) = 0 [ 77.566469][ T5168] loop0: detected capacity change from 0 to 8192 [ 77.577433][ T5168] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.590465][ T5168] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 77.599729][ T5168] REISERFS (device loop0): using ordered data mode [ 77.606246][ T5168] reiserfs: using flush barriers [ 77.612283][ T5168] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.628828][ T5168] REISERFS (device loop0): checking transaction log (loop0) [pid 5168] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5168] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5168] chdir("./file1") = 0 [pid 5168] ioctl(4, LOOP_CLR_FD) = 0 [pid 5168] close(4) = 0 [pid 5168] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5168] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5168] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5168] exit_group(0) = ? [pid 5168] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./46/binderfs") = 0 [ 77.704129][ T5168] REISERFS (device loop0): Using r5 hash to sort names [ 77.711683][ T5168] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./46/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./46/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./46/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./46/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./46") = 0 mkdir("./47", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5170 ./strace-static-x86_64: Process 5170 attached [pid 5170] chdir("./47") = 0 [pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5170] setpgid(0, 0) = 0 [pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5170] write(3, "1000", 4) = 4 [pid 5170] close(3) = 0 [pid 5170] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5170] memfd_create("syzkaller", 0) = 3 [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5170] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5170] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5170] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5170] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5170] close(3) = 0 [pid 5170] mkdir("./file1", 0777) = 0 [ 77.867254][ T5170] loop0: detected capacity change from 0 to 8192 [ 77.877921][ T5170] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.891201][ T5170] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 77.900940][ T5170] REISERFS (device loop0): using ordered data mode [ 77.907879][ T5170] reiserfs: using flush barriers [ 77.913833][ T5170] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.930659][ T5170] REISERFS (device loop0): checking transaction log (loop0) [pid 5170] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5170] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5170] chdir("./file1") = 0 [pid 5170] ioctl(4, LOOP_CLR_FD) = 0 [pid 5170] close(4) = 0 [pid 5170] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5170] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5170] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5170] exit_group(0) = ? [pid 5170] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./47/binderfs") = 0 [ 77.973958][ T5170] REISERFS (device loop0): Using r5 hash to sort names [ 77.981037][ T5170] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./47/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./47/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./47/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./47/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./47") = 0 mkdir("./48", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5172 ./strace-static-x86_64: Process 5172 attached [pid 5172] chdir("./48") = 0 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5172] setpgid(0, 0) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5172] write(3, "1000", 4) = 4 [pid 5172] close(3) = 0 [pid 5172] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5172] memfd_create("syzkaller", 0) = 3 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5172] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5172] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5172] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5172] close(3) = 0 [pid 5172] mkdir("./file1", 0777) = 0 [ 78.102370][ T5172] loop0: detected capacity change from 0 to 8192 [ 78.122283][ T5172] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.135288][ T5172] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 78.144599][ T5172] REISERFS (device loop0): using ordered data mode [ 78.151414][ T5172] reiserfs: using flush barriers [ 78.157465][ T5172] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.174414][ T5172] REISERFS (device loop0): checking transaction log (loop0) [pid 5172] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5172] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5172] chdir("./file1") = 0 [pid 5172] ioctl(4, LOOP_CLR_FD) = 0 [pid 5172] close(4) = 0 [pid 5172] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5172] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5172] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5172] exit_group(0) = ? [pid 5172] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./48/binderfs") = 0 [ 78.215650][ T5172] REISERFS (device loop0): Using r5 hash to sort names [ 78.222722][ T5172] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./48/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./48/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./48/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./48/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./48") = 0 mkdir("./49", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5174 ./strace-static-x86_64: Process 5174 attached [pid 5174] chdir("./49") = 0 [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5174] setpgid(0, 0) = 0 [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5174] write(3, "1000", 4) = 4 [pid 5174] close(3) = 0 [pid 5174] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5174] memfd_create("syzkaller", 0) = 3 [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5174] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5174] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5174] close(3) = 0 [pid 5174] mkdir("./file1", 0777) = 0 [ 78.363844][ T5174] loop0: detected capacity change from 0 to 8192 [ 78.373459][ T5174] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.387215][ T5174] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 78.396608][ T5174] REISERFS (device loop0): using ordered data mode [ 78.403208][ T5174] reiserfs: using flush barriers [ 78.409217][ T5174] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.425536][ T5174] REISERFS (device loop0): checking transaction log (loop0) [pid 5174] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5174] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5174] chdir("./file1") = 0 [pid 5174] ioctl(4, LOOP_CLR_FD) = 0 [pid 5174] close(4) = 0 [pid 5174] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5174] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5174] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5174] exit_group(0) = ? [pid 5174] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./49/binderfs") = 0 [ 78.472094][ T5174] REISERFS (device loop0): Using r5 hash to sort names [ 78.479546][ T5174] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./49/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./49/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./49/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./49/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./49") = 0 mkdir("./50", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5176 ./strace-static-x86_64: Process 5176 attached [pid 5176] chdir("./50") = 0 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5176] setpgid(0, 0) = 0 [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5176] write(3, "1000", 4) = 4 [pid 5176] close(3) = 0 [pid 5176] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5176] memfd_create("syzkaller", 0) = 3 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5176] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5176] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5176] close(3) = 0 [pid 5176] mkdir("./file1", 0777) = 0 [ 78.619812][ T5176] loop0: detected capacity change from 0 to 8192 [ 78.629076][ T5176] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.642193][ T5176] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 78.651602][ T5176] REISERFS (device loop0): using ordered data mode [ 78.658399][ T5176] reiserfs: using flush barriers [ 78.664216][ T5176] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.681115][ T5176] REISERFS (device loop0): checking transaction log (loop0) [pid 5176] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5176] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5176] chdir("./file1") = 0 [pid 5176] ioctl(4, LOOP_CLR_FD) = 0 [pid 5176] close(4) = 0 [pid 5176] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5176] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5176] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5176] exit_group(0) = ? [pid 5176] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./50/binderfs") = 0 umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./50/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./50/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./50/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./50/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./50") = 0 mkdir("./51", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5178 ./strace-static-x86_64: Process 5178 attached [pid 5178] chdir("./51") = 0 [ 78.723507][ T5176] REISERFS (device loop0): Using r5 hash to sort names [ 78.730957][ T5176] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5178] setpgid(0, 0) = 0 [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5178] write(3, "1000", 4) = 4 [pid 5178] close(3) = 0 [pid 5178] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5178] memfd_create("syzkaller", 0) = 3 [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5178] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5178] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5178] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5178] close(3) = 0 [pid 5178] mkdir("./file1", 0777) = 0 [ 78.871007][ T5178] loop0: detected capacity change from 0 to 8192 [ 78.880653][ T5178] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.893643][ T5178] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 78.903004][ T5178] REISERFS (device loop0): using ordered data mode [ 78.909704][ T5178] reiserfs: using flush barriers [ 78.915512][ T5178] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.932346][ T5178] REISERFS (device loop0): checking transaction log (loop0) [pid 5178] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5178] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5178] chdir("./file1") = 0 [pid 5178] ioctl(4, LOOP_CLR_FD) = 0 [pid 5178] close(4) = 0 [pid 5178] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5178] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5178] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5178] exit_group(0) = ? [pid 5178] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./51/binderfs") = 0 [ 78.975230][ T5178] REISERFS (device loop0): Using r5 hash to sort names [ 78.982295][ T5178] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./51/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./51/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./51/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./51/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./51") = 0 mkdir("./52", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5180 ./strace-static-x86_64: Process 5180 attached [pid 5180] chdir("./52") = 0 [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5180] setpgid(0, 0) = 0 [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5180] write(3, "1000", 4) = 4 [pid 5180] close(3) = 0 [pid 5180] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5180] memfd_create("syzkaller", 0) = 3 [pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5180] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5180] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5180] close(3) = 0 [pid 5180] mkdir("./file1", 0777) = 0 [ 79.121829][ T5180] loop0: detected capacity change from 0 to 8192 [ 79.131295][ T5180] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.144388][ T5180] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 79.154053][ T5180] REISERFS (device loop0): using ordered data mode [ 79.160750][ T5180] reiserfs: using flush barriers [ 79.166519][ T5180] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.183434][ T5180] REISERFS (device loop0): checking transaction log (loop0) [pid 5180] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5180] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5180] chdir("./file1") = 0 [pid 5180] ioctl(4, LOOP_CLR_FD) = 0 [pid 5180] close(4) = 0 [pid 5180] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5180] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5180] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5180] exit_group(0) = ? [pid 5180] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5180, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./52/binderfs") = 0 [ 79.232133][ T5180] REISERFS (device loop0): Using r5 hash to sort names [ 79.239909][ T5180] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./52/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./52/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./52/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./52/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./52") = 0 mkdir("./53", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5182 ./strace-static-x86_64: Process 5182 attached [pid 5182] chdir("./53") = 0 [pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5182] setpgid(0, 0) = 0 [pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5182] write(3, "1000", 4) = 4 [pid 5182] close(3) = 0 [pid 5182] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5182] memfd_create("syzkaller", 0) = 3 [pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5182] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5182] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5182] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5182] close(3) = 0 [pid 5182] mkdir("./file1", 0777) = 0 [ 79.371835][ T5182] loop0: detected capacity change from 0 to 8192 [ 79.382537][ T5182] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.395614][ T5182] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 79.404845][ T5182] REISERFS (device loop0): using ordered data mode [ 79.414750][ T5182] reiserfs: using flush barriers [ 79.421124][ T5182] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.437450][ T5182] REISERFS (device loop0): checking transaction log (loop0) [pid 5182] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5182] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5182] chdir("./file1") = 0 [pid 5182] ioctl(4, LOOP_CLR_FD) = 0 [pid 5182] close(4) = 0 [pid 5182] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5182] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5182] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5182] exit_group(0) = ? [pid 5182] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./53/binderfs") = 0 [ 79.483593][ T5182] REISERFS (device loop0): Using r5 hash to sort names [ 79.490959][ T5182] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./53/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./53/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./53/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./53/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./53") = 0 mkdir("./54", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5184 ./strace-static-x86_64: Process 5184 attached [pid 5184] chdir("./54") = 0 [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5184] setpgid(0, 0) = 0 [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5184] write(3, "1000", 4) = 4 [pid 5184] close(3) = 0 [pid 5184] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5184] memfd_create("syzkaller", 0) = 3 [pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5184] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5184] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5184] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5184] close(3) = 0 [pid 5184] mkdir("./file1", 0777) = 0 [ 79.633027][ T5184] loop0: detected capacity change from 0 to 8192 [ 79.643231][ T5184] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.656235][ T5184] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 79.665492][ T5184] REISERFS (device loop0): using ordered data mode [ 79.672038][ T5184] reiserfs: using flush barriers [ 79.677868][ T5184] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.694289][ T5184] REISERFS (device loop0): checking transaction log (loop0) [pid 5184] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5184] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5184] chdir("./file1") = 0 [pid 5184] ioctl(4, LOOP_CLR_FD) = 0 [pid 5184] close(4) = 0 [pid 5184] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5184] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5184] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5184] exit_group(0) = ? [pid 5184] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5184, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./54/binderfs") = 0 [ 79.737640][ T5184] REISERFS (device loop0): Using r5 hash to sort names [ 79.744775][ T5184] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./54/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./54/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./54/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./54/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./54") = 0 mkdir("./55", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5186 ./strace-static-x86_64: Process 5186 attached [pid 5186] chdir("./55") = 0 [pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5186] setpgid(0, 0) = 0 [pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5186] write(3, "1000", 4) = 4 [pid 5186] close(3) = 0 [pid 5186] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5186] memfd_create("syzkaller", 0) = 3 [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5186] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5186] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5186] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5186] close(3) = 0 [pid 5186] mkdir("./file1", 0777) = 0 [ 79.885193][ T5186] loop0: detected capacity change from 0 to 8192 [ 79.895917][ T5186] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.908994][ T5186] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 79.918217][ T5186] REISERFS (device loop0): using ordered data mode [ 79.924715][ T5186] reiserfs: using flush barriers [ 79.930712][ T5186] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.947239][ T5186] REISERFS (device loop0): checking transaction log (loop0) [pid 5186] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5186] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5186] chdir("./file1") = 0 [pid 5186] ioctl(4, LOOP_CLR_FD) = 0 [pid 5186] close(4) = 0 [pid 5186] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5186] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5186] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5186] exit_group(0) = ? [pid 5186] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5186, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./55/binderfs") = 0 [ 79.991083][ T5186] REISERFS (device loop0): Using r5 hash to sort names [ 79.998167][ T5186] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./55/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./55/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./55/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./55/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./55") = 0 mkdir("./56", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5188 ./strace-static-x86_64: Process 5188 attached [pid 5188] chdir("./56") = 0 [pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5188] setpgid(0, 0) = 0 [pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5188] write(3, "1000", 4) = 4 [pid 5188] close(3) = 0 [pid 5188] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5188] memfd_create("syzkaller", 0) = 3 [pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5188] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5188] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5188] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5188] close(3) = 0 [pid 5188] mkdir("./file1", 0777) = 0 [ 80.131809][ T5188] loop0: detected capacity change from 0 to 8192 [ 80.143021][ T5188] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.156057][ T5188] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 80.165264][ T5188] REISERFS (device loop0): using ordered data mode [ 80.171839][ T5188] reiserfs: using flush barriers [ 80.178035][ T5188] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.194397][ T5188] REISERFS (device loop0): checking transaction log (loop0) [pid 5188] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5188] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5188] chdir("./file1") = 0 [pid 5188] ioctl(4, LOOP_CLR_FD) = 0 [pid 5188] close(4) = 0 [pid 5188] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5188] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5188] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5188] exit_group(0) = ? [pid 5188] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./56/binderfs") = 0 [ 80.242345][ T5188] REISERFS (device loop0): Using r5 hash to sort names [ 80.249762][ T5188] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./56/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./56/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./56/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./56/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./56") = 0 mkdir("./57", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5190 ./strace-static-x86_64: Process 5190 attached [pid 5190] chdir("./57") = 0 [pid 5190] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5190] setpgid(0, 0) = 0 [pid 5190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5190] write(3, "1000", 4) = 4 [pid 5190] close(3) = 0 [pid 5190] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5190] memfd_create("syzkaller", 0) = 3 [pid 5190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5190] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5190] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5190] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5190] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5190] close(3) = 0 [pid 5190] mkdir("./file1", 0777) = 0 [ 80.382510][ T5190] loop0: detected capacity change from 0 to 8192 [ 80.393385][ T5190] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.406473][ T5190] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 80.416004][ T5190] REISERFS (device loop0): using ordered data mode [ 80.422631][ T5190] reiserfs: using flush barriers [ 80.428706][ T5190] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.445195][ T5190] REISERFS (device loop0): checking transaction log (loop0) [pid 5190] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5190] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5190] chdir("./file1") = 0 [pid 5190] ioctl(4, LOOP_CLR_FD) = 0 [pid 5190] close(4) = 0 [pid 5190] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5190] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5190] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5190] exit_group(0) = ? [pid 5190] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5190, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./57/binderfs") = 0 [ 80.494224][ T5190] REISERFS (device loop0): Using r5 hash to sort names [ 80.501641][ T5190] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./57/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./57/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./57/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./57/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./57") = 0 mkdir("./58", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5192 attached [pid 5192] chdir("./58") = 0 [pid 5192] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555738c5d0) = 5192 [pid 5192] setpgid(0, 0) = 0 [pid 5192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5192] write(3, "1000", 4) = 4 [pid 5192] close(3) = 0 [pid 5192] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5192] memfd_create("syzkaller", 0) = 3 [pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5192] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5192] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5192] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5192] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5192] close(3) = 0 [pid 5192] mkdir("./file1", 0777) = 0 [ 80.645928][ T5192] loop0: detected capacity change from 0 to 8192 [ 80.656217][ T5192] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.669285][ T5192] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 80.678504][ T5192] REISERFS (device loop0): using ordered data mode [ 80.685016][ T5192] reiserfs: using flush barriers [ 80.690979][ T5192] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.707350][ T5192] REISERFS (device loop0): checking transaction log (loop0) [pid 5192] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5192] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5192] chdir("./file1") = 0 [pid 5192] ioctl(4, LOOP_CLR_FD) = 0 [pid 5192] close(4) = 0 [pid 5192] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5192] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5192] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5192] exit_group(0) = ? [pid 5192] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5192, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./58/binderfs") = 0 [ 80.757363][ T5192] REISERFS (device loop0): Using r5 hash to sort names [ 80.764703][ T5192] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./58/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./58/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./58/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./58/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./58") = 0 mkdir("./59", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5194 ./strace-static-x86_64: Process 5194 attached [pid 5194] chdir("./59") = 0 [pid 5194] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5194] setpgid(0, 0) = 0 [pid 5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5194] write(3, "1000", 4) = 4 [pid 5194] close(3) = 0 [pid 5194] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5194] memfd_create("syzkaller", 0) = 3 [pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5194] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5194] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5194] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5194] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5194] close(3) = 0 [pid 5194] mkdir("./file1", 0777) = 0 [ 80.893565][ T5194] loop0: detected capacity change from 0 to 8192 [ 80.903323][ T5194] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 80.916341][ T5194] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 80.925535][ T5194] REISERFS (device loop0): using ordered data mode [ 80.932093][ T5194] reiserfs: using flush barriers [ 80.937811][ T5194] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 80.954228][ T5194] REISERFS (device loop0): checking transaction log (loop0) [pid 5194] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5194] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5194] chdir("./file1") = 0 [pid 5194] ioctl(4, LOOP_CLR_FD) = 0 [pid 5194] close(4) = 0 [pid 5194] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5194] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5194] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5194] exit_group(0) = ? [pid 5194] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./59/binderfs") = 0 [ 81.001232][ T5194] REISERFS (device loop0): Using r5 hash to sort names [ 81.008439][ T5194] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./59/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./59/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./59/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./59/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./59") = 0 mkdir("./60", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5196 ./strace-static-x86_64: Process 5196 attached [pid 5196] chdir("./60") = 0 [pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5196] setpgid(0, 0) = 0 [pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5196] write(3, "1000", 4) = 4 [pid 5196] close(3) = 0 [pid 5196] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5196] memfd_create("syzkaller", 0) = 3 [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5196] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5196] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5196] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5196] close(3) = 0 [pid 5196] mkdir("./file1", 0777) = 0 [ 81.143072][ T5196] loop0: detected capacity change from 0 to 8192 [ 81.153918][ T5196] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.167005][ T5196] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.176167][ T5196] REISERFS (device loop0): using ordered data mode [ 81.182730][ T5196] reiserfs: using flush barriers [ 81.188671][ T5196] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.205101][ T5196] REISERFS (device loop0): checking transaction log (loop0) [pid 5196] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5196] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5196] chdir("./file1") = 0 [pid 5196] ioctl(4, LOOP_CLR_FD) = 0 [pid 5196] close(4) = 0 [pid 5196] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5196] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5196] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5196] exit_group(0) = ? [pid 5196] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5196, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./60/binderfs") = 0 [ 81.251234][ T5196] REISERFS (device loop0): Using r5 hash to sort names [ 81.258594][ T5196] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./60/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./60/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./60/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./60/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./60") = 0 mkdir("./61", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5198 ./strace-static-x86_64: Process 5198 attached [pid 5198] chdir("./61") = 0 [pid 5198] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5198] setpgid(0, 0) = 0 [pid 5198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5198] write(3, "1000", 4) = 4 [pid 5198] close(3) = 0 [pid 5198] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5198] memfd_create("syzkaller", 0) = 3 [pid 5198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5198] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5198] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5198] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5198] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5198] close(3) = 0 [pid 5198] mkdir("./file1", 0777) = 0 [ 81.395793][ T5198] loop0: detected capacity change from 0 to 8192 [ 81.405644][ T5198] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.418692][ T5198] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.428016][ T5198] REISERFS (device loop0): using ordered data mode [ 81.434543][ T5198] reiserfs: using flush barriers [ 81.440661][ T5198] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.457158][ T5198] REISERFS (device loop0): checking transaction log (loop0) [pid 5198] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5198] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5198] chdir("./file1") = 0 [pid 5198] ioctl(4, LOOP_CLR_FD) = 0 [pid 5198] close(4) = 0 [pid 5198] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5198] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5198] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5198] exit_group(0) = ? [pid 5198] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5198, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./61/binderfs") = 0 [ 81.503932][ T5198] REISERFS (device loop0): Using r5 hash to sort names [ 81.511078][ T5198] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./61/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./61/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./61/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./61/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./61") = 0 mkdir("./62", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5200 ./strace-static-x86_64: Process 5200 attached [pid 5200] chdir("./62") = 0 [pid 5200] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5200] setpgid(0, 0) = 0 [pid 5200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5200] write(3, "1000", 4) = 4 [pid 5200] close(3) = 0 [pid 5200] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5200] memfd_create("syzkaller", 0) = 3 [pid 5200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5200] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5200] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5200] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5200] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5200] close(3) = 0 [pid 5200] mkdir("./file1", 0777) = 0 [ 81.650993][ T5200] loop0: detected capacity change from 0 to 8192 [ 81.660232][ T5200] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.673348][ T5200] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.682684][ T5200] REISERFS (device loop0): using ordered data mode [ 81.689320][ T5200] reiserfs: using flush barriers [ 81.695023][ T5200] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.711491][ T5200] REISERFS (device loop0): checking transaction log (loop0) [pid 5200] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5200] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5200] chdir("./file1") = 0 [pid 5200] ioctl(4, LOOP_CLR_FD) = 0 [pid 5200] close(4) = 0 [pid 5200] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5200] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5200] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5200] exit_group(0) = ? [pid 5200] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5200, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./62/binderfs") = 0 [ 81.758468][ T5200] REISERFS (device loop0): Using r5 hash to sort names [ 81.765589][ T5200] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./62/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./62/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./62/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./62/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./62") = 0 mkdir("./63", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5202 ./strace-static-x86_64: Process 5202 attached [pid 5202] chdir("./63") = 0 [pid 5202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5202] setpgid(0, 0) = 0 [pid 5202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5202] write(3, "1000", 4) = 4 [pid 5202] close(3) = 0 [pid 5202] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5202] memfd_create("syzkaller", 0) = 3 [pid 5202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5202] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5202] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5202] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5202] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5202] close(3) = 0 [pid 5202] mkdir("./file1", 0777) = 0 [ 81.904357][ T5202] loop0: detected capacity change from 0 to 8192 [ 81.914706][ T5202] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.927829][ T5202] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 81.937094][ T5202] REISERFS (device loop0): using ordered data mode [ 81.943597][ T5202] reiserfs: using flush barriers [ 81.949399][ T5202] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.965723][ T5202] REISERFS (device loop0): checking transaction log (loop0) [pid 5202] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5202] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5202] chdir("./file1") = 0 [pid 5202] ioctl(4, LOOP_CLR_FD) = 0 [pid 5202] close(4) = 0 [pid 5202] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5202] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5202] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5202] exit_group(0) = ? [pid 5202] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5202, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./63/binderfs") = 0 [ 82.012600][ T5202] REISERFS (device loop0): Using r5 hash to sort names [ 82.019664][ T5202] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./63/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./63/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./63/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./63/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./63") = 0 mkdir("./64", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5204 ./strace-static-x86_64: Process 5204 attached [pid 5204] chdir("./64") = 0 [pid 5204] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5204] setpgid(0, 0) = 0 [pid 5204] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5204] write(3, "1000", 4) = 4 [pid 5204] close(3) = 0 [pid 5204] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5204] memfd_create("syzkaller", 0) = 3 [pid 5204] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5204] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5204] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5204] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5204] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5204] close(3) = 0 [pid 5204] mkdir("./file1", 0777) = 0 [ 82.147681][ T5204] loop0: detected capacity change from 0 to 8192 [ 82.158383][ T5204] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.171402][ T5204] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 82.180781][ T5204] REISERFS (device loop0): using ordered data mode [ 82.187450][ T5204] reiserfs: using flush barriers [ 82.193232][ T5204] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.209841][ T5204] REISERFS (device loop0): checking transaction log (loop0) [pid 5204] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5204] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5204] chdir("./file1") = 0 [pid 5204] ioctl(4, LOOP_CLR_FD) = 0 [pid 5204] close(4) = 0 [pid 5204] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5204] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5204] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5204] exit_group(0) = ? [pid 5204] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5204, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./64/binderfs") = 0 [ 82.252081][ T5204] REISERFS (device loop0): Using r5 hash to sort names [ 82.259252][ T5204] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./64/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./64/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./64/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./64/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./64") = 0 mkdir("./65", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5206 attached , child_tidptr=0x55555738c5d0) = 5206 [pid 5206] chdir("./65") = 0 [pid 5206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5206] setpgid(0, 0) = 0 [pid 5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5206] write(3, "1000", 4) = 4 [pid 5206] close(3) = 0 [pid 5206] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5206] memfd_create("syzkaller", 0) = 3 [pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5206] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5206] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5206] close(3) = 0 [pid 5206] mkdir("./file1", 0777) = 0 [ 82.407635][ T5206] loop0: detected capacity change from 0 to 8192 [ 82.417990][ T5206] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.431031][ T5206] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 82.440499][ T5206] REISERFS (device loop0): using ordered data mode [ 82.447307][ T5206] reiserfs: using flush barriers [ 82.453195][ T5206] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.471446][ T5206] REISERFS (device loop0): checking transaction log (loop0) [pid 5206] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5206] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5206] chdir("./file1") = 0 [pid 5206] ioctl(4, LOOP_CLR_FD) = 0 [pid 5206] close(4) = 0 [pid 5206] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5206] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5206] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5206] exit_group(0) = ? [pid 5206] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./65/binderfs") = 0 [ 82.522917][ T5206] REISERFS (device loop0): Using r5 hash to sort names [ 82.530295][ T5206] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./65/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./65/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./65/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./65/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./65") = 0 mkdir("./66", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5208 ./strace-static-x86_64: Process 5208 attached [pid 5208] chdir("./66") = 0 [pid 5208] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5208] setpgid(0, 0) = 0 [pid 5208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5208] write(3, "1000", 4) = 4 [pid 5208] close(3) = 0 [pid 5208] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5208] memfd_create("syzkaller", 0) = 3 [pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5208] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5208] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5208] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5208] close(3) = 0 [pid 5208] mkdir("./file1", 0777) = 0 [ 82.661699][ T5208] loop0: detected capacity change from 0 to 8192 [ 82.671347][ T5208] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.684665][ T5208] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 82.694126][ T5208] REISERFS (device loop0): using ordered data mode [ 82.701133][ T5208] reiserfs: using flush barriers [ 82.707144][ T5208] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.723703][ T5208] REISERFS (device loop0): checking transaction log (loop0) [pid 5208] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5208] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5208] chdir("./file1") = 0 [pid 5208] ioctl(4, LOOP_CLR_FD) = 0 [pid 5208] close(4) = 0 [pid 5208] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5208] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5208] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5208] exit_group(0) = ? [pid 5208] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5208, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./66/binderfs") = 0 [ 82.769659][ T5208] REISERFS (device loop0): Using r5 hash to sort names [ 82.776769][ T5208] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./66/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./66/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./66/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./66/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./66") = 0 mkdir("./67", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5210 ./strace-static-x86_64: Process 5210 attached [pid 5210] chdir("./67") = 0 [pid 5210] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5210] setpgid(0, 0) = 0 [pid 5210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5210] write(3, "1000", 4) = 4 [pid 5210] close(3) = 0 [pid 5210] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5210] memfd_create("syzkaller", 0) = 3 [pid 5210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5210] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5210] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5210] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5210] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5210] close(3) = 0 [pid 5210] mkdir("./file1", 0777) = 0 [ 82.909552][ T5210] loop0: detected capacity change from 0 to 8192 [ 82.919615][ T5210] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 82.932703][ T5210] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 82.942368][ T5210] REISERFS (device loop0): using ordered data mode [ 82.949071][ T5210] reiserfs: using flush barriers [ 82.954944][ T5210] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.971651][ T5210] REISERFS (device loop0): checking transaction log (loop0) [pid 5210] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5210] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5210] chdir("./file1") = 0 [pid 5210] ioctl(4, LOOP_CLR_FD) = 0 [pid 5210] close(4) = 0 [pid 5210] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5210] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5210] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5210] exit_group(0) = ? [pid 5210] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5210, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./67/binderfs") = 0 [ 83.018766][ T5210] REISERFS (device loop0): Using r5 hash to sort names [ 83.025813][ T5210] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./67/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./67/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./67/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./67") = 0 mkdir("./68", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5212 ./strace-static-x86_64: Process 5212 attached [pid 5212] chdir("./68") = 0 [pid 5212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5212] setpgid(0, 0) = 0 [pid 5212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5212] write(3, "1000", 4) = 4 [pid 5212] close(3) = 0 [pid 5212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5212] memfd_create("syzkaller", 0) = 3 [pid 5212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5212] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5212] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5212] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5212] close(3) = 0 [pid 5212] mkdir("./file1", 0777) = 0 [ 83.157505][ T5212] loop0: detected capacity change from 0 to 8192 [ 83.167869][ T5212] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.181139][ T5212] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.190822][ T5212] REISERFS (device loop0): using ordered data mode [ 83.197731][ T5212] reiserfs: using flush barriers [ 83.203701][ T5212] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.220500][ T5212] REISERFS (device loop0): checking transaction log (loop0) [pid 5212] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5212] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5212] chdir("./file1") = 0 [pid 5212] ioctl(4, LOOP_CLR_FD) = 0 [pid 5212] close(4) = 0 [pid 5212] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5212] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5212] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5212] exit_group(0) = ? [pid 5212] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5212, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./68/binderfs") = 0 [ 83.264003][ T5212] REISERFS (device loop0): Using r5 hash to sort names [ 83.271172][ T5212] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./68/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./68/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./68/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./68") = 0 mkdir("./69", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5214 ./strace-static-x86_64: Process 5214 attached [pid 5214] chdir("./69") = 0 [pid 5214] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5214] setpgid(0, 0) = 0 [pid 5214] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5214] write(3, "1000", 4) = 4 [pid 5214] close(3) = 0 [pid 5214] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5214] memfd_create("syzkaller", 0) = 3 [pid 5214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5214] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5214] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5214] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5214] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5214] close(3) = 0 [pid 5214] mkdir("./file1", 0777) = 0 [ 83.407039][ T5214] loop0: detected capacity change from 0 to 8192 [ 83.416589][ T5214] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.429977][ T5214] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.439345][ T5214] REISERFS (device loop0): using ordered data mode [ 83.445843][ T5214] reiserfs: using flush barriers [ 83.451977][ T5214] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.468552][ T5214] REISERFS (device loop0): checking transaction log (loop0) [pid 5214] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5214] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5214] chdir("./file1") = 0 [pid 5214] ioctl(4, LOOP_CLR_FD) = 0 [pid 5214] close(4) = 0 [pid 5214] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5214] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5214] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5214] exit_group(0) = ? [pid 5214] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5214, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./69/binderfs") = 0 [ 83.515025][ T5214] REISERFS (device loop0): Using r5 hash to sort names [ 83.522128][ T5214] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./69/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./69/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./69/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./69") = 0 mkdir("./70", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5216 ./strace-static-x86_64: Process 5216 attached [pid 5216] chdir("./70") = 0 [pid 5216] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5216] setpgid(0, 0) = 0 [pid 5216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5216] write(3, "1000", 4) = 4 [pid 5216] close(3) = 0 [pid 5216] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5216] memfd_create("syzkaller", 0) = 3 [pid 5216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5216] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5216] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5216] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5216] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5216] close(3) = 0 [pid 5216] mkdir("./file1", 0777) = 0 [ 83.663152][ T5216] loop0: detected capacity change from 0 to 8192 [ 83.673036][ T5216] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.686298][ T5216] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.695900][ T5216] REISERFS (device loop0): using ordered data mode [ 83.702828][ T5216] reiserfs: using flush barriers [ 83.708884][ T5216] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.725576][ T5216] REISERFS (device loop0): checking transaction log (loop0) [pid 5216] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5216] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5216] chdir("./file1") = 0 [pid 5216] ioctl(4, LOOP_CLR_FD) = 0 [pid 5216] close(4) = 0 [pid 5216] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5216] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5216] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5216] exit_group(0) = ? [pid 5216] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5216, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./70/binderfs") = 0 [ 83.772091][ T5216] REISERFS (device loop0): Using r5 hash to sort names [ 83.779175][ T5216] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./70/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./70/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./70/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./70/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./70") = 0 mkdir("./71", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5218 ./strace-static-x86_64: Process 5218 attached [pid 5218] chdir("./71") = 0 [pid 5218] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5218] setpgid(0, 0) = 0 [pid 5218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5218] write(3, "1000", 4) = 4 [pid 5218] close(3) = 0 [pid 5218] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5218] memfd_create("syzkaller", 0) = 3 [pid 5218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5218] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5218] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5218] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5218] close(3) = 0 [pid 5218] mkdir("./file1", 0777) = 0 [ 83.907447][ T5218] loop0: detected capacity change from 0 to 8192 [ 83.918209][ T5218] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 83.931233][ T5218] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 83.941119][ T5218] REISERFS (device loop0): using ordered data mode [ 83.947947][ T5218] reiserfs: using flush barriers [ 83.953675][ T5218] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 83.970262][ T5218] REISERFS (device loop0): checking transaction log (loop0) [pid 5218] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5218] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5218] chdir("./file1") = 0 [pid 5218] ioctl(4, LOOP_CLR_FD) = 0 [pid 5218] close(4) = 0 [pid 5218] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5218] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5218] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5218] exit_group(0) = ? [pid 5218] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5218, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./71/binderfs") = 0 [ 84.016499][ T5218] REISERFS (device loop0): Using r5 hash to sort names [ 84.023615][ T5218] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./71/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./71/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./71/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./71/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./71") = 0 mkdir("./72", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5220 ./strace-static-x86_64: Process 5220 attached [pid 5220] chdir("./72") = 0 [pid 5220] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5220] setpgid(0, 0) = 0 [pid 5220] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "1000", 4) = 4 [pid 5220] close(3) = 0 [pid 5220] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5220] memfd_create("syzkaller", 0) = 3 [pid 5220] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5220] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5220] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5220] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5220] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5220] close(3) = 0 [pid 5220] mkdir("./file1", 0777) = 0 [ 84.164512][ T5220] loop0: detected capacity change from 0 to 8192 [ 84.173732][ T5220] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.186865][ T5220] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.196118][ T5220] REISERFS (device loop0): using ordered data mode [ 84.202707][ T5220] reiserfs: using flush barriers [ 84.208541][ T5220] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.224981][ T5220] REISERFS (device loop0): checking transaction log (loop0) [pid 5220] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5220] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5220] chdir("./file1") = 0 [pid 5220] ioctl(4, LOOP_CLR_FD) = 0 [pid 5220] close(4) = 0 [pid 5220] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5220] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5220] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5220] exit_group(0) = ? [pid 5220] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5220, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./72/binderfs") = 0 [ 84.272226][ T5220] REISERFS (device loop0): Using r5 hash to sort names [ 84.279338][ T5220] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./72/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./72/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./72/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./72/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./72/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./72/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./72") = 0 mkdir("./73", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5222 ./strace-static-x86_64: Process 5222 attached [pid 5222] chdir("./73") = 0 [pid 5222] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5222] setpgid(0, 0) = 0 [pid 5222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "1000", 4) = 4 [pid 5222] close(3) = 0 [pid 5222] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5222] memfd_create("syzkaller", 0) = 3 [pid 5222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5222] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5222] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5222] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5222] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5222] close(3) = 0 [pid 5222] mkdir("./file1", 0777) = 0 [ 84.413476][ T5222] loop0: detected capacity change from 0 to 8192 [ 84.423190][ T5222] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.436218][ T5222] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.445444][ T5222] REISERFS (device loop0): using ordered data mode [ 84.451987][ T5222] reiserfs: using flush barriers [ 84.458012][ T5222] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.474355][ T5222] REISERFS (device loop0): checking transaction log (loop0) [pid 5222] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5222] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5222] chdir("./file1") = 0 [pid 5222] ioctl(4, LOOP_CLR_FD) = 0 [pid 5222] close(4) = 0 [pid 5222] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5222] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5222] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5222] exit_group(0) = ? [pid 5222] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5222, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./73/binderfs") = 0 [ 84.516234][ T5222] REISERFS (device loop0): Using r5 hash to sort names [ 84.523914][ T5222] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./73/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./73/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./73/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./73/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./73/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./73/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./73") = 0 mkdir("./74", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5224 ./strace-static-x86_64: Process 5224 attached [pid 5224] chdir("./74") = 0 [pid 5224] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5224] setpgid(0, 0) = 0 [pid 5224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5224] write(3, "1000", 4) = 4 [pid 5224] close(3) = 0 [pid 5224] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5224] memfd_create("syzkaller", 0) = 3 [pid 5224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5224] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5224] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5224] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5224] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5224] close(3) = 0 [pid 5224] mkdir("./file1", 0777) = 0 [ 84.645795][ T5224] loop0: detected capacity change from 0 to 8192 [ 84.655067][ T5224] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.668248][ T5224] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.677677][ T5224] REISERFS (device loop0): using ordered data mode [ 84.684421][ T5224] reiserfs: using flush barriers [ 84.690483][ T5224] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.707147][ T5224] REISERFS (device loop0): checking transaction log (loop0) [pid 5224] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5224] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5224] chdir("./file1") = 0 [pid 5224] ioctl(4, LOOP_CLR_FD) = 0 [pid 5224] close(4) = 0 [pid 5224] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5224] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5224] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5224] exit_group(0) = ? [pid 5224] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5224, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./74/binderfs") = 0 [ 84.754508][ T5224] REISERFS (device loop0): Using r5 hash to sort names [ 84.761796][ T5224] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./74/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./74/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./74/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./74/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./74/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./74/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./74") = 0 mkdir("./75", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5226 ./strace-static-x86_64: Process 5226 attached [pid 5226] chdir("./75") = 0 [pid 5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5226] setpgid(0, 0) = 0 [pid 5226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "1000", 4) = 4 [pid 5226] close(3) = 0 [pid 5226] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5226] memfd_create("syzkaller", 0) = 3 [pid 5226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5226] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5226] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5226] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5226] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5226] close(3) = 0 [pid 5226] mkdir("./file1", 0777) = 0 [ 84.891274][ T5226] loop0: detected capacity change from 0 to 8192 [ 84.900652][ T5226] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.913691][ T5226] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 84.922915][ T5226] REISERFS (device loop0): using ordered data mode [ 84.929487][ T5226] reiserfs: using flush barriers [ 84.935238][ T5226] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 84.951750][ T5226] REISERFS (device loop0): checking transaction log (loop0) [pid 5226] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5226] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5226] chdir("./file1") = 0 [pid 5226] ioctl(4, LOOP_CLR_FD) = 0 [pid 5226] close(4) = 0 [pid 5226] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5226] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5226] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5226] exit_group(0) = ? [pid 5226] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5226, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./75/binderfs") = 0 [ 84.995783][ T5226] REISERFS (device loop0): Using r5 hash to sort names [ 85.002934][ T5226] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./75/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./75/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./75/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./75/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./75/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./75/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./75") = 0 mkdir("./76", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5228 ./strace-static-x86_64: Process 5228 attached [pid 5228] chdir("./76") = 0 [pid 5228] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5228] setpgid(0, 0) = 0 [pid 5228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5228] write(3, "1000", 4) = 4 [pid 5228] close(3) = 0 [pid 5228] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5228] memfd_create("syzkaller", 0) = 3 [pid 5228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5228] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5228] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5228] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5228] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5228] close(3) = 0 [pid 5228] mkdir("./file1", 0777) = 0 [ 85.142141][ T5228] loop0: detected capacity change from 0 to 8192 [ 85.152818][ T5228] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.165958][ T5228] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.175203][ T5228] REISERFS (device loop0): using ordered data mode [ 85.181756][ T5228] reiserfs: using flush barriers [ 85.187607][ T5228] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.204105][ T5228] REISERFS (device loop0): checking transaction log (loop0) [pid 5228] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5228] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5228] chdir("./file1") = 0 [pid 5228] ioctl(4, LOOP_CLR_FD) = 0 [pid 5228] close(4) = 0 [pid 5228] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5228] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5228] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5228] exit_group(0) = ? [pid 5228] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5228, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./76/binderfs") = 0 [ 85.250804][ T5228] REISERFS (device loop0): Using r5 hash to sort names [ 85.258221][ T5228] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./76/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./76/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./76/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./76/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./76/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./76/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./76") = 0 mkdir("./77", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5230 ./strace-static-x86_64: Process 5230 attached [pid 5230] chdir("./77") = 0 [pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5230] setpgid(0, 0) = 0 [pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5230] write(3, "1000", 4) = 4 [pid 5230] close(3) = 0 [pid 5230] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5230] memfd_create("syzkaller", 0) = 3 [pid 5230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5230] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5230] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5230] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5230] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5230] close(3) = 0 [pid 5230] mkdir("./file1", 0777) = 0 [ 85.386297][ T5230] loop0: detected capacity change from 0 to 8192 [ 85.395769][ T5230] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.409656][ T5230] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.419145][ T5230] REISERFS (device loop0): using ordered data mode [ 85.425642][ T5230] reiserfs: using flush barriers [ 85.431591][ T5230] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.448510][ T5230] REISERFS (device loop0): checking transaction log (loop0) [pid 5230] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5230] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5230] chdir("./file1") = 0 [pid 5230] ioctl(4, LOOP_CLR_FD) = 0 [pid 5230] close(4) = 0 [pid 5230] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5230] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5230] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5230] exit_group(0) = ? [pid 5230] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./77/binderfs") = 0 [ 85.497656][ T5230] REISERFS (device loop0): Using r5 hash to sort names [ 85.504707][ T5230] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./77/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./77/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./77/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./77/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./77/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./77/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./77") = 0 mkdir("./78", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5232 ./strace-static-x86_64: Process 5232 attached [pid 5232] chdir("./78") = 0 [pid 5232] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5232] setpgid(0, 0) = 0 [pid 5232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5232] write(3, "1000", 4) = 4 [pid 5232] close(3) = 0 [pid 5232] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5232] memfd_create("syzkaller", 0) = 3 [pid 5232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5232] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5232] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5232] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5232] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5232] close(3) = 0 [pid 5232] mkdir("./file1", 0777) = 0 [ 85.642598][ T5232] loop0: detected capacity change from 0 to 8192 [ 85.653802][ T5232] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.667168][ T5232] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.676331][ T5232] REISERFS (device loop0): using ordered data mode [ 85.683288][ T5232] reiserfs: using flush barriers [ 85.689325][ T5232] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.705788][ T5232] REISERFS (device loop0): checking transaction log (loop0) [pid 5232] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5232] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5232] chdir("./file1") = 0 [pid 5232] ioctl(4, LOOP_CLR_FD) = 0 [pid 5232] close(4) = 0 [pid 5232] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5232] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5232] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5232] exit_group(0) = ? [pid 5232] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5232, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./78/binderfs") = 0 [ 85.751876][ T5232] REISERFS (device loop0): Using r5 hash to sort names [ 85.758950][ T5232] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./78/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./78/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./78/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./78/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./78/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./78/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./78") = 0 mkdir("./79", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5234 ./strace-static-x86_64: Process 5234 attached [pid 5234] chdir("./79") = 0 [pid 5234] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5234] setpgid(0, 0) = 0 [pid 5234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5234] write(3, "1000", 4) = 4 [pid 5234] close(3) = 0 [pid 5234] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5234] memfd_create("syzkaller", 0) = 3 [pid 5234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5234] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5234] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5234] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5234] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5234] close(3) = 0 [pid 5234] mkdir("./file1", 0777) = 0 [ 85.911027][ T5234] loop0: detected capacity change from 0 to 8192 [ 85.922198][ T5234] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 85.935226][ T5234] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 85.944454][ T5234] REISERFS (device loop0): using ordered data mode [ 85.951023][ T5234] reiserfs: using flush barriers [ 85.956689][ T5234] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 85.973270][ T5234] REISERFS (device loop0): checking transaction log (loop0) [pid 5234] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5234] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5234] chdir("./file1") = 0 [pid 5234] ioctl(4, LOOP_CLR_FD) = 0 [pid 5234] close(4) = 0 [pid 5234] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5234] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5234] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5234] exit_group(0) = ? [pid 5234] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5234, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./79/binderfs") = 0 [ 86.021187][ T5234] REISERFS (device loop0): Using r5 hash to sort names [ 86.028666][ T5234] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./79/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./79/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./79/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./79/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./79/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./79/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./79") = 0 mkdir("./80", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5236 ./strace-static-x86_64: Process 5236 attached [pid 5236] chdir("./80") = 0 [pid 5236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5236] setpgid(0, 0) = 0 [pid 5236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5236] write(3, "1000", 4) = 4 [pid 5236] close(3) = 0 [pid 5236] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5236] memfd_create("syzkaller", 0) = 3 [pid 5236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5236] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5236] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5236] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5236] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5236] close(3) = 0 [pid 5236] mkdir("./file1", 0777) = 0 [ 86.167907][ T5236] loop0: detected capacity change from 0 to 8192 [ 86.176993][ T5236] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.190345][ T5236] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.199543][ T5236] REISERFS (device loop0): using ordered data mode [ 86.206044][ T5236] reiserfs: using flush barriers [ 86.212002][ T5236] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.228380][ T5236] REISERFS (device loop0): checking transaction log (loop0) [pid 5236] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5236] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5236] chdir("./file1") = 0 [pid 5236] ioctl(4, LOOP_CLR_FD) = 0 [pid 5236] close(4) = 0 [pid 5236] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5236] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5236] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5236] exit_group(0) = ? [pid 5236] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5236, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./80/binderfs") = 0 [ 86.275553][ T5236] REISERFS (device loop0): Using r5 hash to sort names [ 86.283044][ T5236] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./80/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./80/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./80/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./80/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./80/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./80/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./80") = 0 mkdir("./81", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5238 ./strace-static-x86_64: Process 5238 attached [pid 5238] chdir("./81") = 0 [pid 5238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5238] setpgid(0, 0) = 0 [pid 5238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5238] write(3, "1000", 4) = 4 [pid 5238] close(3) = 0 [pid 5238] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5238] memfd_create("syzkaller", 0) = 3 [pid 5238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5238] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5238] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5238] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5238] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5238] close(3) = 0 [pid 5238] mkdir("./file1", 0777) = 0 [ 86.409516][ T5238] loop0: detected capacity change from 0 to 8192 [ 86.420183][ T5238] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.433241][ T5238] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.442465][ T5238] REISERFS (device loop0): using ordered data mode [ 86.449061][ T5238] reiserfs: using flush barriers [ 86.454846][ T5238] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.471293][ T5238] REISERFS (device loop0): checking transaction log (loop0) [pid 5238] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5238] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5238] chdir("./file1") = 0 [pid 5238] ioctl(4, LOOP_CLR_FD) = 0 [pid 5238] close(4) = 0 [pid 5238] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5238] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5238] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5238] exit_group(0) = ? [pid 5238] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5238, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./81/binderfs") = 0 [ 86.517032][ T5238] REISERFS (device loop0): Using r5 hash to sort names [ 86.524058][ T5238] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./81/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./81/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./81/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./81/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./81/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./81/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./81") = 0 mkdir("./82", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5240 ./strace-static-x86_64: Process 5240 attached [pid 5240] chdir("./82") = 0 [pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5240] setpgid(0, 0) = 0 [pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5240] write(3, "1000", 4) = 4 [pid 5240] close(3) = 0 [pid 5240] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5240] memfd_create("syzkaller", 0) = 3 [pid 5240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5240] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5240] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5240] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5240] close(3) = 0 [pid 5240] mkdir("./file1", 0777) = 0 [ 86.670132][ T5240] loop0: detected capacity change from 0 to 8192 [ 86.679330][ T5240] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.692390][ T5240] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.701899][ T5240] REISERFS (device loop0): using ordered data mode [ 86.708725][ T5240] reiserfs: using flush barriers [ 86.714484][ T5240] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.731235][ T5240] REISERFS (device loop0): checking transaction log (loop0) [pid 5240] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5240] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5240] chdir("./file1") = 0 [pid 5240] ioctl(4, LOOP_CLR_FD) = 0 [pid 5240] close(4) = 0 [pid 5240] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5240] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5240] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5240] exit_group(0) = ? [pid 5240] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5240, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./82/binderfs") = 0 [ 86.781051][ T5240] REISERFS (device loop0): Using r5 hash to sort names [ 86.788129][ T5240] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./82/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./82/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./82/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./82/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./82/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./82/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./82") = 0 mkdir("./83", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5242 ./strace-static-x86_64: Process 5242 attached [pid 5242] chdir("./83") = 0 [pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5242] setpgid(0, 0) = 0 [pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5242] write(3, "1000", 4) = 4 [pid 5242] close(3) = 0 [pid 5242] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5242] memfd_create("syzkaller", 0) = 3 [pid 5242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5242] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5242] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5242] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5242] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5242] close(3) = 0 [pid 5242] mkdir("./file1", 0777) = 0 [ 86.932046][ T5242] loop0: detected capacity change from 0 to 8192 [ 86.942479][ T5242] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.955676][ T5242] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 86.965062][ T5242] REISERFS (device loop0): using ordered data mode [ 86.971720][ T5242] reiserfs: using flush barriers [ 86.977573][ T5242] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.993893][ T5242] REISERFS (device loop0): checking transaction log (loop0) [pid 5242] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5242] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5242] chdir("./file1") = 0 [pid 5242] ioctl(4, LOOP_CLR_FD) = 0 [pid 5242] close(4) = 0 [pid 5242] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5242] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5242] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5242] exit_group(0) = ? [pid 5242] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5242, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./83/binderfs") = 0 [ 87.035057][ T5242] REISERFS (device loop0): Using r5 hash to sort names [ 87.042111][ T5242] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./83/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./83/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./83/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./83/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./83/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./83/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./83") = 0 mkdir("./84", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5244 ./strace-static-x86_64: Process 5244 attached [pid 5244] chdir("./84") = 0 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5244] setpgid(0, 0) = 0 [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5244] write(3, "1000", 4) = 4 [pid 5244] close(3) = 0 [pid 5244] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5244] memfd_create("syzkaller", 0) = 3 [pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5244] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5244] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5244] close(3) = 0 [pid 5244] mkdir("./file1", 0777) = 0 [ 87.186414][ T5244] loop0: detected capacity change from 0 to 8192 [ 87.205861][ T5244] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.219147][ T5244] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 87.228688][ T5244] REISERFS (device loop0): using ordered data mode [ 87.235187][ T5244] reiserfs: using flush barriers [ 87.241014][ T5244] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.257454][ T5244] REISERFS (device loop0): checking transaction log (loop0) [pid 5244] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5244] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5244] chdir("./file1") = 0 [pid 5244] ioctl(4, LOOP_CLR_FD) = 0 [pid 5244] close(4) = 0 [pid 5244] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5244] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5244] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5244] exit_group(0) = ? [pid 5244] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5244, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./84/binderfs") = 0 [ 87.303637][ T5244] REISERFS (device loop0): Using r5 hash to sort names [ 87.310745][ T5244] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./84/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./84/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./84/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./84/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./84/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./84/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./84") = 0 mkdir("./85", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5246 ./strace-static-x86_64: Process 5246 attached [pid 5246] chdir("./85") = 0 [pid 5246] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5246] setpgid(0, 0) = 0 [pid 5246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5246] write(3, "1000", 4) = 4 [pid 5246] close(3) = 0 [pid 5246] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5246] memfd_create("syzkaller", 0) = 3 [pid 5246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5246] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5246] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5246] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5246] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5246] close(3) = 0 [pid 5246] mkdir("./file1", 0777) = 0 [ 87.448026][ T5246] loop0: detected capacity change from 0 to 8192 [ 87.457652][ T5246] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.470678][ T5246] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 87.480150][ T5246] REISERFS (device loop0): using ordered data mode [ 87.486652][ T5246] reiserfs: using flush barriers [ 87.492935][ T5246] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.509447][ T5246] REISERFS (device loop0): checking transaction log (loop0) [pid 5246] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5246] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5246] chdir("./file1") = 0 [pid 5246] ioctl(4, LOOP_CLR_FD) = 0 [pid 5246] close(4) = 0 [pid 5246] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5246] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5246] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5246] exit_group(0) = ? [pid 5246] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5246, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./85/binderfs") = 0 [ 87.556623][ T5246] REISERFS (device loop0): Using r5 hash to sort names [ 87.564025][ T5246] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./85/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./85/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./85/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./85/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./85/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./85/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./85") = 0 mkdir("./86", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5248 ./strace-static-x86_64: Process 5248 attached [pid 5248] chdir("./86") = 0 [pid 5248] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5248] setpgid(0, 0) = 0 [pid 5248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5248] write(3, "1000", 4) = 4 [pid 5248] close(3) = 0 [pid 5248] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5248] memfd_create("syzkaller", 0) = 3 [pid 5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5248] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5248] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5248] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5248] close(3) = 0 [pid 5248] mkdir("./file1", 0777) = 0 [ 87.701215][ T5248] loop0: detected capacity change from 0 to 8192 [ 87.710632][ T5248] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.723606][ T5248] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 87.732900][ T5248] REISERFS (device loop0): using ordered data mode [ 87.739423][ T5248] reiserfs: using flush barriers [ 87.745249][ T5248] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 87.761650][ T5248] REISERFS (device loop0): checking transaction log (loop0) [pid 5248] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5248] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5248] chdir("./file1") = 0 [pid 5248] ioctl(4, LOOP_CLR_FD) = 0 [pid 5248] close(4) = 0 [pid 5248] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5248] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5248] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5248] exit_group(0) = ? [pid 5248] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5248, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./86/binderfs") = 0 [ 87.809518][ T5248] REISERFS (device loop0): Using r5 hash to sort names [ 87.817028][ T5248] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./86/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./86/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./86/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./86/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./86/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./86/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./86") = 0 mkdir("./87", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5250 ./strace-static-x86_64: Process 5250 attached [pid 5250] chdir("./87") = 0 [pid 5250] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5250] setpgid(0, 0) = 0 [pid 5250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5250] write(3, "1000", 4) = 4 [pid 5250] close(3) = 0 [pid 5250] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5250] memfd_create("syzkaller", 0) = 3 [pid 5250] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5250] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5250] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5250] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5250] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5250] close(3) = 0 [pid 5250] mkdir("./file1", 0777) = 0 [ 87.951112][ T5250] loop0: detected capacity change from 0 to 8192 [ 87.960329][ T5250] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 87.973673][ T5250] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 87.983074][ T5250] REISERFS (device loop0): using ordered data mode [ 87.989750][ T5250] reiserfs: using flush barriers [ 87.995621][ T5250] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.012228][ T5250] REISERFS (device loop0): checking transaction log (loop0) [pid 5250] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5250] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5250] chdir("./file1") = 0 [pid 5250] ioctl(4, LOOP_CLR_FD) = 0 [pid 5250] close(4) = 0 [pid 5250] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5250] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5250] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5250] exit_group(0) = ? [pid 5250] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5250, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./87/binderfs") = 0 [ 88.059399][ T5250] REISERFS (device loop0): Using r5 hash to sort names [ 88.066970][ T5250] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./87/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./87/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./87/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./87/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./87/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./87/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./87") = 0 mkdir("./88", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5252 ./strace-static-x86_64: Process 5252 attached [pid 5252] chdir("./88") = 0 [pid 5252] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5252] setpgid(0, 0) = 0 [pid 5252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5252] write(3, "1000", 4) = 4 [pid 5252] close(3) = 0 [pid 5252] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5252] memfd_create("syzkaller", 0) = 3 [pid 5252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5252] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5252] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5252] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5252] close(3) = 0 [pid 5252] mkdir("./file1", 0777) = 0 [ 88.206470][ T5252] loop0: detected capacity change from 0 to 8192 [ 88.216254][ T5252] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.229245][ T5252] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.238449][ T5252] REISERFS (device loop0): using ordered data mode [ 88.244946][ T5252] reiserfs: using flush barriers [ 88.250910][ T5252] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.267398][ T5252] REISERFS (device loop0): checking transaction log (loop0) [pid 5252] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5252] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5252] chdir("./file1") = 0 [pid 5252] ioctl(4, LOOP_CLR_FD) = 0 [pid 5252] close(4) = 0 [pid 5252] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5252] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5252] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5252] exit_group(0) = ? [pid 5252] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5252, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./88/binderfs") = 0 [ 88.309002][ T5252] REISERFS (device loop0): Using r5 hash to sort names [ 88.316038][ T5252] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./88/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./88/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./88/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./88/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./88/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./88/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./88") = 0 mkdir("./89", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5254 ./strace-static-x86_64: Process 5254 attached [pid 5254] chdir("./89") = 0 [pid 5254] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5254] setpgid(0, 0) = 0 [pid 5254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5254] write(3, "1000", 4) = 4 [pid 5254] close(3) = 0 [pid 5254] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5254] memfd_create("syzkaller", 0) = 3 [pid 5254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5254] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5254] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5254] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5254] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5254] close(3) = 0 [pid 5254] mkdir("./file1", 0777) = 0 [ 88.451954][ T5254] loop0: detected capacity change from 0 to 8192 [ 88.471699][ T5254] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.484981][ T5254] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.494713][ T5254] REISERFS (device loop0): using ordered data mode [ 88.501325][ T5254] reiserfs: using flush barriers [ 88.507354][ T5254] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.523953][ T5254] REISERFS (device loop0): checking transaction log (loop0) [pid 5254] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5254] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5254] chdir("./file1") = 0 [pid 5254] ioctl(4, LOOP_CLR_FD) = 0 [pid 5254] close(4) = 0 [pid 5254] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5254] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5254] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5254] exit_group(0) = ? [pid 5254] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5254, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./89/binderfs") = 0 [ 88.570650][ T5254] REISERFS (device loop0): Using r5 hash to sort names [ 88.577720][ T5254] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./89/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./89/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./89/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./89/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./89/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./89/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./89") = 0 mkdir("./90", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5256 ./strace-static-x86_64: Process 5256 attached [pid 5256] chdir("./90") = 0 [pid 5256] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5256] setpgid(0, 0) = 0 [pid 5256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5256] write(3, "1000", 4) = 4 [pid 5256] close(3) = 0 [pid 5256] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5256] memfd_create("syzkaller", 0) = 3 [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5256] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5256] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5256] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5256] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5256] close(3) = 0 [pid 5256] mkdir("./file1", 0777) = 0 [ 88.706400][ T5256] loop0: detected capacity change from 0 to 8192 [ 88.715613][ T5256] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.728824][ T5256] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.738059][ T5256] REISERFS (device loop0): using ordered data mode [ 88.744560][ T5256] reiserfs: using flush barriers [ 88.750470][ T5256] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.766838][ T5256] REISERFS (device loop0): checking transaction log (loop0) [pid 5256] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5256] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5256] chdir("./file1") = 0 [pid 5256] ioctl(4, LOOP_CLR_FD) = 0 [pid 5256] close(4) = 0 [pid 5256] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5256] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5256] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5256] exit_group(0) = ? [pid 5256] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5256, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./90/binderfs") = 0 [ 88.817452][ T5256] REISERFS (device loop0): Using r5 hash to sort names [ 88.824878][ T5256] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./90/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./90/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./90/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./90/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./90/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./90/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./90") = 0 mkdir("./91", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5258 ./strace-static-x86_64: Process 5258 attached [pid 5258] chdir("./91") = 0 [pid 5258] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5258] setpgid(0, 0) = 0 [pid 5258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5258] write(3, "1000", 4) = 4 [pid 5258] close(3) = 0 [pid 5258] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5258] memfd_create("syzkaller", 0) = 3 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5258] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5258] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5258] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5258] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5258] close(3) = 0 [pid 5258] mkdir("./file1", 0777) = 0 [ 88.949630][ T5258] loop0: detected capacity change from 0 to 8192 [ 88.961173][ T5258] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.974223][ T5258] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.983580][ T5258] REISERFS (device loop0): using ordered data mode [ 88.990142][ T5258] reiserfs: using flush barriers [ 88.996061][ T5258] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.012794][ T5258] REISERFS (device loop0): checking transaction log (loop0) [pid 5258] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5258] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5258] chdir("./file1") = 0 [pid 5258] ioctl(4, LOOP_CLR_FD) = 0 [pid 5258] close(4) = 0 [pid 5258] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5258] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5258] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5258] exit_group(0) = ? [pid 5258] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5258, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./91/binderfs") = 0 [ 89.053657][ T5258] REISERFS (device loop0): Using r5 hash to sort names [ 89.060748][ T5258] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./91/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./91/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./91/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./91/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./91/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./91/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./91") = 0 mkdir("./92", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5260 ./strace-static-x86_64: Process 5260 attached [pid 5260] chdir("./92") = 0 [pid 5260] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5260] setpgid(0, 0) = 0 [pid 5260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5260] write(3, "1000", 4) = 4 [pid 5260] close(3) = 0 [pid 5260] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5260] memfd_create("syzkaller", 0) = 3 [pid 5260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5260] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5260] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5260] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5260] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5260] close(3) = 0 [pid 5260] mkdir("./file1", 0777) = 0 [ 89.196987][ T5260] loop0: detected capacity change from 0 to 8192 [ 89.217830][ T5260] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.231105][ T5260] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 89.241133][ T5260] REISERFS (device loop0): using ordered data mode [ 89.247829][ T5260] reiserfs: using flush barriers [ 89.253485][ T5260] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.270159][ T5260] REISERFS (device loop0): checking transaction log (loop0) [pid 5260] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5260] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5260] chdir("./file1") = 0 [pid 5260] ioctl(4, LOOP_CLR_FD) = 0 [pid 5260] close(4) = 0 [pid 5260] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5260] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5260] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5260] exit_group(0) = ? [pid 5260] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5260, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./92/binderfs") = 0 [ 89.317654][ T5260] REISERFS (device loop0): Using r5 hash to sort names [ 89.324683][ T5260] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./92/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./92/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./92/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./92/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./92/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./92/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./92") = 0 mkdir("./93", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5262 ./strace-static-x86_64: Process 5262 attached [pid 5262] chdir("./93") = 0 [pid 5262] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5262] setpgid(0, 0) = 0 [pid 5262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5262] write(3, "1000", 4) = 4 [pid 5262] close(3) = 0 [pid 5262] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5262] memfd_create("syzkaller", 0) = 3 [pid 5262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5262] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5262] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5262] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5262] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5262] close(3) = 0 [pid 5262] mkdir("./file1", 0777) = 0 [ 89.460917][ T5262] loop0: detected capacity change from 0 to 8192 [ 89.470496][ T5262] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.483703][ T5262] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 89.493062][ T5262] REISERFS (device loop0): using ordered data mode [ 89.499723][ T5262] reiserfs: using flush barriers [ 89.505473][ T5262] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.522372][ T5262] REISERFS (device loop0): checking transaction log (loop0) [pid 5262] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5262] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5262] chdir("./file1") = 0 [pid 5262] ioctl(4, LOOP_CLR_FD) = 0 [pid 5262] close(4) = 0 [pid 5262] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5262] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5262] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5262] exit_group(0) = ? [pid 5262] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5262, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./93/binderfs") = 0 [ 89.572249][ T5262] REISERFS (device loop0): Using r5 hash to sort names [ 89.579707][ T5262] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./93/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./93/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./93/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./93/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./93/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./93/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./93") = 0 mkdir("./94", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5264 ./strace-static-x86_64: Process 5264 attached [pid 5264] chdir("./94") = 0 [pid 5264] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5264] setpgid(0, 0) = 0 [pid 5264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5264] write(3, "1000", 4) = 4 [pid 5264] close(3) = 0 [pid 5264] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5264] memfd_create("syzkaller", 0) = 3 [pid 5264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5264] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5264] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5264] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5264] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5264] close(3) = 0 [pid 5264] mkdir("./file1", 0777) = 0 [ 89.716141][ T5264] loop0: detected capacity change from 0 to 8192 [ 89.726999][ T5264] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.740112][ T5264] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 89.749543][ T5264] REISERFS (device loop0): using ordered data mode [ 89.756050][ T5264] reiserfs: using flush barriers [ 89.761847][ T5264] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.778277][ T5264] REISERFS (device loop0): checking transaction log (loop0) [pid 5264] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5264] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5264] chdir("./file1") = 0 [pid 5264] ioctl(4, LOOP_CLR_FD) = 0 [pid 5264] close(4) = 0 [pid 5264] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5264] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5264] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5264] exit_group(0) = ? [pid 5264] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5264, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./94/binderfs") = 0 [ 89.821315][ T5264] REISERFS (device loop0): Using r5 hash to sort names [ 89.828644][ T5264] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./94/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./94/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./94/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./94/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./94/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./94/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./94") = 0 mkdir("./95", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5266 ./strace-static-x86_64: Process 5266 attached [pid 5266] chdir("./95") = 0 [pid 5266] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5266] setpgid(0, 0) = 0 [pid 5266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5266] write(3, "1000", 4) = 4 [pid 5266] close(3) = 0 [pid 5266] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5266] memfd_create("syzkaller", 0) = 3 [pid 5266] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5266] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5266] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5266] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5266] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5266] close(3) = 0 [pid 5266] mkdir("./file1", 0777) = 0 [ 89.972967][ T5266] loop0: detected capacity change from 0 to 8192 [ 89.982241][ T5266] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 89.995722][ T5266] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.005299][ T5266] REISERFS (device loop0): using ordered data mode [ 90.012039][ T5266] reiserfs: using flush barriers [ 90.018085][ T5266] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.034594][ T5266] REISERFS (device loop0): checking transaction log (loop0) [pid 5266] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5266] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5266] chdir("./file1") = 0 [pid 5266] ioctl(4, LOOP_CLR_FD) = 0 [pid 5266] close(4) = 0 [pid 5266] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5266] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5266] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5266] exit_group(0) = ? [pid 5266] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5266, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./95/binderfs") = 0 [ 90.091231][ T5266] REISERFS (device loop0): Using r5 hash to sort names [ 90.098530][ T5266] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./95/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./95/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./95/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./95/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./95/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./95/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./95") = 0 mkdir("./96", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5268 ./strace-static-x86_64: Process 5268 attached [pid 5268] chdir("./96") = 0 [pid 5268] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5268] setpgid(0, 0) = 0 [pid 5268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5268] write(3, "1000", 4) = 4 [pid 5268] close(3) = 0 [pid 5268] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5268] memfd_create("syzkaller", 0) = 3 [pid 5268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5268] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5268] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5268] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5268] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5268] close(3) = 0 [pid 5268] mkdir("./file1", 0777) = 0 [ 90.225710][ T5268] loop0: detected capacity change from 0 to 8192 [ 90.236639][ T5268] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.249613][ T5268] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.258835][ T5268] REISERFS (device loop0): using ordered data mode [ 90.265344][ T5268] reiserfs: using flush barriers [ 90.271323][ T5268] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.287683][ T5268] REISERFS (device loop0): checking transaction log (loop0) [pid 5268] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5268] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5268] chdir("./file1") = 0 [pid 5268] ioctl(4, LOOP_CLR_FD) = 0 [pid 5268] close(4) = 0 [pid 5268] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5268] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5268] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5268] exit_group(0) = ? [pid 5268] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5268, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./96/binderfs") = 0 [ 90.333820][ T5268] REISERFS (device loop0): Using r5 hash to sort names [ 90.340898][ T5268] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./96/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./96/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./96/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./96/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./96/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./96/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./96") = 0 mkdir("./97", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5270 ./strace-static-x86_64: Process 5270 attached [pid 5270] chdir("./97") = 0 [pid 5270] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5270] setpgid(0, 0) = 0 [pid 5270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5270] write(3, "1000", 4) = 4 [pid 5270] close(3) = 0 [pid 5270] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5270] memfd_create("syzkaller", 0) = 3 [pid 5270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5270] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5270] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5270] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5270] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5270] close(3) = 0 [pid 5270] mkdir("./file1", 0777) = 0 [ 90.487248][ T5270] loop0: detected capacity change from 0 to 8192 [ 90.496681][ T5270] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.509750][ T5270] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.518981][ T5270] REISERFS (device loop0): using ordered data mode [ 90.525482][ T5270] reiserfs: using flush barriers [ 90.531453][ T5270] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.547977][ T5270] REISERFS (device loop0): checking transaction log (loop0) [pid 5270] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5270] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5270] chdir("./file1") = 0 [pid 5270] ioctl(4, LOOP_CLR_FD) = 0 [pid 5270] close(4) = 0 [pid 5270] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5270] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5270] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5270] exit_group(0) = ? [pid 5270] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5270, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./97/binderfs") = 0 [ 90.595534][ T5270] REISERFS (device loop0): Using r5 hash to sort names [ 90.602634][ T5270] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./97/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./97/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./97/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./97/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./97/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./97/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./97") = 0 mkdir("./98", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5272 ./strace-static-x86_64: Process 5272 attached [pid 5272] chdir("./98") = 0 [pid 5272] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5272] setpgid(0, 0) = 0 [pid 5272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5272] write(3, "1000", 4) = 4 [pid 5272] close(3) = 0 [pid 5272] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5272] memfd_create("syzkaller", 0) = 3 [pid 5272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5272] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5272] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5272] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5272] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5272] close(3) = 0 [pid 5272] mkdir("./file1", 0777) = 0 [ 90.730408][ T5272] loop0: detected capacity change from 0 to 8192 [ 90.739859][ T5272] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.752893][ T5272] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 90.762118][ T5272] REISERFS (device loop0): using ordered data mode [ 90.768907][ T5272] reiserfs: using flush barriers [ 90.774570][ T5272] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.790995][ T5272] REISERFS (device loop0): checking transaction log (loop0) [pid 5272] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5272] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5272] chdir("./file1") = 0 [pid 5272] ioctl(4, LOOP_CLR_FD) = 0 [pid 5272] close(4) = 0 [pid 5272] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5272] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5272] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5272] exit_group(0) = ? [pid 5272] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5272, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./98/binderfs") = 0 [ 90.835021][ T5272] REISERFS (device loop0): Using r5 hash to sort names [ 90.842379][ T5272] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./98/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./98/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./98/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./98/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./98/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./98/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./98") = 0 mkdir("./99", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5274 ./strace-static-x86_64: Process 5274 attached [pid 5274] chdir("./99") = 0 [pid 5274] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5274] setpgid(0, 0) = 0 [pid 5274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5274] write(3, "1000", 4) = 4 [pid 5274] close(3) = 0 [pid 5274] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5274] memfd_create("syzkaller", 0) = 3 [pid 5274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5274] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5274] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5274] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5274] close(3) = 0 [pid 5274] mkdir("./file1", 0777) = 0 [ 90.997537][ T5274] loop0: detected capacity change from 0 to 8192 [ 91.007022][ T5274] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.020260][ T5274] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.029850][ T5274] REISERFS (device loop0): using ordered data mode [ 91.036347][ T5274] reiserfs: using flush barriers [ 91.042274][ T5274] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.058765][ T5274] REISERFS (device loop0): checking transaction log (loop0) [pid 5274] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5274] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5274] chdir("./file1") = 0 [pid 5274] ioctl(4, LOOP_CLR_FD) = 0 [pid 5274] close(4) = 0 [pid 5274] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5274] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5274] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5274] exit_group(0) = ? [pid 5274] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5274, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./99/binderfs") = 0 [ 91.102273][ T5274] REISERFS (device loop0): Using r5 hash to sort names [ 91.109602][ T5274] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./99/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./99/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./99/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./99/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./99/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./99/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./99") = 0 mkdir("./100", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5276 ./strace-static-x86_64: Process 5276 attached [pid 5276] chdir("./100") = 0 [pid 5276] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5276] setpgid(0, 0) = 0 [pid 5276] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5276] write(3, "1000", 4) = 4 [pid 5276] close(3) = 0 [pid 5276] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5276] memfd_create("syzkaller", 0) = 3 [pid 5276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5276] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5276] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5276] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5276] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5276] close(3) = 0 [pid 5276] mkdir("./file1", 0777) = 0 [ 91.233624][ T5276] loop0: detected capacity change from 0 to 8192 [ 91.244926][ T5276] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.257904][ T5276] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.267117][ T5276] REISERFS (device loop0): using ordered data mode [ 91.273626][ T5276] reiserfs: using flush barriers [ 91.279696][ T5276] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.296135][ T5276] REISERFS (device loop0): checking transaction log (loop0) [pid 5276] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5276] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5276] chdir("./file1") = 0 [pid 5276] ioctl(4, LOOP_CLR_FD) = 0 [pid 5276] close(4) = 0 [pid 5276] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5276] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5276] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5276] exit_group(0) = ? [pid 5276] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5276, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./100/binderfs") = 0 [ 91.337613][ T5276] REISERFS (device loop0): Using r5 hash to sort names [ 91.344902][ T5276] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./100/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./100/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./100/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./100/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./100/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./100/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./100") = 0 mkdir("./101", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5278 ./strace-static-x86_64: Process 5278 attached [pid 5278] chdir("./101") = 0 [pid 5278] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5278] setpgid(0, 0) = 0 [pid 5278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5278] write(3, "1000", 4) = 4 [pid 5278] close(3) = 0 [pid 5278] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5278] memfd_create("syzkaller", 0) = 3 [pid 5278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5278] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5278] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5278] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5278] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5278] close(3) = 0 [pid 5278] mkdir("./file1", 0777) = 0 [ 91.477918][ T5278] loop0: detected capacity change from 0 to 8192 [ 91.488866][ T5278] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.502101][ T5278] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.511808][ T5278] REISERFS (device loop0): using ordered data mode [ 91.518709][ T5278] reiserfs: using flush barriers [ 91.524588][ T5278] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.541233][ T5278] REISERFS (device loop0): checking transaction log (loop0) [pid 5278] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5278] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5278] chdir("./file1") = 0 [pid 5278] ioctl(4, LOOP_CLR_FD) = 0 [pid 5278] close(4) = 0 [pid 5278] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5278] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5278] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5278] exit_group(0) = ? [pid 5278] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5278, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./101/binderfs") = 0 [ 91.582928][ T5278] REISERFS (device loop0): Using r5 hash to sort names [ 91.590082][ T5278] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./101/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./101/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./101/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./101/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./101/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./101/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./101") = 0 mkdir("./102", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5280 ./strace-static-x86_64: Process 5280 attached [pid 5280] chdir("./102") = 0 [pid 5280] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5280] setpgid(0, 0) = 0 [pid 5280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5280] write(3, "1000", 4) = 4 [pid 5280] close(3) = 0 [pid 5280] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5280] memfd_create("syzkaller", 0) = 3 [pid 5280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5280] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5280] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5280] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5280] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5280] close(3) = 0 [pid 5280] mkdir("./file1", 0777) = 0 [ 91.727859][ T5280] loop0: detected capacity change from 0 to 8192 [ 91.738797][ T5280] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.751768][ T5280] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 91.761571][ T5280] REISERFS (device loop0): using ordered data mode [ 91.768085][ T5280] reiserfs: using flush barriers [ 91.773710][ T5280] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 91.790280][ T5280] REISERFS (device loop0): checking transaction log (loop0) [pid 5280] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5280] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5280] chdir("./file1") = 0 [pid 5280] ioctl(4, LOOP_CLR_FD) = 0 [pid 5280] close(4) = 0 [pid 5280] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5280] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5280] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5280] exit_group(0) = ? [pid 5280] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5280, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./102/binderfs") = 0 [ 91.836952][ T5280] REISERFS (device loop0): Using r5 hash to sort names [ 91.844134][ T5280] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./102/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./102/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./102/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./102/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./102/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./102/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./102") = 0 mkdir("./103", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5282 attached , child_tidptr=0x55555738c5d0) = 5282 [pid 5282] chdir("./103") = 0 [pid 5282] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5282] setpgid(0, 0) = 0 [pid 5282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5282] write(3, "1000", 4) = 4 [pid 5282] close(3) = 0 [pid 5282] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5282] memfd_create("syzkaller", 0) = 3 [pid 5282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5282] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5282] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5282] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5282] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5282] close(3) = 0 [pid 5282] mkdir("./file1", 0777) = 0 [ 91.991084][ T5282] loop0: detected capacity change from 0 to 8192 [ 92.001800][ T5282] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.014891][ T5282] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.024077][ T5282] REISERFS (device loop0): using ordered data mode [ 92.030647][ T5282] reiserfs: using flush barriers [ 92.036283][ T5282] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.052747][ T5282] REISERFS (device loop0): checking transaction log (loop0) [pid 5282] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5282] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5282] chdir("./file1") = 0 [pid 5282] ioctl(4, LOOP_CLR_FD) = 0 [pid 5282] close(4) = 0 [pid 5282] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5282] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5282] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5282] exit_group(0) = ? [pid 5282] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5282, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./103/binderfs") = 0 [ 92.103132][ T5282] REISERFS (device loop0): Using r5 hash to sort names [ 92.110329][ T5282] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./103/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./103/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./103/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./103/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./103/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./103/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./103") = 0 mkdir("./104", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5284 ./strace-static-x86_64: Process 5284 attached [pid 5284] chdir("./104") = 0 [pid 5284] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5284] setpgid(0, 0) = 0 [pid 5284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5284] write(3, "1000", 4) = 4 [pid 5284] close(3) = 0 [pid 5284] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5284] memfd_create("syzkaller", 0) = 3 [pid 5284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5284] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5284] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5284] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5284] close(3) = 0 [pid 5284] mkdir("./file1", 0777) = 0 [ 92.244920][ T5284] loop0: detected capacity change from 0 to 8192 [ 92.254368][ T5284] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.267401][ T5284] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.276558][ T5284] REISERFS (device loop0): using ordered data mode [ 92.283476][ T5284] reiserfs: using flush barriers [ 92.289427][ T5284] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.306072][ T5284] REISERFS (device loop0): checking transaction log (loop0) [pid 5284] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5284] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5284] chdir("./file1") = 0 [pid 5284] ioctl(4, LOOP_CLR_FD) = 0 [pid 5284] close(4) = 0 [pid 5284] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5284] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5284] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5284] exit_group(0) = ? [pid 5284] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5284, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./104/binderfs") = 0 [ 92.368840][ T5284] REISERFS (device loop0): Using r5 hash to sort names [ 92.375873][ T5284] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./104/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./104/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./104/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./104/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./104/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./104/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./104") = 0 mkdir("./105", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5286 ./strace-static-x86_64: Process 5286 attached [pid 5286] chdir("./105") = 0 [pid 5286] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5286] setpgid(0, 0) = 0 [pid 5286] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5286] write(3, "1000", 4) = 4 [pid 5286] close(3) = 0 [pid 5286] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5286] memfd_create("syzkaller", 0) = 3 [pid 5286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5286] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5286] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5286] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5286] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5286] close(3) = 0 [pid 5286] mkdir("./file1", 0777) = 0 [ 92.502793][ T5286] loop0: detected capacity change from 0 to 8192 [ 92.513191][ T5286] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.526415][ T5286] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.536018][ T5286] REISERFS (device loop0): using ordered data mode [ 92.542649][ T5286] reiserfs: using flush barriers [ 92.548579][ T5286] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.565051][ T5286] REISERFS (device loop0): checking transaction log (loop0) [pid 5286] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5286] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5286] chdir("./file1") = 0 [pid 5286] ioctl(4, LOOP_CLR_FD) = 0 [pid 5286] close(4) = 0 [pid 5286] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5286] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5286] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5286] exit_group(0) = ? [pid 5286] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5286, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./105/binderfs") = 0 [ 92.612958][ T5286] REISERFS (device loop0): Using r5 hash to sort names [ 92.620198][ T5286] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./105/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./105/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./105/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./105/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./105/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./105/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./105") = 0 mkdir("./106", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5288 attached [pid 5288] chdir("./106") = 0 [pid 5288] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5288] setpgid(0, 0) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555738c5d0) = 5288 [pid 5288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5288] write(3, "1000", 4) = 4 [pid 5288] close(3) = 0 [pid 5288] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5288] memfd_create("syzkaller", 0) = 3 [pid 5288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5288] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5288] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5288] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5288] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5288] close(3) = 0 [pid 5288] mkdir("./file1", 0777) = 0 [ 92.744683][ T5288] loop0: detected capacity change from 0 to 8192 [ 92.754430][ T5288] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 92.767885][ T5288] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 92.777345][ T5288] REISERFS (device loop0): using ordered data mode [ 92.783854][ T5288] reiserfs: using flush barriers [ 92.789799][ T5288] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.806134][ T5288] REISERFS (device loop0): checking transaction log (loop0) [pid 5288] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5288] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5288] chdir("./file1") = 0 [pid 5288] ioctl(4, LOOP_CLR_FD) = 0 [pid 5288] close(4) = 0 [pid 5288] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5288] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5288] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5288] exit_group(0) = ? [pid 5288] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5288, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./106/binderfs") = 0 [ 92.853058][ T5288] REISERFS (device loop0): Using r5 hash to sort names [ 92.860379][ T5288] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./106/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./106/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./106/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./106/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./106/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./106/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./106") = 0 mkdir("./107", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5290 ./strace-static-x86_64: Process 5290 attached [pid 5290] chdir("./107") = 0 [pid 5290] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5290] setpgid(0, 0) = 0 [pid 5290] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5290] write(3, "1000", 4) = 4 [pid 5290] close(3) = 0 [pid 5290] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5290] memfd_create("syzkaller", 0) = 3 [pid 5290] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5290] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5290] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5290] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5290] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5290] close(3) = 0 [pid 5290] mkdir("./file1", 0777) = 0 [ 92.984649][ T5290] loop0: detected capacity change from 0 to 8192 [ 92.994243][ T5290] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.007746][ T5290] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.017186][ T5290] REISERFS (device loop0): using ordered data mode [ 93.023806][ T5290] reiserfs: using flush barriers [ 93.029785][ T5290] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.046276][ T5290] REISERFS (device loop0): checking transaction log (loop0) [pid 5290] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5290] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5290] chdir("./file1") = 0 [pid 5290] ioctl(4, LOOP_CLR_FD) = 0 [pid 5290] close(4) = 0 [pid 5290] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5290] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5290] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5290] exit_group(0) = ? [pid 5290] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5290, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./107/binderfs") = 0 [ 93.088630][ T5290] REISERFS (device loop0): Using r5 hash to sort names [ 93.095795][ T5290] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./107/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./107/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./107/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./107/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./107/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./107/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./107") = 0 mkdir("./108", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5292 ./strace-static-x86_64: Process 5292 attached [pid 5292] chdir("./108") = 0 [pid 5292] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5292] setpgid(0, 0) = 0 [pid 5292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5292] write(3, "1000", 4) = 4 [pid 5292] close(3) = 0 [pid 5292] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5292] memfd_create("syzkaller", 0) = 3 [pid 5292] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5292] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5292] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5292] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5292] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5292] close(3) = 0 [pid 5292] mkdir("./file1", 0777) = 0 [ 93.220680][ T5292] loop0: detected capacity change from 0 to 8192 [ 93.231416][ T5292] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.244407][ T5292] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.253660][ T5292] REISERFS (device loop0): using ordered data mode [ 93.260193][ T5292] reiserfs: using flush barriers [ 93.266047][ T5292] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.282479][ T5292] REISERFS (device loop0): checking transaction log (loop0) [pid 5292] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5292] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5292] chdir("./file1") = 0 [pid 5292] ioctl(4, LOOP_CLR_FD) = 0 [pid 5292] close(4) = 0 [pid 5292] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5292] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5292] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5292] exit_group(0) = ? [pid 5292] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5292, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./108/binderfs") = 0 [ 93.329027][ T5292] REISERFS (device loop0): Using r5 hash to sort names [ 93.336453][ T5292] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./108/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./108/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./108/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./108/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./108/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./108/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./108") = 0 mkdir("./109", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5294 ./strace-static-x86_64: Process 5294 attached [pid 5294] chdir("./109") = 0 [pid 5294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5294] setpgid(0, 0) = 0 [pid 5294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5294] write(3, "1000", 4) = 4 [pid 5294] close(3) = 0 [pid 5294] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5294] memfd_create("syzkaller", 0) = 3 [pid 5294] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5294] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5294] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5294] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5294] close(3) = 0 [pid 5294] mkdir("./file1", 0777) = 0 [ 93.471633][ T5294] loop0: detected capacity change from 0 to 8192 [ 93.481033][ T5294] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.494347][ T5294] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.503767][ T5294] REISERFS (device loop0): using ordered data mode [ 93.510436][ T5294] reiserfs: using flush barriers [ 93.516306][ T5294] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.532869][ T5294] REISERFS (device loop0): checking transaction log (loop0) [pid 5294] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5294] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5294] chdir("./file1") = 0 [pid 5294] ioctl(4, LOOP_CLR_FD) = 0 [pid 5294] close(4) = 0 [pid 5294] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5294] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5294] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5294] exit_group(0) = ? [pid 5294] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5294, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./109/binderfs") = 0 [ 93.577764][ T5294] REISERFS (device loop0): Using r5 hash to sort names [ 93.584805][ T5294] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./109/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./109/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./109/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./109/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./109/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./109/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./109") = 0 mkdir("./110", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5296 ./strace-static-x86_64: Process 5296 attached [pid 5296] chdir("./110") = 0 [pid 5296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5296] setpgid(0, 0) = 0 [pid 5296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5296] write(3, "1000", 4) = 4 [pid 5296] close(3) = 0 [pid 5296] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5296] memfd_create("syzkaller", 0) = 3 [pid 5296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5296] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5296] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5296] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5296] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5296] close(3) = 0 [pid 5296] mkdir("./file1", 0777) = 0 [ 93.716532][ T5296] loop0: detected capacity change from 0 to 8192 [ 93.726250][ T5296] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.739513][ T5296] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 93.748999][ T5296] REISERFS (device loop0): using ordered data mode [ 93.755508][ T5296] reiserfs: using flush barriers [ 93.761308][ T5296] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.777707][ T5296] REISERFS (device loop0): checking transaction log (loop0) [pid 5296] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5296] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5296] chdir("./file1") = 0 [pid 5296] ioctl(4, LOOP_CLR_FD) = 0 [pid 5296] close(4) = 0 [pid 5296] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5296] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5296] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5296] exit_group(0) = ? [pid 5296] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5296, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./110/binderfs") = 0 [ 93.825963][ T5296] REISERFS (device loop0): Using r5 hash to sort names [ 93.833045][ T5296] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./110/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./110/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./110/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./110/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./110/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./110/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./110") = 0 mkdir("./111", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5298 ./strace-static-x86_64: Process 5298 attached [pid 5298] chdir("./111") = 0 [pid 5298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5298] setpgid(0, 0) = 0 [pid 5298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5298] write(3, "1000", 4) = 4 [pid 5298] close(3) = 0 [pid 5298] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5298] memfd_create("syzkaller", 0) = 3 [pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5298] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5298] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5298] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5298] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5298] close(3) = 0 [pid 5298] mkdir("./file1", 0777) = 0 [ 93.972307][ T5298] loop0: detected capacity change from 0 to 8192 [ 93.982814][ T5298] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.995825][ T5298] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 94.005107][ T5298] REISERFS (device loop0): using ordered data mode [ 94.011657][ T5298] reiserfs: using flush barriers [ 94.017430][ T5298] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.033759][ T5298] REISERFS (device loop0): checking transaction log (loop0) [pid 5298] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5298] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5298] chdir("./file1") = 0 [pid 5298] ioctl(4, LOOP_CLR_FD) = 0 [pid 5298] close(4) = 0 [pid 5298] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5298] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5298] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5298] exit_group(0) = ? [pid 5298] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5298, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./111/binderfs") = 0 [ 94.080182][ T5298] REISERFS (device loop0): Using r5 hash to sort names [ 94.087348][ T5298] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./111/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./111/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./111/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./111/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./111/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./111/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./111") = 0 mkdir("./112", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5300 ./strace-static-x86_64: Process 5300 attached [pid 5300] chdir("./112") = 0 [pid 5300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5300] setpgid(0, 0) = 0 [pid 5300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5300] write(3, "1000", 4) = 4 [pid 5300] close(3) = 0 [pid 5300] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5300] memfd_create("syzkaller", 0) = 3 [pid 5300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5300] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5300] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5300] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5300] close(3) = 0 [pid 5300] mkdir("./file1", 0777) = 0 [ 94.231837][ T5300] loop0: detected capacity change from 0 to 8192 [ 94.242513][ T5300] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.255771][ T5300] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 94.265273][ T5300] REISERFS (device loop0): using ordered data mode [ 94.271829][ T5300] reiserfs: using flush barriers [ 94.277922][ T5300] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.294773][ T5300] REISERFS (device loop0): checking transaction log (loop0) [pid 5300] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5300] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5300] chdir("./file1") = 0 [pid 5300] ioctl(4, LOOP_CLR_FD) = 0 [pid 5300] close(4) = 0 [pid 5300] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5300] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5300] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5300] exit_group(0) = ? [pid 5300] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5300, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./112/binderfs") = 0 [ 94.348184][ T5300] REISERFS (device loop0): Using r5 hash to sort names [ 94.355516][ T5300] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./112/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./112/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./112/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./112/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./112/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./112/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./112") = 0 mkdir("./113", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5303 ./strace-static-x86_64: Process 5303 attached [pid 5303] chdir("./113") = 0 [pid 5303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5303] setpgid(0, 0) = 0 [pid 5303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5303] write(3, "1000", 4) = 4 [pid 5303] close(3) = 0 [pid 5303] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5303] memfd_create("syzkaller", 0) = 3 [pid 5303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5303] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5303] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5303] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5303] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5303] close(3) = 0 [pid 5303] mkdir("./file1", 0777) = 0 [ 94.491734][ T5303] loop0: detected capacity change from 0 to 8192 [ 94.502413][ T5303] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.515514][ T5303] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 94.524720][ T5303] REISERFS (device loop0): using ordered data mode [ 94.531263][ T5303] reiserfs: using flush barriers [ 94.537005][ T5303] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.553813][ T5303] REISERFS (device loop0): checking transaction log (loop0) [pid 5303] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5303] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5303] chdir("./file1") = 0 [pid 5303] ioctl(4, LOOP_CLR_FD) = 0 [pid 5303] close(4) = 0 [pid 5303] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5303] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5303] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5303] exit_group(0) = ? [pid 5303] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5303, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./113/binderfs") = 0 [ 94.605554][ T5303] REISERFS (device loop0): Using r5 hash to sort names [ 94.613058][ T5303] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./113/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./113/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./113/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./113/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./113/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./113/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./113") = 0 mkdir("./114", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5306 ./strace-static-x86_64: Process 5306 attached [pid 5306] chdir("./114") = 0 [pid 5306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5306] setpgid(0, 0) = 0 [pid 5306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5306] write(3, "1000", 4) = 4 [pid 5306] close(3) = 0 [pid 5306] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5306] memfd_create("syzkaller", 0) = 3 [pid 5306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5306] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5306] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5306] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5306] close(3) = 0 [pid 5306] mkdir("./file1", 0777) = 0 [ 94.749020][ T5306] loop0: detected capacity change from 0 to 8192 [ 94.759262][ T5306] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 94.772290][ T5306] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 94.781543][ T5306] REISERFS (device loop0): using ordered data mode [ 94.788071][ T5306] reiserfs: using flush barriers [ 94.793945][ T5306] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 94.810413][ T5306] REISERFS (device loop0): checking transaction log (loop0) [pid 5306] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5306] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5306] chdir("./file1") = 0 [pid 5306] ioctl(4, LOOP_CLR_FD) = 0 [pid 5306] close(4) = 0 [pid 5306] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5306] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5306] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5306] exit_group(0) = ? [pid 5306] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5306, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./114/binderfs") = 0 [ 94.856674][ T5306] REISERFS (device loop0): Using r5 hash to sort names [ 94.863758][ T5306] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./114/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./114/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./114/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./114/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./114/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./114/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./114") = 0 mkdir("./115", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5308 ./strace-static-x86_64: Process 5308 attached [pid 5308] chdir("./115") = 0 [pid 5308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5308] setpgid(0, 0) = 0 [pid 5308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5308] write(3, "1000", 4) = 4 [pid 5308] close(3) = 0 [pid 5308] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5308] memfd_create("syzkaller", 0) = 3 [pid 5308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5308] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5308] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5308] close(3) = 0 [pid 5308] mkdir("./file1", 0777) = 0 [ 94.998273][ T5308] loop0: detected capacity change from 0 to 8192 [ 95.007437][ T5308] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.020492][ T5308] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.030022][ T5308] REISERFS (device loop0): using ordered data mode [ 95.036532][ T5308] reiserfs: using flush barriers [ 95.042605][ T5308] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.059466][ T5308] REISERFS (device loop0): checking transaction log (loop0) [pid 5308] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5308] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5308] chdir("./file1") = 0 [pid 5308] ioctl(4, LOOP_CLR_FD) = 0 [pid 5308] close(4) = 0 [pid 5308] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5308] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5308] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5308] exit_group(0) = ? [pid 5308] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5308, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./115/binderfs") = 0 [ 95.107900][ T5308] REISERFS (device loop0): Using r5 hash to sort names [ 95.114931][ T5308] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./115/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./115/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./115/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./115/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./115/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./115/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./115") = 0 mkdir("./116", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5310 ./strace-static-x86_64: Process 5310 attached [pid 5310] chdir("./116") = 0 [pid 5310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5310] setpgid(0, 0) = 0 [pid 5310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5310] write(3, "1000", 4) = 4 [pid 5310] close(3) = 0 [pid 5310] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5310] memfd_create("syzkaller", 0) = 3 [pid 5310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5310] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5310] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5310] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5310] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5310] close(3) = 0 [pid 5310] mkdir("./file1", 0777) = 0 [ 95.253379][ T5310] loop0: detected capacity change from 0 to 8192 [ 95.263399][ T5310] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.276480][ T5310] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.285712][ T5310] REISERFS (device loop0): using ordered data mode [ 95.292331][ T5310] reiserfs: using flush barriers [ 95.298250][ T5310] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.314700][ T5310] REISERFS (device loop0): checking transaction log (loop0) [pid 5310] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5310] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5310] chdir("./file1") = 0 [pid 5310] ioctl(4, LOOP_CLR_FD) = 0 [pid 5310] close(4) = 0 [pid 5310] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5310] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5310] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5310] exit_group(0) = ? [pid 5310] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5310, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./116/binderfs") = 0 [ 95.360713][ T5310] REISERFS (device loop0): Using r5 hash to sort names [ 95.367799][ T5310] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./116/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./116/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./116/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./116/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./116/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./116/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./116") = 0 mkdir("./117", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5313 ./strace-static-x86_64: Process 5313 attached [pid 5313] chdir("./117") = 0 [pid 5313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5313] setpgid(0, 0) = 0 [pid 5313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5313] write(3, "1000", 4) = 4 [pid 5313] close(3) = 0 [pid 5313] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5313] memfd_create("syzkaller", 0) = 3 [pid 5313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5313] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5313] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5313] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5313] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5313] close(3) = 0 [pid 5313] mkdir("./file1", 0777) = 0 [ 95.498744][ T5313] loop0: detected capacity change from 0 to 8192 [ 95.508221][ T5313] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.521290][ T5313] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.531194][ T5313] REISERFS (device loop0): using ordered data mode [ 95.538279][ T5313] reiserfs: using flush barriers [ 95.544423][ T5313] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.560904][ T5313] REISERFS (device loop0): checking transaction log (loop0) [pid 5313] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5313] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5313] chdir("./file1") = 0 [pid 5313] ioctl(4, LOOP_CLR_FD) = 0 [pid 5313] close(4) = 0 [pid 5313] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5313] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5313] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5313] exit_group(0) = ? [pid 5313] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5313, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./117/binderfs") = 0 [ 95.610464][ T5313] REISERFS (device loop0): Using r5 hash to sort names [ 95.617626][ T5313] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./117/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./117/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./117/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./117/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./117/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./117/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./117") = 0 mkdir("./118", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5316 ./strace-static-x86_64: Process 5316 attached [pid 5316] chdir("./118") = 0 [pid 5316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5316] setpgid(0, 0) = 0 [pid 5316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5316] write(3, "1000", 4) = 4 [pid 5316] close(3) = 0 [pid 5316] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5316] memfd_create("syzkaller", 0) = 3 [pid 5316] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5316] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5316] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5316] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5316] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5316] close(3) = 0 [pid 5316] mkdir("./file1", 0777) = 0 [ 95.754246][ T5316] loop0: detected capacity change from 0 to 8192 [ 95.763932][ T5316] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 95.777367][ T5316] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 95.787288][ T5316] REISERFS (device loop0): using ordered data mode [ 95.794237][ T5316] reiserfs: using flush barriers [ 95.800347][ T5316] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 95.817101][ T5316] REISERFS (device loop0): checking transaction log (loop0) [pid 5316] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5316] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5316] chdir("./file1") = 0 [pid 5316] ioctl(4, LOOP_CLR_FD) = 0 [pid 5316] close(4) = 0 [pid 5316] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5316] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5316] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5316] exit_group(0) = ? [pid 5316] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5316, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./118/binderfs") = 0 [ 95.867538][ T5316] REISERFS (device loop0): Using r5 hash to sort names [ 95.874590][ T5316] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./118/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./118/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./118/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./118/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./118/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./118/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./118") = 0 mkdir("./119", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5319 ./strace-static-x86_64: Process 5319 attached [pid 5319] chdir("./119") = 0 [pid 5319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5319] setpgid(0, 0) = 0 [pid 5319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5319] write(3, "1000", 4) = 4 [pid 5319] close(3) = 0 [pid 5319] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5319] memfd_create("syzkaller", 0) = 3 [pid 5319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5319] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5319] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5319] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5319] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5319] close(3) = 0 [pid 5319] mkdir("./file1", 0777) = 0 [ 96.013148][ T5319] loop0: detected capacity change from 0 to 8192 [ 96.023754][ T5319] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.036769][ T5319] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.046043][ T5319] REISERFS (device loop0): using ordered data mode [ 96.052622][ T5319] reiserfs: using flush barriers [ 96.058429][ T5319] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.074876][ T5319] REISERFS (device loop0): checking transaction log (loop0) [pid 5319] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5319] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5319] chdir("./file1") = 0 [pid 5319] ioctl(4, LOOP_CLR_FD) = 0 [pid 5319] close(4) = 0 [pid 5319] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5319] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5319] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5319] exit_group(0) = ? [pid 5319] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5319, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./119/binderfs") = 0 [ 96.129075][ T5319] REISERFS (device loop0): Using r5 hash to sort names [ 96.136409][ T5319] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./119/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./119/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./119/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./119/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./119/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./119/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./119") = 0 mkdir("./120", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5321 ./strace-static-x86_64: Process 5321 attached [pid 5321] chdir("./120") = 0 [pid 5321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5321] setpgid(0, 0) = 0 [pid 5321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5321] write(3, "1000", 4) = 4 [pid 5321] close(3) = 0 [pid 5321] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5321] memfd_create("syzkaller", 0) = 3 [pid 5321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5321] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5321] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5321] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5321] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5321] close(3) = 0 [pid 5321] mkdir("./file1", 0777) = 0 [ 96.271010][ T5321] loop0: detected capacity change from 0 to 8192 [ 96.280256][ T5321] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.293298][ T5321] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.303119][ T5321] REISERFS (device loop0): using ordered data mode [ 96.309881][ T5321] reiserfs: using flush barriers [ 96.315833][ T5321] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.332248][ T5321] REISERFS (device loop0): checking transaction log (loop0) [pid 5321] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5321] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5321] chdir("./file1") = 0 [pid 5321] ioctl(4, LOOP_CLR_FD) = 0 [pid 5321] close(4) = 0 [pid 5321] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5321] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5321] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5321] exit_group(0) = ? [pid 5321] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5321, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./120/binderfs") = 0 [ 96.379822][ T5321] REISERFS (device loop0): Using r5 hash to sort names [ 96.387065][ T5321] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./120/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./120/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./120/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./120/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./120/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./120/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./120") = 0 mkdir("./121", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5323 ./strace-static-x86_64: Process 5323 attached [pid 5323] chdir("./121") = 0 [pid 5323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5323] setpgid(0, 0) = 0 [pid 5323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5323] write(3, "1000", 4) = 4 [pid 5323] close(3) = 0 [pid 5323] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5323] memfd_create("syzkaller", 0) = 3 [pid 5323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5323] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5323] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5323] close(3) = 0 [pid 5323] mkdir("./file1", 0777) = 0 [ 96.524181][ T5323] loop0: detected capacity change from 0 to 8192 [ 96.534002][ T5323] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.547303][ T5323] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.556481][ T5323] REISERFS (device loop0): using ordered data mode [ 96.563056][ T5323] reiserfs: using flush barriers [ 96.568866][ T5323] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.585401][ T5323] REISERFS (device loop0): checking transaction log (loop0) [pid 5323] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5323] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5323] chdir("./file1") = 0 [pid 5323] ioctl(4, LOOP_CLR_FD) = 0 [pid 5323] close(4) = 0 [pid 5323] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5323] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5323] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5323] exit_group(0) = ? [pid 5323] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5323, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./121/binderfs") = 0 [ 96.632377][ T5323] REISERFS (device loop0): Using r5 hash to sort names [ 96.639458][ T5323] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./121/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./121/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./121/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./121/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./121/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./121/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./121") = 0 mkdir("./122", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5326 ./strace-static-x86_64: Process 5326 attached [pid 5326] chdir("./122") = 0 [pid 5326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5326] setpgid(0, 0) = 0 [pid 5326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5326] write(3, "1000", 4) = 4 [pid 5326] close(3) = 0 [pid 5326] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5326] memfd_create("syzkaller", 0) = 3 [pid 5326] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5326] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5326] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5326] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5326] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5326] close(3) = 0 [pid 5326] mkdir("./file1", 0777) = 0 [ 96.778948][ T5326] loop0: detected capacity change from 0 to 8192 [ 96.789581][ T5326] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.802611][ T5326] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 96.811853][ T5326] REISERFS (device loop0): using ordered data mode [ 96.818408][ T5326] reiserfs: using flush barriers [ 96.824272][ T5326] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 96.840710][ T5326] REISERFS (device loop0): checking transaction log (loop0) [pid 5326] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5326] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5326] chdir("./file1") = 0 [pid 5326] ioctl(4, LOOP_CLR_FD) = 0 [pid 5326] close(4) = 0 [pid 5326] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5326] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5326] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5326] exit_group(0) = ? [pid 5326] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5326, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./122/binderfs") = 0 [ 96.881956][ T5326] REISERFS (device loop0): Using r5 hash to sort names [ 96.889066][ T5326] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./122/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./122/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./122/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./122/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./122/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./122/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./122") = 0 mkdir("./123", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5328 ./strace-static-x86_64: Process 5328 attached [pid 5328] chdir("./123") = 0 [pid 5328] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5328] setpgid(0, 0) = 0 [pid 5328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5328] write(3, "1000", 4) = 4 [pid 5328] close(3) = 0 [pid 5328] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5328] memfd_create("syzkaller", 0) = 3 [pid 5328] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5328] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5328] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5328] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5328] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5328] close(3) = 0 [pid 5328] mkdir("./file1", 0777) = 0 [ 97.020835][ T5328] loop0: detected capacity change from 0 to 8192 [ 97.030401][ T5328] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.043559][ T5328] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 97.052810][ T5328] REISERFS (device loop0): using ordered data mode [ 97.059375][ T5328] reiserfs: using flush barriers [ 97.065090][ T5328] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.081554][ T5328] REISERFS (device loop0): checking transaction log (loop0) [pid 5328] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5328] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5328] chdir("./file1") = 0 [pid 5328] ioctl(4, LOOP_CLR_FD) = 0 [pid 5328] close(4) = 0 [pid 5328] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5328] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5328] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5328] exit_group(0) = ? [pid 5328] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5328, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./123/binderfs") = 0 [ 97.123952][ T5328] REISERFS (device loop0): Using r5 hash to sort names [ 97.131016][ T5328] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./123/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./123/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./123/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./123/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./123/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./123/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./123") = 0 mkdir("./124", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5330 ./strace-static-x86_64: Process 5330 attached [pid 5330] chdir("./124") = 0 [pid 5330] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5330] setpgid(0, 0) = 0 [pid 5330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5330] write(3, "1000", 4) = 4 [pid 5330] close(3) = 0 [pid 5330] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5330] memfd_create("syzkaller", 0) = 3 [pid 5330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5330] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5330] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5330] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5330] close(3) = 0 [pid 5330] mkdir("./file1", 0777) = 0 [ 97.262115][ T5330] loop0: detected capacity change from 0 to 8192 [ 97.271849][ T5330] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.285258][ T5330] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 97.294719][ T5330] REISERFS (device loop0): using ordered data mode [ 97.301430][ T5330] reiserfs: using flush barriers [ 97.307253][ T5330] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.323599][ T5330] REISERFS (device loop0): checking transaction log (loop0) [pid 5330] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5330] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5330] chdir("./file1") = 0 [pid 5330] ioctl(4, LOOP_CLR_FD) = 0 [pid 5330] close(4) = 0 [pid 5330] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5330] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5330] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5330] exit_group(0) = ? [pid 5330] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5330, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./124/binderfs") = 0 [ 97.370507][ T5330] REISERFS (device loop0): Using r5 hash to sort names [ 97.377676][ T5330] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./124/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./124/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./124/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./124/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./124/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./124/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./124") = 0 mkdir("./125", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5332 ./strace-static-x86_64: Process 5332 attached [pid 5332] chdir("./125") = 0 [pid 5332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5332] setpgid(0, 0) = 0 [pid 5332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5332] write(3, "1000", 4) = 4 [pid 5332] close(3) = 0 [pid 5332] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5332] memfd_create("syzkaller", 0) = 3 [pid 5332] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5332] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5332] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5332] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5332] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5332] close(3) = 0 [pid 5332] mkdir("./file1", 0777) = 0 [ 97.512479][ T5332] loop0: detected capacity change from 0 to 8192 [ 97.523354][ T5332] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.536633][ T5332] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 97.546095][ T5332] REISERFS (device loop0): using ordered data mode [ 97.553007][ T5332] reiserfs: using flush barriers [ 97.559226][ T5332] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.576130][ T5332] REISERFS (device loop0): checking transaction log (loop0) [pid 5332] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5332] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5332] chdir("./file1") = 0 [pid 5332] ioctl(4, LOOP_CLR_FD) = 0 [pid 5332] close(4) = 0 [pid 5332] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5332] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5332] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5332] exit_group(0) = ? [pid 5332] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5332, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./125/binderfs") = 0 [ 97.624645][ T5332] REISERFS (device loop0): Using r5 hash to sort names [ 97.631803][ T5332] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./125/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./125/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./125/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./125/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./125/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./125/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./125") = 0 mkdir("./126", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5334 ./strace-static-x86_64: Process 5334 attached [pid 5334] chdir("./126") = 0 [pid 5334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5334] setpgid(0, 0) = 0 [pid 5334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5334] write(3, "1000", 4) = 4 [pid 5334] close(3) = 0 [pid 5334] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5334] memfd_create("syzkaller", 0) = 3 [pid 5334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5334] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5334] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5334] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5334] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5334] close(3) = 0 [pid 5334] mkdir("./file1", 0777) = 0 [ 97.769169][ T5334] loop0: detected capacity change from 0 to 8192 [ 97.780439][ T5334] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 97.793445][ T5334] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 97.802895][ T5334] REISERFS (device loop0): using ordered data mode [ 97.809600][ T5334] reiserfs: using flush barriers [ 97.815319][ T5334] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.831863][ T5334] REISERFS (device loop0): checking transaction log (loop0) [pid 5334] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5334] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5334] chdir("./file1") = 0 [pid 5334] ioctl(4, LOOP_CLR_FD) = 0 [pid 5334] close(4) = 0 [pid 5334] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5334] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5334] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5334] exit_group(0) = ? [pid 5334] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5334, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./126/binderfs") = 0 [ 97.873129][ T5334] REISERFS (device loop0): Using r5 hash to sort names [ 97.880209][ T5334] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./126/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./126/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./126/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./126/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./126/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./126/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./126") = 0 mkdir("./127", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5336 ./strace-static-x86_64: Process 5336 attached [pid 5336] chdir("./127") = 0 [pid 5336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5336] setpgid(0, 0) = 0 [pid 5336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5336] write(3, "1000", 4) = 4 [pid 5336] close(3) = 0 [pid 5336] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5336] memfd_create("syzkaller", 0) = 3 [pid 5336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5336] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5336] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5336] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5336] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5336] close(3) = 0 [pid 5336] mkdir("./file1", 0777) = 0 [ 98.024998][ T5336] loop0: detected capacity change from 0 to 8192 [ 98.035937][ T5336] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.049091][ T5336] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 98.058320][ T5336] REISERFS (device loop0): using ordered data mode [ 98.064828][ T5336] reiserfs: using flush barriers [ 98.070626][ T5336] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.087169][ T5336] REISERFS (device loop0): checking transaction log (loop0) [pid 5336] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5336] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5336] chdir("./file1") = 0 [pid 5336] ioctl(4, LOOP_CLR_FD) = 0 [pid 5336] close(4) = 0 [pid 5336] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5336] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5336] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5336] exit_group(0) = ? [pid 5336] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5336, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./127/binderfs") = 0 [ 98.135942][ T5336] REISERFS (device loop0): Using r5 hash to sort names [ 98.143295][ T5336] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./127/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./127/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./127/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./127/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./127/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./127/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./127") = 0 mkdir("./128", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5338 ./strace-static-x86_64: Process 5338 attached [pid 5338] chdir("./128") = 0 [pid 5338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5338] setpgid(0, 0) = 0 [pid 5338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5338] write(3, "1000", 4) = 4 [pid 5338] close(3) = 0 [pid 5338] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5338] memfd_create("syzkaller", 0) = 3 [pid 5338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5338] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5338] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5338] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5338] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5338] close(3) = 0 [pid 5338] mkdir("./file1", 0777) = 0 [ 98.285167][ T5338] loop0: detected capacity change from 0 to 8192 [ 98.296090][ T5338] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.309206][ T5338] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 98.318484][ T5338] REISERFS (device loop0): using ordered data mode [ 98.324988][ T5338] reiserfs: using flush barriers [ 98.330881][ T5338] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.347288][ T5338] REISERFS (device loop0): checking transaction log (loop0) [pid 5338] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5338] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5338] chdir("./file1") = 0 [pid 5338] ioctl(4, LOOP_CLR_FD) = 0 [pid 5338] close(4) = 0 [pid 5338] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5338] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5338] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5338] exit_group(0) = ? [pid 5338] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5338, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./128/binderfs") = 0 [ 98.388732][ T5338] REISERFS (device loop0): Using r5 hash to sort names [ 98.395783][ T5338] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./128/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./128/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./128/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./128/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./128/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./128/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./128") = 0 mkdir("./129", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5340 attached [pid 5340] chdir("./129") = 0 [pid 5340] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5340] setpgid(0, 0) = 0 [pid 5340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5340] write(3, "1000", 4) = 4 [pid 5340] close(3) = 0 [pid 5340] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555738c5d0) = 5340 [pid 5340] memfd_create("syzkaller", 0) = 3 [pid 5340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5340] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5340] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5340] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5340] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5340] close(3) = 0 [pid 5340] mkdir("./file1", 0777) = 0 [ 98.540100][ T5340] loop0: detected capacity change from 0 to 8192 [ 98.549918][ T5340] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.562908][ T5340] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 98.572340][ T5340] REISERFS (device loop0): using ordered data mode [ 98.579137][ T5340] reiserfs: using flush barriers [ 98.585148][ T5340] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.601904][ T5340] REISERFS (device loop0): checking transaction log (loop0) [pid 5340] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5340] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5340] chdir("./file1") = 0 [pid 5340] ioctl(4, LOOP_CLR_FD) = 0 [pid 5340] close(4) = 0 [pid 5340] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5340] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5340] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5340] exit_group(0) = ? [pid 5340] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5340, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./129/binderfs") = 0 [ 98.649060][ T5340] REISERFS (device loop0): Using r5 hash to sort names [ 98.656093][ T5340] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./129/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./129/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./129/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./129/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./129/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./129/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./129") = 0 mkdir("./130", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5342 ./strace-static-x86_64: Process 5342 attached [pid 5342] chdir("./130") = 0 [pid 5342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5342] setpgid(0, 0) = 0 [pid 5342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5342] write(3, "1000", 4) = 4 [pid 5342] close(3) = 0 [pid 5342] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5342] memfd_create("syzkaller", 0) = 3 [pid 5342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5342] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5342] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5342] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5342] close(3) = 0 [pid 5342] mkdir("./file1", 0777) = 0 [ 98.781534][ T5342] loop0: detected capacity change from 0 to 8192 [ 98.791384][ T5342] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.804780][ T5342] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 98.814391][ T5342] REISERFS (device loop0): using ordered data mode [ 98.821022][ T5342] reiserfs: using flush barriers [ 98.826952][ T5342] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.843277][ T5342] REISERFS (device loop0): checking transaction log (loop0) [pid 5342] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5342] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5342] chdir("./file1") = 0 [pid 5342] ioctl(4, LOOP_CLR_FD) = 0 [pid 5342] close(4) = 0 [pid 5342] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5342] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5342] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5342] exit_group(0) = ? [pid 5342] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5342, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./130/binderfs") = 0 [ 98.889374][ T5342] REISERFS (device loop0): Using r5 hash to sort names [ 98.896415][ T5342] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./130/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./130/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./130/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./130/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./130/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./130/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./130") = 0 mkdir("./131", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5344 ./strace-static-x86_64: Process 5344 attached [pid 5344] chdir("./131") = 0 [pid 5344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5344] setpgid(0, 0) = 0 [pid 5344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5344] write(3, "1000", 4) = 4 [pid 5344] close(3) = 0 [pid 5344] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5344] memfd_create("syzkaller", 0) = 3 [pid 5344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5344] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5344] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5344] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5344] close(3) = 0 [pid 5344] mkdir("./file1", 0777) = 0 [ 99.042270][ T5344] loop0: detected capacity change from 0 to 8192 [ 99.052135][ T5344] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.065176][ T5344] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.074413][ T5344] REISERFS (device loop0): using ordered data mode [ 99.080994][ T5344] reiserfs: using flush barriers [ 99.086734][ T5344] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.103341][ T5344] REISERFS (device loop0): checking transaction log (loop0) [pid 5344] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5344] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5344] chdir("./file1") = 0 [pid 5344] ioctl(4, LOOP_CLR_FD) = 0 [pid 5344] close(4) = 0 [pid 5344] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5344] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5344] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5344] exit_group(0) = ? [pid 5344] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5344, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./131/binderfs") = 0 [ 99.149257][ T5344] REISERFS (device loop0): Using r5 hash to sort names [ 99.156297][ T5344] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./131/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./131/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./131/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./131/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./131/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./131/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./131") = 0 mkdir("./132", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5346 ./strace-static-x86_64: Process 5346 attached [pid 5346] chdir("./132") = 0 [pid 5346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5346] setpgid(0, 0) = 0 [pid 5346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5346] write(3, "1000", 4) = 4 [pid 5346] close(3) = 0 [pid 5346] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5346] memfd_create("syzkaller", 0) = 3 [pid 5346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5346] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5346] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5346] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5346] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5346] close(3) = 0 [pid 5346] mkdir("./file1", 0777) = 0 [ 99.293318][ T5346] loop0: detected capacity change from 0 to 8192 [ 99.303913][ T5346] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.317186][ T5346] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.326644][ T5346] REISERFS (device loop0): using ordered data mode [ 99.333498][ T5346] reiserfs: using flush barriers [ 99.339554][ T5346] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.356088][ T5346] REISERFS (device loop0): checking transaction log (loop0) [pid 5346] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5346] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5346] chdir("./file1") = 0 [pid 5346] ioctl(4, LOOP_CLR_FD) = 0 [pid 5346] close(4) = 0 [pid 5346] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5346] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5346] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5346] exit_group(0) = ? [pid 5346] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5346, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./132/binderfs") = 0 umount2("./132/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./132/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./132/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./132/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./132/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./132/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./132") = 0 mkdir("./133", 0777) = 0 [ 99.399195][ T5346] REISERFS (device loop0): Using r5 hash to sort names [ 99.406501][ T5346] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5348 ./strace-static-x86_64: Process 5348 attached [pid 5348] chdir("./133") = 0 [pid 5348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5348] setpgid(0, 0) = 0 [pid 5348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5348] write(3, "1000", 4) = 4 [pid 5348] close(3) = 0 [pid 5348] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5348] memfd_create("syzkaller", 0) = 3 [pid 5348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5348] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5348] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5348] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5348] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5348] close(3) = 0 [pid 5348] mkdir("./file1", 0777) = 0 [ 99.534331][ T5348] loop0: detected capacity change from 0 to 8192 [ 99.544940][ T5348] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.558275][ T5348] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.568036][ T5348] REISERFS (device loop0): using ordered data mode [ 99.574552][ T5348] reiserfs: using flush barriers [ 99.580630][ T5348] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.597471][ T5348] REISERFS (device loop0): checking transaction log (loop0) [pid 5348] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5348] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5348] chdir("./file1") = 0 [pid 5348] ioctl(4, LOOP_CLR_FD) = 0 [pid 5348] close(4) = 0 [pid 5348] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5348] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5348] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5348] exit_group(0) = ? [pid 5348] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5348, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./133/binderfs") = 0 [ 99.639548][ T5348] REISERFS (device loop0): Using r5 hash to sort names [ 99.646985][ T5348] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./133/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./133/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./133/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./133/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./133/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./133/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./133") = 0 mkdir("./134", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5350 ./strace-static-x86_64: Process 5350 attached [pid 5350] chdir("./134") = 0 [pid 5350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5350] setpgid(0, 0) = 0 [pid 5350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5350] write(3, "1000", 4) = 4 [pid 5350] close(3) = 0 [pid 5350] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5350] memfd_create("syzkaller", 0) = 3 [pid 5350] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5350] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5350] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5350] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5350] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5350] close(3) = 0 [pid 5350] mkdir("./file1", 0777) = 0 [ 99.777670][ T5350] loop0: detected capacity change from 0 to 8192 [ 99.786993][ T5350] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 99.800047][ T5350] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 99.809299][ T5350] REISERFS (device loop0): using ordered data mode [ 99.815803][ T5350] reiserfs: using flush barriers [ 99.821998][ T5350] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.838408][ T5350] REISERFS (device loop0): checking transaction log (loop0) [pid 5350] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5350] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5350] chdir("./file1") = 0 [pid 5350] ioctl(4, LOOP_CLR_FD) = 0 [pid 5350] close(4) = 0 [pid 5350] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5350] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5350] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5350] exit_group(0) = ? [pid 5350] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5350, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./134/binderfs") = 0 [ 99.885230][ T5350] REISERFS (device loop0): Using r5 hash to sort names [ 99.892354][ T5350] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./134/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./134/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./134/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./134/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./134/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./134/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./134") = 0 mkdir("./135", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5352 ./strace-static-x86_64: Process 5352 attached [pid 5352] chdir("./135") = 0 [pid 5352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5352] setpgid(0, 0) = 0 [pid 5352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5352] write(3, "1000", 4) = 4 [pid 5352] close(3) = 0 [pid 5352] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5352] memfd_create("syzkaller", 0) = 3 [pid 5352] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5352] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5352] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5352] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5352] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5352] close(3) = 0 [pid 5352] mkdir("./file1", 0777) = 0 [ 100.018622][ T5352] loop0: detected capacity change from 0 to 8192 [ 100.027662][ T5352] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.040722][ T5352] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.050011][ T5352] REISERFS (device loop0): using ordered data mode [ 100.056534][ T5352] reiserfs: using flush barriers [ 100.062554][ T5352] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.078985][ T5352] REISERFS (device loop0): checking transaction log (loop0) [pid 5352] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5352] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5352] chdir("./file1") = 0 [pid 5352] ioctl(4, LOOP_CLR_FD) = 0 [pid 5352] close(4) = 0 [pid 5352] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5352] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5352] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5352] exit_group(0) = ? [pid 5352] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5352, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./135/binderfs") = 0 [ 100.126040][ T5352] REISERFS (device loop0): Using r5 hash to sort names [ 100.133420][ T5352] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./135/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./135/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./135/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./135/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./135/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./135/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./135") = 0 mkdir("./136", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5354 ./strace-static-x86_64: Process 5354 attached [pid 5354] chdir("./136") = 0 [pid 5354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5354] setpgid(0, 0) = 0 [pid 5354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5354] write(3, "1000", 4) = 4 [pid 5354] close(3) = 0 [pid 5354] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5354] memfd_create("syzkaller", 0) = 3 [pid 5354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5354] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5354] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5354] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5354] close(3) = 0 [pid 5354] mkdir("./file1", 0777) = 0 [ 100.279048][ T5354] loop0: detected capacity change from 0 to 8192 [ 100.289701][ T5354] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.302746][ T5354] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.312081][ T5354] REISERFS (device loop0): using ordered data mode [ 100.318626][ T5354] reiserfs: using flush barriers [ 100.324518][ T5354] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.341003][ T5354] REISERFS (device loop0): checking transaction log (loop0) [pid 5354] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5354] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5354] chdir("./file1") = 0 [pid 5354] ioctl(4, LOOP_CLR_FD) = 0 [pid 5354] close(4) = 0 [pid 5354] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5354] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5354] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5354] exit_group(0) = ? [pid 5354] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5354, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./136/binderfs") = 0 [ 100.381822][ T5354] REISERFS (device loop0): Using r5 hash to sort names [ 100.388894][ T5354] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./136/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./136/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./136/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./136/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./136/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./136/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./136") = 0 mkdir("./137", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5356 ./strace-static-x86_64: Process 5356 attached [pid 5356] chdir("./137") = 0 [pid 5356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5356] setpgid(0, 0) = 0 [pid 5356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5356] write(3, "1000", 4) = 4 [pid 5356] close(3) = 0 [pid 5356] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5356] memfd_create("syzkaller", 0) = 3 [pid 5356] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5356] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5356] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5356] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5356] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5356] close(3) = 0 [pid 5356] mkdir("./file1", 0777) = 0 [ 100.533495][ T5356] loop0: detected capacity change from 0 to 8192 [ 100.543808][ T5356] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.556887][ T5356] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.566092][ T5356] REISERFS (device loop0): using ordered data mode [ 100.572651][ T5356] reiserfs: using flush barriers [ 100.578373][ T5356] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.594793][ T5356] REISERFS (device loop0): checking transaction log (loop0) [pid 5356] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5356] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5356] chdir("./file1") = 0 [pid 5356] ioctl(4, LOOP_CLR_FD) = 0 [pid 5356] close(4) = 0 [pid 5356] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5356] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5356] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5356] exit_group(0) = ? [pid 5356] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5356, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./137/binderfs") = 0 [ 100.644617][ T5356] REISERFS (device loop0): Using r5 hash to sort names [ 100.652036][ T5356] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./137/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./137/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./137/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./137/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./137/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./137/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./137") = 0 mkdir("./138", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5358 ./strace-static-x86_64: Process 5358 attached [pid 5358] chdir("./138") = 0 [pid 5358] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5358] setpgid(0, 0) = 0 [pid 5358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5358] write(3, "1000", 4) = 4 [pid 5358] close(3) = 0 [pid 5358] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5358] memfd_create("syzkaller", 0) = 3 [pid 5358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5358] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5358] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5358] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5358] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5358] close(3) = 0 [pid 5358] mkdir("./file1", 0777) = 0 [ 100.785547][ T5358] loop0: detected capacity change from 0 to 8192 [ 100.795024][ T5358] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 100.808284][ T5358] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 100.817641][ T5358] REISERFS (device loop0): using ordered data mode [ 100.824147][ T5358] reiserfs: using flush barriers [ 100.830450][ T5358] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 100.847138][ T5358] REISERFS (device loop0): checking transaction log (loop0) [pid 5358] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5358] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5358] chdir("./file1") = 0 [pid 5358] ioctl(4, LOOP_CLR_FD) = 0 [pid 5358] close(4) = 0 [pid 5358] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5358] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5358] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5358] exit_group(0) = ? [pid 5358] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5358, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./138/binderfs") = 0 [ 100.888985][ T5358] REISERFS (device loop0): Using r5 hash to sort names [ 100.896031][ T5358] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./138/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./138/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./138/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./138/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./138/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./138/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./138") = 0 mkdir("./139", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5360 ./strace-static-x86_64: Process 5360 attached [pid 5360] chdir("./139") = 0 [pid 5360] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5360] setpgid(0, 0) = 0 [pid 5360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5360] write(3, "1000", 4) = 4 [pid 5360] close(3) = 0 [pid 5360] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5360] memfd_create("syzkaller", 0) = 3 [pid 5360] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5360] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5360] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5360] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5360] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5360] close(3) = 0 [pid 5360] mkdir("./file1", 0777) = 0 [ 101.026131][ T5360] loop0: detected capacity change from 0 to 8192 [ 101.035604][ T5360] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.048990][ T5360] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.058330][ T5360] REISERFS (device loop0): using ordered data mode [ 101.064834][ T5360] reiserfs: using flush barriers [ 101.070980][ T5360] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.087706][ T5360] REISERFS (device loop0): checking transaction log (loop0) [pid 5360] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5360] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5360] chdir("./file1") = 0 [pid 5360] ioctl(4, LOOP_CLR_FD) = 0 [pid 5360] close(4) = 0 [pid 5360] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5360] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5360] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5360] exit_group(0) = ? [pid 5360] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5360, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./139/binderfs") = 0 [ 101.134537][ T5360] REISERFS (device loop0): Using r5 hash to sort names [ 101.141615][ T5360] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./139/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./139/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./139/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./139/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./139/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./139/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./139") = 0 mkdir("./140", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5362 ./strace-static-x86_64: Process 5362 attached [pid 5362] chdir("./140") = 0 [pid 5362] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5362] setpgid(0, 0) = 0 [pid 5362] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5362] write(3, "1000", 4) = 4 [pid 5362] close(3) = 0 [pid 5362] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5362] memfd_create("syzkaller", 0) = 3 [pid 5362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5362] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5362] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5362] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5362] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5362] close(3) = 0 [pid 5362] mkdir("./file1", 0777) = 0 [ 101.275578][ T5362] loop0: detected capacity change from 0 to 8192 [ 101.285415][ T5362] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.298608][ T5362] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.308183][ T5362] REISERFS (device loop0): using ordered data mode [ 101.314965][ T5362] reiserfs: using flush barriers [ 101.321098][ T5362] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.337792][ T5362] REISERFS (device loop0): checking transaction log (loop0) [pid 5362] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5362] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5362] chdir("./file1") = 0 [pid 5362] ioctl(4, LOOP_CLR_FD) = 0 [pid 5362] close(4) = 0 [pid 5362] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5362] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5362] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5362] exit_group(0) = ? [pid 5362] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5362, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./140/binderfs") = 0 [ 101.379825][ T5362] REISERFS (device loop0): Using r5 hash to sort names [ 101.386963][ T5362] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./140/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./140/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./140/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./140/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./140/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./140/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./140") = 0 mkdir("./141", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5364 ./strace-static-x86_64: Process 5364 attached [pid 5364] chdir("./141") = 0 [pid 5364] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5364] setpgid(0, 0) = 0 [pid 5364] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5364] write(3, "1000", 4) = 4 [pid 5364] close(3) = 0 [pid 5364] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5364] memfd_create("syzkaller", 0) = 3 [pid 5364] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5364] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5364] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5364] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5364] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5364] close(3) = 0 [pid 5364] mkdir("./file1", 0777) = 0 [ 101.512611][ T5364] loop0: detected capacity change from 0 to 8192 [ 101.523104][ T5364] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.536599][ T5364] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.545962][ T5364] REISERFS (device loop0): using ordered data mode [ 101.552527][ T5364] reiserfs: using flush barriers [ 101.558493][ T5364] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.575205][ T5364] REISERFS (device loop0): checking transaction log (loop0) [pid 5364] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5364] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5364] chdir("./file1") = 0 [pid 5364] ioctl(4, LOOP_CLR_FD) = 0 [pid 5364] close(4) = 0 [pid 5364] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5364] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5364] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5364] exit_group(0) = ? [pid 5364] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5364, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./141/binderfs") = 0 [ 101.621827][ T5364] REISERFS (device loop0): Using r5 hash to sort names [ 101.629068][ T5364] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./141/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./141/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./141/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./141/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./141/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./141/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./141") = 0 mkdir("./142", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5366 attached , child_tidptr=0x55555738c5d0) = 5366 [pid 5366] chdir("./142") = 0 [pid 5366] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5366] setpgid(0, 0) = 0 [pid 5366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5366] write(3, "1000", 4) = 4 [pid 5366] close(3) = 0 [pid 5366] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5366] memfd_create("syzkaller", 0) = 3 [pid 5366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5366] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5366] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5366] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5366] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5366] close(3) = 0 [pid 5366] mkdir("./file1", 0777) = 0 [ 101.767018][ T5366] loop0: detected capacity change from 0 to 8192 [ 101.776755][ T5366] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 101.790115][ T5366] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 101.799800][ T5366] REISERFS (device loop0): using ordered data mode [ 101.806562][ T5366] reiserfs: using flush barriers [ 101.812869][ T5366] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 101.829854][ T5366] REISERFS (device loop0): checking transaction log (loop0) [pid 5366] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5366] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5366] chdir("./file1") = 0 [pid 5366] ioctl(4, LOOP_CLR_FD) = 0 [pid 5366] close(4) = 0 [pid 5366] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5366] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5366] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5366] exit_group(0) = ? [pid 5366] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5366, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./142/binderfs") = 0 [ 101.879000][ T5366] REISERFS (device loop0): Using r5 hash to sort names [ 101.886296][ T5366] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./142/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./142/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./142/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./142/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./142/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./142/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./142") = 0 mkdir("./143", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5368 ./strace-static-x86_64: Process 5368 attached [pid 5368] chdir("./143") = 0 [pid 5368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5368] setpgid(0, 0) = 0 [pid 5368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5368] write(3, "1000", 4) = 4 [pid 5368] close(3) = 0 [pid 5368] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5368] memfd_create("syzkaller", 0) = 3 [pid 5368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5368] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5368] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5368] close(3) = 0 [pid 5368] mkdir("./file1", 0777) = 0 [ 102.030769][ T5368] loop0: detected capacity change from 0 to 8192 [ 102.041362][ T5368] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.054442][ T5368] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.063642][ T5368] REISERFS (device loop0): using ordered data mode [ 102.070225][ T5368] reiserfs: using flush barriers [ 102.075936][ T5368] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.092350][ T5368] REISERFS (device loop0): checking transaction log (loop0) [pid 5368] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5368] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5368] chdir("./file1") = 0 [pid 5368] ioctl(4, LOOP_CLR_FD) = 0 [pid 5368] close(4) = 0 [pid 5368] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5368] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5368] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5368] exit_group(0) = ? [pid 5368] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5368, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./143/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./143/binderfs") = 0 [ 102.133096][ T5368] REISERFS (device loop0): Using r5 hash to sort names [ 102.140187][ T5368] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./143/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./143/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./143/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./143/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./143/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./143/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./143") = 0 mkdir("./144", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5370 ./strace-static-x86_64: Process 5370 attached [pid 5370] chdir("./144") = 0 [pid 5370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5370] setpgid(0, 0) = 0 [pid 5370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5370] write(3, "1000", 4) = 4 [pid 5370] close(3) = 0 [pid 5370] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5370] memfd_create("syzkaller", 0) = 3 [pid 5370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5370] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5370] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5370] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5370] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5370] close(3) = 0 [pid 5370] mkdir("./file1", 0777) = 0 [ 102.274403][ T5370] loop0: detected capacity change from 0 to 8192 [ 102.285229][ T5370] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.298321][ T5370] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.307570][ T5370] REISERFS (device loop0): using ordered data mode [ 102.314072][ T5370] reiserfs: using flush barriers [ 102.320032][ T5370] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.336367][ T5370] REISERFS (device loop0): checking transaction log (loop0) [pid 5370] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5370] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5370] chdir("./file1") = 0 [pid 5370] ioctl(4, LOOP_CLR_FD) = 0 [pid 5370] close(4) = 0 [pid 5370] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5370] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5370] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5370] exit_group(0) = ? [pid 5370] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5370, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./144/binderfs") = 0 [ 102.383149][ T5370] REISERFS (device loop0): Using r5 hash to sort names [ 102.390430][ T5370] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./144/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./144/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./144/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./144/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./144/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./144/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./144") = 0 mkdir("./145", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5372 ./strace-static-x86_64: Process 5372 attached [pid 5372] chdir("./145") = 0 [pid 5372] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5372] setpgid(0, 0) = 0 [pid 5372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5372] write(3, "1000", 4) = 4 [pid 5372] close(3) = 0 [pid 5372] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5372] memfd_create("syzkaller", 0) = 3 [pid 5372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5372] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5372] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5372] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5372] close(3) = 0 [pid 5372] mkdir("./file1", 0777) = 0 [ 102.527025][ T5372] loop0: detected capacity change from 0 to 8192 [ 102.538071][ T5372] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.551133][ T5372] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.560630][ T5372] REISERFS (device loop0): using ordered data mode [ 102.567203][ T5372] reiserfs: using flush barriers [ 102.573035][ T5372] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.589533][ T5372] REISERFS (device loop0): checking transaction log (loop0) [pid 5372] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5372] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5372] chdir("./file1") = 0 [pid 5372] ioctl(4, LOOP_CLR_FD) = 0 [pid 5372] close(4) = 0 [pid 5372] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5372] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5372] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5372] exit_group(0) = ? [pid 5372] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5372, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./145/binderfs") = 0 [ 102.633433][ T5372] REISERFS (device loop0): Using r5 hash to sort names [ 102.640524][ T5372] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./145/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./145/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./145/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./145/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./145/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./145/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./145") = 0 mkdir("./146", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5374 ./strace-static-x86_64: Process 5374 attached [pid 5374] chdir("./146") = 0 [pid 5374] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5374] setpgid(0, 0) = 0 [pid 5374] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5374] write(3, "1000", 4) = 4 [pid 5374] close(3) = 0 [pid 5374] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5374] memfd_create("syzkaller", 0) = 3 [pid 5374] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5374] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5374] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5374] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5374] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5374] close(3) = 0 [pid 5374] mkdir("./file1", 0777) = 0 [ 102.766659][ T5374] loop0: detected capacity change from 0 to 8192 [ 102.776347][ T5374] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.789387][ T5374] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 102.798673][ T5374] REISERFS (device loop0): using ordered data mode [ 102.805193][ T5374] reiserfs: using flush barriers [ 102.811217][ T5374] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.827653][ T5374] REISERFS (device loop0): checking transaction log (loop0) [pid 5374] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5374] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5374] chdir("./file1") = 0 [pid 5374] ioctl(4, LOOP_CLR_FD) = 0 [pid 5374] close(4) = 0 [pid 5374] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5374] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5374] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5374] exit_group(0) = ? [pid 5374] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5374, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./146/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./146/binderfs") = 0 [ 102.874784][ T5374] REISERFS (device loop0): Using r5 hash to sort names [ 102.881991][ T5374] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./146/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./146/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./146/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./146/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./146/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./146/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./146") = 0 mkdir("./147", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5376 ./strace-static-x86_64: Process 5376 attached [pid 5376] chdir("./147") = 0 [pid 5376] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5376] setpgid(0, 0) = 0 [pid 5376] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5376] write(3, "1000", 4) = 4 [pid 5376] close(3) = 0 [pid 5376] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5376] memfd_create("syzkaller", 0) = 3 [pid 5376] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5376] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5376] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5376] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5376] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5376] close(3) = 0 [pid 5376] mkdir("./file1", 0777) = 0 [ 103.015621][ T5376] loop0: detected capacity change from 0 to 8192 [ 103.025887][ T5376] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.039229][ T5376] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.049092][ T5376] REISERFS (device loop0): using ordered data mode [ 103.055614][ T5376] reiserfs: using flush barriers [ 103.061720][ T5376] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.078489][ T5376] REISERFS (device loop0): checking transaction log (loop0) [pid 5376] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5376] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5376] chdir("./file1") = 0 [pid 5376] ioctl(4, LOOP_CLR_FD) = 0 [pid 5376] close(4) = 0 [pid 5376] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5376] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5376] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5376] exit_group(0) = ? [pid 5376] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5376, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./147/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./147/binderfs") = 0 [ 103.124939][ T5376] REISERFS (device loop0): Using r5 hash to sort names [ 103.132055][ T5376] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./147/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./147/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./147/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./147/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./147/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./147/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./147") = 0 mkdir("./148", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5378 ./strace-static-x86_64: Process 5378 attached [pid 5378] chdir("./148") = 0 [pid 5378] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5378] setpgid(0, 0) = 0 [pid 5378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5378] write(3, "1000", 4) = 4 [pid 5378] close(3) = 0 [pid 5378] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5378] memfd_create("syzkaller", 0) = 3 [pid 5378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5378] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5378] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5378] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5378] close(3) = 0 [pid 5378] mkdir("./file1", 0777) = 0 [ 103.285936][ T5378] loop0: detected capacity change from 0 to 8192 [ 103.295925][ T5378] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.309282][ T5378] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.319086][ T5378] REISERFS (device loop0): using ordered data mode [ 103.325609][ T5378] reiserfs: using flush barriers [ 103.331726][ T5378] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.348377][ T5378] REISERFS (device loop0): checking transaction log (loop0) [pid 5378] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5378] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5378] chdir("./file1") = 0 [pid 5378] ioctl(4, LOOP_CLR_FD) = 0 [pid 5378] close(4) = 0 [pid 5378] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5378] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5378] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5378] exit_group(0) = ? [pid 5378] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5378, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./148/binderfs") = 0 [ 103.401658][ T5378] REISERFS (device loop0): Using r5 hash to sort names [ 103.409234][ T5378] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./148/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./148/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./148/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./148/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./148/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./148/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./148") = 0 mkdir("./149", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5380 ./strace-static-x86_64: Process 5380 attached [pid 5380] chdir("./149") = 0 [pid 5380] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5380] setpgid(0, 0) = 0 [pid 5380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5380] write(3, "1000", 4) = 4 [pid 5380] close(3) = 0 [pid 5380] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5380] memfd_create("syzkaller", 0) = 3 [pid 5380] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5380] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5380] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5380] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5380] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5380] close(3) = 0 [pid 5380] mkdir("./file1", 0777) = 0 [ 103.538016][ T5380] loop0: detected capacity change from 0 to 8192 [ 103.548688][ T5380] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.561694][ T5380] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.571296][ T5380] REISERFS (device loop0): using ordered data mode [ 103.577896][ T5380] reiserfs: using flush barriers [ 103.583775][ T5380] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.600425][ T5380] REISERFS (device loop0): checking transaction log (loop0) [pid 5380] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5380] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5380] chdir("./file1") = 0 [pid 5380] ioctl(4, LOOP_CLR_FD) = 0 [pid 5380] close(4) = 0 [pid 5380] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5380] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5380] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5380] exit_group(0) = ? [pid 5380] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5380, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./149/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./149/binderfs") = 0 [ 103.647208][ T5380] REISERFS (device loop0): Using r5 hash to sort names [ 103.654241][ T5380] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./149/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./149/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./149/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./149/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./149/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./149/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./149") = 0 mkdir("./150", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5382 ./strace-static-x86_64: Process 5382 attached [pid 5382] chdir("./150") = 0 [pid 5382] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5382] setpgid(0, 0) = 0 [pid 5382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5382] write(3, "1000", 4) = 4 [pid 5382] close(3) = 0 [pid 5382] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5382] memfd_create("syzkaller", 0) = 3 [pid 5382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5382] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5382] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5382] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5382] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5382] close(3) = 0 [pid 5382] mkdir("./file1", 0777) = 0 [ 103.785475][ T5382] loop0: detected capacity change from 0 to 8192 [ 103.794654][ T5382] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.807943][ T5382] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 103.817300][ T5382] REISERFS (device loop0): using ordered data mode [ 103.823795][ T5382] reiserfs: using flush barriers [ 103.830113][ T5382] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.846458][ T5382] REISERFS (device loop0): checking transaction log (loop0) [pid 5382] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5382] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5382] chdir("./file1") = 0 [pid 5382] ioctl(4, LOOP_CLR_FD) = 0 [pid 5382] close(4) = 0 [pid 5382] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5382] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5382] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5382] exit_group(0) = ? [pid 5382] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5382, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./150/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./150/binderfs") = 0 umount2("./150/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./150/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./150/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./150/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./150/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./150/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 [ 103.893818][ T5382] REISERFS (device loop0): Using r5 hash to sort names [ 103.901305][ T5382] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 rmdir("./150") = 0 mkdir("./151", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5384 ./strace-static-x86_64: Process 5384 attached [pid 5384] chdir("./151") = 0 [pid 5384] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5384] setpgid(0, 0) = 0 [pid 5384] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5384] write(3, "1000", 4) = 4 [pid 5384] close(3) = 0 [pid 5384] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5384] memfd_create("syzkaller", 0) = 3 [pid 5384] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5384] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5384] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5384] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5384] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5384] close(3) = 0 [pid 5384] mkdir("./file1", 0777) = 0 [ 104.032908][ T5384] loop0: detected capacity change from 0 to 8192 [ 104.042965][ T5384] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.056598][ T5384] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.065895][ T5384] REISERFS (device loop0): using ordered data mode [ 104.072440][ T5384] reiserfs: using flush barriers [ 104.078487][ T5384] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.094924][ T5384] REISERFS (device loop0): checking transaction log (loop0) [pid 5384] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5384] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5384] chdir("./file1") = 0 [pid 5384] ioctl(4, LOOP_CLR_FD) = 0 [pid 5384] close(4) = 0 [pid 5384] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5384] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5384] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5384] exit_group(0) = ? [pid 5384] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5384, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./151/binderfs") = 0 [ 104.141676][ T5384] REISERFS (device loop0): Using r5 hash to sort names [ 104.148933][ T5384] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./151/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./151/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./151/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./151/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./151/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./151/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./151") = 0 mkdir("./152", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5386 attached [pid 5386] chdir("./152") = 0 [pid 5386] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5386] setpgid(0, 0) = 0 [pid 5386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5386] write(3, "1000", 4) = 4 [pid 5386] close(3) = 0 [pid 5386] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5386] memfd_create("syzkaller", 0) = 3 [pid 5386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5073] <... clone resumed>, child_tidptr=0x55555738c5d0) = 5386 [pid 5386] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5386] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5386] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5386] close(3) = 0 [pid 5386] mkdir("./file1", 0777) = 0 [ 104.277431][ T5386] loop0: detected capacity change from 0 to 8192 [ 104.288235][ T5386] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.301259][ T5386] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.310712][ T5386] REISERFS (device loop0): using ordered data mode [ 104.317260][ T5386] reiserfs: using flush barriers [ 104.323183][ T5386] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.339658][ T5386] REISERFS (device loop0): checking transaction log (loop0) [pid 5386] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5386] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5386] chdir("./file1") = 0 [pid 5386] ioctl(4, LOOP_CLR_FD) = 0 [pid 5386] close(4) = 0 [pid 5386] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5386] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5386] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5386] exit_group(0) = ? [pid 5386] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5386, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./152/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./152/binderfs") = 0 [ 104.386156][ T5386] REISERFS (device loop0): Using r5 hash to sort names [ 104.393271][ T5386] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./152/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./152/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./152/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./152/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./152/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./152/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./152") = 0 mkdir("./153", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5388 ./strace-static-x86_64: Process 5388 attached [pid 5388] chdir("./153") = 0 [pid 5388] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5388] setpgid(0, 0) = 0 [pid 5388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5388] write(3, "1000", 4) = 4 [pid 5388] close(3) = 0 [pid 5388] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5388] memfd_create("syzkaller", 0) = 3 [pid 5388] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5388] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5388] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5388] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5388] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5388] close(3) = 0 [pid 5388] mkdir("./file1", 0777) = 0 [ 104.522293][ T5388] loop0: detected capacity change from 0 to 8192 [ 104.532845][ T5388] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.546165][ T5388] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.555405][ T5388] REISERFS (device loop0): using ordered data mode [ 104.561947][ T5388] reiserfs: using flush barriers [ 104.567894][ T5388] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.584299][ T5388] REISERFS (device loop0): checking transaction log (loop0) [pid 5388] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5388] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5388] chdir("./file1") = 0 [pid 5388] ioctl(4, LOOP_CLR_FD) = 0 [pid 5388] close(4) = 0 [pid 5388] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5388] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5388] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5388] exit_group(0) = ? [pid 5388] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5388, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./153/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./153/binderfs") = 0 [ 104.629221][ T5388] REISERFS (device loop0): Using r5 hash to sort names [ 104.636268][ T5388] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./153/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./153/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./153/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./153/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./153/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./153/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./153") = 0 mkdir("./154", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5390 attached , child_tidptr=0x55555738c5d0) = 5390 [pid 5390] chdir("./154") = 0 [pid 5390] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5390] setpgid(0, 0) = 0 [pid 5390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5390] write(3, "1000", 4) = 4 [pid 5390] close(3) = 0 [pid 5390] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5390] memfd_create("syzkaller", 0) = 3 [pid 5390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5390] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5390] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5390] close(3) = 0 [pid 5390] mkdir("./file1", 0777) = 0 [ 104.787868][ T5390] loop0: detected capacity change from 0 to 8192 [ 104.797370][ T5390] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 104.810388][ T5390] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 104.819891][ T5390] REISERFS (device loop0): using ordered data mode [ 104.826388][ T5390] reiserfs: using flush barriers [ 104.832387][ T5390] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.849042][ T5390] REISERFS (device loop0): checking transaction log (loop0) [pid 5390] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5390] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5390] chdir("./file1") = 0 [pid 5390] ioctl(4, LOOP_CLR_FD) = 0 [pid 5390] close(4) = 0 [pid 5390] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5390] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5390] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5390] exit_group(0) = ? [pid 5390] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5390, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./154/binderfs") = 0 [ 104.894696][ T5390] REISERFS (device loop0): Using r5 hash to sort names [ 104.901848][ T5390] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./154/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./154/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./154/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./154/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./154/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./154/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./154") = 0 mkdir("./155", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5392 ./strace-static-x86_64: Process 5392 attached [pid 5392] chdir("./155") = 0 [pid 5392] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5392] setpgid(0, 0) = 0 [pid 5392] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5392] write(3, "1000", 4) = 4 [pid 5392] close(3) = 0 [pid 5392] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5392] memfd_create("syzkaller", 0) = 3 [pid 5392] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5392] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5392] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5392] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5392] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5392] close(3) = 0 [pid 5392] mkdir("./file1", 0777) = 0 [ 105.025742][ T5392] loop0: detected capacity change from 0 to 8192 [ 105.034973][ T5392] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.048288][ T5392] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.057653][ T5392] REISERFS (device loop0): using ordered data mode [ 105.064156][ T5392] reiserfs: using flush barriers [ 105.070298][ T5392] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.086749][ T5392] REISERFS (device loop0): checking transaction log (loop0) [pid 5392] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5392] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5392] chdir("./file1") = 0 [pid 5392] ioctl(4, LOOP_CLR_FD) = 0 [pid 5392] close(4) = 0 [pid 5392] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5392] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5392] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5392] exit_group(0) = ? [pid 5392] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5392, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./155/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./155/binderfs") = 0 [ 105.131077][ T5392] REISERFS (device loop0): Using r5 hash to sort names [ 105.138353][ T5392] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./155/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./155/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./155/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./155/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./155/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./155/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./155") = 0 mkdir("./156", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5394 ./strace-static-x86_64: Process 5394 attached [pid 5394] chdir("./156") = 0 [pid 5394] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5394] setpgid(0, 0) = 0 [pid 5394] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5394] write(3, "1000", 4) = 4 [pid 5394] close(3) = 0 [pid 5394] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5394] memfd_create("syzkaller", 0) = 3 [pid 5394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5394] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5394] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5394] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5394] close(3) = 0 [pid 5394] mkdir("./file1", 0777) = 0 [ 105.268952][ T5394] loop0: detected capacity change from 0 to 8192 [ 105.278251][ T5394] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.291819][ T5394] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.301452][ T5394] REISERFS (device loop0): using ordered data mode [ 105.308410][ T5394] reiserfs: using flush barriers [ 105.314247][ T5394] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.331022][ T5394] REISERFS (device loop0): checking transaction log (loop0) [pid 5394] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5394] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5394] chdir("./file1") = 0 [pid 5394] ioctl(4, LOOP_CLR_FD) = 0 [pid 5394] close(4) = 0 [pid 5394] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5394] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5394] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5394] exit_group(0) = ? [pid 5394] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5394, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./156", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./156", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./156/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./156/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./156/binderfs") = 0 [ 105.379107][ T5394] REISERFS (device loop0): Using r5 hash to sort names [ 105.386399][ T5394] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./156/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./156/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./156/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./156/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./156/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./156/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./156") = 0 mkdir("./157", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5396 ./strace-static-x86_64: Process 5396 attached [pid 5396] chdir("./157") = 0 [pid 5396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5396] setpgid(0, 0) = 0 [pid 5396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5396] write(3, "1000", 4) = 4 [pid 5396] close(3) = 0 [pid 5396] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5396] memfd_create("syzkaller", 0) = 3 [pid 5396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5396] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5396] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5396] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5396] close(3) = 0 [pid 5396] mkdir("./file1", 0777) = 0 [ 105.517322][ T5396] loop0: detected capacity change from 0 to 8192 [ 105.527485][ T5396] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.540721][ T5396] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.550384][ T5396] REISERFS (device loop0): using ordered data mode [ 105.557205][ T5396] reiserfs: using flush barriers [ 105.563253][ T5396] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.579666][ T5396] REISERFS (device loop0): checking transaction log (loop0) [pid 5396] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5396] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5396] chdir("./file1") = 0 [pid 5396] ioctl(4, LOOP_CLR_FD) = 0 [pid 5396] close(4) = 0 [pid 5396] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5396] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5396] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5396] exit_group(0) = ? [pid 5396] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5396, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./157", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./157", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./157/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./157/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./157/binderfs") = 0 [ 105.621913][ T5396] REISERFS (device loop0): Using r5 hash to sort names [ 105.629019][ T5396] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./157/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./157/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./157/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./157/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./157/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./157/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./157") = 0 mkdir("./158", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5398 ./strace-static-x86_64: Process 5398 attached [pid 5398] chdir("./158") = 0 [pid 5398] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5398] setpgid(0, 0) = 0 [pid 5398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5398] write(3, "1000", 4) = 4 [pid 5398] close(3) = 0 [pid 5398] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5398] memfd_create("syzkaller", 0) = 3 [pid 5398] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5398] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5398] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5398] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5398] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5398] close(3) = 0 [pid 5398] mkdir("./file1", 0777) = 0 [ 105.762484][ T5398] loop0: detected capacity change from 0 to 8192 [ 105.774969][ T5398] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.788160][ T5398] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 105.797508][ T5398] REISERFS (device loop0): using ordered data mode [ 105.804025][ T5398] reiserfs: using flush barriers [ 105.810130][ T5398] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.826493][ T5398] REISERFS (device loop0): checking transaction log (loop0) [pid 5398] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5398] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5398] chdir("./file1") = 0 [pid 5398] ioctl(4, LOOP_CLR_FD) = 0 [pid 5398] close(4) = 0 [pid 5398] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5398] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5398] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5398] exit_group(0) = ? [pid 5398] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5398, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./158", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./158", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./158/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./158/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 105.875477][ T5398] REISERFS (device loop0): Using r5 hash to sort names [ 105.882643][ T5398] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. unlink("./158/binderfs") = 0 umount2("./158/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./158/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./158/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./158/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./158/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./158/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./158") = 0 mkdir("./159", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5400 attached , child_tidptr=0x55555738c5d0) = 5400 [pid 5400] chdir("./159") = 0 [pid 5400] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5400] setpgid(0, 0) = 0 [pid 5400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5400] write(3, "1000", 4) = 4 [pid 5400] close(3) = 0 [pid 5400] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5400] memfd_create("syzkaller", 0) = 3 [pid 5400] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5400] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5400] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5400] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5400] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5400] close(3) = 0 [pid 5400] mkdir("./file1", 0777) = 0 [ 106.033798][ T5400] loop0: detected capacity change from 0 to 8192 [ 106.043779][ T5400] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.056757][ T5400] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.066139][ T5400] REISERFS (device loop0): using ordered data mode [ 106.072934][ T5400] reiserfs: using flush barriers [ 106.078948][ T5400] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.095601][ T5400] REISERFS (device loop0): checking transaction log (loop0) [pid 5400] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5400] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5400] chdir("./file1") = 0 [pid 5400] ioctl(4, LOOP_CLR_FD) = 0 [pid 5400] close(4) = 0 [pid 5400] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5400] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5400] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5400] exit_group(0) = ? [pid 5400] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5400, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- umount2("./159", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./159", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./159/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./159/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./159/binderfs") = 0 [ 106.142915][ T5400] REISERFS (device loop0): Using r5 hash to sort names [ 106.150639][ T5400] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./159/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./159/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./159/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./159/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./159/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./159/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./159") = 0 mkdir("./160", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5402 attached , child_tidptr=0x55555738c5d0) = 5402 [pid 5402] chdir("./160") = 0 [pid 5402] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5402] setpgid(0, 0) = 0 [pid 5402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5402] write(3, "1000", 4) = 4 [pid 5402] close(3) = 0 [pid 5402] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5402] memfd_create("syzkaller", 0) = 3 [pid 5402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5402] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5402] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5402] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5402] close(3) = 0 [pid 5402] mkdir("./file1", 0777) = 0 [ 106.287226][ T5402] loop0: detected capacity change from 0 to 8192 [ 106.297148][ T5402] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.310207][ T5402] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.319455][ T5402] REISERFS (device loop0): using ordered data mode [ 106.325974][ T5402] reiserfs: using flush barriers [ 106.331908][ T5402] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.348223][ T5402] REISERFS (device loop0): checking transaction log (loop0) [pid 5402] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5402] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5402] chdir("./file1") = 0 [pid 5402] ioctl(4, LOOP_CLR_FD) = 0 [pid 5402] close(4) = 0 [pid 5402] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5402] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5402] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5402] exit_group(0) = ? [pid 5402] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5402, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./160", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./160", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./160/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./160/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./160/binderfs") = 0 [ 106.394651][ T5402] REISERFS (device loop0): Using r5 hash to sort names [ 106.401733][ T5402] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./160/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./160/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./160/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./160/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./160/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./160/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./160") = 0 mkdir("./161", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5404 attached , child_tidptr=0x55555738c5d0) = 5404 [pid 5404] chdir("./161") = 0 [pid 5404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5404] setpgid(0, 0) = 0 [pid 5404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5404] write(3, "1000", 4) = 4 [pid 5404] close(3) = 0 [pid 5404] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5404] memfd_create("syzkaller", 0) = 3 [pid 5404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5404] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5404] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5404] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5404] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5404] close(3) = 0 [pid 5404] mkdir("./file1", 0777) = 0 [ 106.542390][ T5404] loop0: detected capacity change from 0 to 8192 [ 106.551671][ T5404] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.564726][ T5404] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.573950][ T5404] REISERFS (device loop0): using ordered data mode [ 106.580479][ T5404] reiserfs: using flush barriers [ 106.586311][ T5404] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.602971][ T5404] REISERFS (device loop0): checking transaction log (loop0) [pid 5404] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5404] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5404] chdir("./file1") = 0 [pid 5404] ioctl(4, LOOP_CLR_FD) = 0 [pid 5404] close(4) = 0 [pid 5404] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5404] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5404] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5404] exit_group(0) = ? [pid 5404] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5404, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./161", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./161", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./161/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./161/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./161/binderfs") = 0 [ 106.651923][ T5404] REISERFS (device loop0): Using r5 hash to sort names [ 106.659308][ T5404] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./161/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./161/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./161/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./161/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./161/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./161/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./161") = 0 mkdir("./162", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5406 ./strace-static-x86_64: Process 5406 attached [pid 5406] chdir("./162") = 0 [pid 5406] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5406] setpgid(0, 0) = 0 [pid 5406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5406] write(3, "1000", 4) = 4 [pid 5406] close(3) = 0 [pid 5406] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5406] memfd_create("syzkaller", 0) = 3 [pid 5406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5406] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5406] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5406] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5406] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5406] close(3) = 0 [pid 5406] mkdir("./file1", 0777) = 0 [ 106.787814][ T5406] loop0: detected capacity change from 0 to 8192 [ 106.798706][ T5406] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 106.811792][ T5406] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 106.821152][ T5406] REISERFS (device loop0): using ordered data mode [ 106.827956][ T5406] reiserfs: using flush barriers [ 106.833691][ T5406] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 106.850217][ T5406] REISERFS (device loop0): checking transaction log (loop0) [pid 5406] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5406] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5406] chdir("./file1") = 0 [pid 5406] ioctl(4, LOOP_CLR_FD) = 0 [pid 5406] close(4) = 0 [pid 5406] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5406] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5406] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5406] exit_group(0) = ? [pid 5406] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5406, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./162", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./162", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./162/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./162/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./162/binderfs") = 0 [ 106.891735][ T5406] REISERFS (device loop0): Using r5 hash to sort names [ 106.898816][ T5406] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./162/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./162/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./162/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./162/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./162/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./162/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./162") = 0 mkdir("./163", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5408 ./strace-static-x86_64: Process 5408 attached [pid 5408] chdir("./163") = 0 [pid 5408] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5408] setpgid(0, 0) = 0 [pid 5408] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5408] write(3, "1000", 4) = 4 [pid 5408] close(3) = 0 [pid 5408] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5408] memfd_create("syzkaller", 0) = 3 [pid 5408] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5408] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5408] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5408] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5408] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5408] close(3) = 0 [pid 5408] mkdir("./file1", 0777) = 0 [ 107.030601][ T5408] loop0: detected capacity change from 0 to 8192 [ 107.040563][ T5408] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.053826][ T5408] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.063134][ T5408] REISERFS (device loop0): using ordered data mode [ 107.069723][ T5408] reiserfs: using flush barriers [ 107.075625][ T5408] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.092091][ T5408] REISERFS (device loop0): checking transaction log (loop0) [pid 5408] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5408] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5408] chdir("./file1") = 0 [pid 5408] ioctl(4, LOOP_CLR_FD) = 0 [pid 5408] close(4) = 0 [pid 5408] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5408] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5408] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5408] exit_group(0) = ? [pid 5408] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5408, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./163", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./163", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./163/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./163/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./163/binderfs") = 0 [ 107.138401][ T5408] REISERFS (device loop0): Using r5 hash to sort names [ 107.145461][ T5408] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./163/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./163/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./163/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./163/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./163/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./163/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./163") = 0 mkdir("./164", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5410 ./strace-static-x86_64: Process 5410 attached [pid 5410] chdir("./164") = 0 [pid 5410] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5410] setpgid(0, 0) = 0 [pid 5410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5410] write(3, "1000", 4) = 4 [pid 5410] close(3) = 0 [pid 5410] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5410] memfd_create("syzkaller", 0) = 3 [pid 5410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5410] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5410] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5410] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5410] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5410] close(3) = 0 [pid 5410] mkdir("./file1", 0777) = 0 [ 107.279487][ T5410] loop0: detected capacity change from 0 to 8192 [ 107.288702][ T5410] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.302014][ T5410] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.311757][ T5410] REISERFS (device loop0): using ordered data mode [ 107.318654][ T5410] reiserfs: using flush barriers [ 107.324402][ T5410] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.341037][ T5410] REISERFS (device loop0): checking transaction log (loop0) [pid 5410] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5410] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5410] chdir("./file1") = 0 [pid 5410] ioctl(4, LOOP_CLR_FD) = 0 [pid 5410] close(4) = 0 [pid 5410] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5410] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5410] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5410] exit_group(0) = ? [pid 5410] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5410, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./164", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./164", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./164/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./164/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./164/binderfs") = 0 [ 107.393977][ T5410] REISERFS (device loop0): Using r5 hash to sort names [ 107.401105][ T5410] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./164/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./164/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./164/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./164/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./164/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./164/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./164") = 0 mkdir("./165", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5412 ./strace-static-x86_64: Process 5412 attached [pid 5412] chdir("./165") = 0 [pid 5412] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5412] setpgid(0, 0) = 0 [pid 5412] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5412] write(3, "1000", 4) = 4 [pid 5412] close(3) = 0 [pid 5412] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5412] memfd_create("syzkaller", 0) = 3 [pid 5412] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5412] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5412] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5412] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5412] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5412] close(3) = 0 [pid 5412] mkdir("./file1", 0777) = 0 [ 107.548342][ T5412] loop0: detected capacity change from 0 to 8192 [ 107.559236][ T5412] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.572415][ T5412] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.581844][ T5412] REISERFS (device loop0): using ordered data mode [ 107.588427][ T5412] reiserfs: using flush barriers [ 107.594296][ T5412] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.610770][ T5412] REISERFS (device loop0): checking transaction log (loop0) [pid 5412] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5412] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5412] chdir("./file1") = 0 [pid 5412] ioctl(4, LOOP_CLR_FD) = 0 [pid 5412] close(4) = 0 [pid 5412] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5412] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5412] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5412] exit_group(0) = ? [pid 5412] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5412, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./165", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./165", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./165/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./165/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./165/binderfs") = 0 [ 107.658894][ T5412] REISERFS (device loop0): Using r5 hash to sort names [ 107.666104][ T5412] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./165/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./165/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./165/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./165/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./165/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./165/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./165") = 0 mkdir("./166", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5414 ./strace-static-x86_64: Process 5414 attached [pid 5414] chdir("./166") = 0 [pid 5414] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5414] setpgid(0, 0) = 0 [pid 5414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5414] write(3, "1000", 4) = 4 [pid 5414] close(3) = 0 [pid 5414] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5414] memfd_create("syzkaller", 0) = 3 [pid 5414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5414] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5414] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5414] close(3) = 0 [pid 5414] mkdir("./file1", 0777) = 0 [ 107.807070][ T5414] loop0: detected capacity change from 0 to 8192 [ 107.818123][ T5414] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 107.831386][ T5414] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 107.841038][ T5414] REISERFS (device loop0): using ordered data mode [ 107.847963][ T5414] reiserfs: using flush barriers [ 107.853836][ T5414] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.870635][ T5414] REISERFS (device loop0): checking transaction log (loop0) [pid 5414] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5414] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5414] chdir("./file1") = 0 [pid 5414] ioctl(4, LOOP_CLR_FD) = 0 [pid 5414] close(4) = 0 [pid 5414] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5414] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5414] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5414] exit_group(0) = ? [pid 5414] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5414, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- umount2("./166", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./166", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./166/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./166/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./166/binderfs") = 0 umount2("./166/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./166/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./166/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./166/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./166/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./166/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./166") = 0 mkdir("./167", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 107.923944][ T5414] REISERFS (device loop0): Using r5 hash to sort names [ 107.931025][ T5414] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5416 ./strace-static-x86_64: Process 5416 attached [pid 5416] chdir("./167") = 0 [pid 5416] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5416] setpgid(0, 0) = 0 [pid 5416] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5416] write(3, "1000", 4) = 4 [pid 5416] close(3) = 0 [pid 5416] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5416] memfd_create("syzkaller", 0) = 3 [pid 5416] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5416] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5416] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5416] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5416] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5416] close(3) = 0 [pid 5416] mkdir("./file1", 0777) = 0 [ 108.056952][ T5416] loop0: detected capacity change from 0 to 8192 [ 108.067961][ T5416] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.081062][ T5416] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 108.090340][ T5416] REISERFS (device loop0): using ordered data mode [ 108.097098][ T5416] reiserfs: using flush barriers [ 108.103127][ T5416] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.119550][ T5416] REISERFS (device loop0): checking transaction log (loop0) [pid 5416] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5416] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5416] chdir("./file1") = 0 [pid 5416] ioctl(4, LOOP_CLR_FD) = 0 [pid 5416] close(4) = 0 [pid 5416] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5416] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5416] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5416] exit_group(0) = ? [pid 5416] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5416, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./167", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./167", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./167/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./167/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./167/binderfs") = 0 [ 108.161273][ T5416] REISERFS (device loop0): Using r5 hash to sort names [ 108.168345][ T5416] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./167/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./167/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./167/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./167/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./167/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./167/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./167") = 0 mkdir("./168", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5418 ./strace-static-x86_64: Process 5418 attached [pid 5418] chdir("./168") = 0 [pid 5418] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5418] setpgid(0, 0) = 0 [pid 5418] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5418] write(3, "1000", 4) = 4 [pid 5418] close(3) = 0 [pid 5418] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5418] memfd_create("syzkaller", 0) = 3 [pid 5418] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5418] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5418] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5418] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5418] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5418] close(3) = 0 [pid 5418] mkdir("./file1", 0777) = 0 [ 108.304891][ T5418] loop0: detected capacity change from 0 to 8192 [ 108.314943][ T5418] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.328097][ T5418] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 108.337367][ T5418] REISERFS (device loop0): using ordered data mode [ 108.343878][ T5418] reiserfs: using flush barriers [ 108.349943][ T5418] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.366363][ T5418] REISERFS (device loop0): checking transaction log (loop0) [pid 5418] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5418] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5418] chdir("./file1") = 0 [pid 5418] ioctl(4, LOOP_CLR_FD) = 0 [pid 5418] close(4) = 0 [pid 5418] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5418] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5418] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5418] exit_group(0) = ? [pid 5418] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5418, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./168", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./168", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./168/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./168/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./168/binderfs") = 0 [ 108.413028][ T5418] REISERFS (device loop0): Using r5 hash to sort names [ 108.420418][ T5418] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./168/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./168/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./168/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./168/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./168/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./168/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./168") = 0 mkdir("./169", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5420 ./strace-static-x86_64: Process 5420 attached [pid 5420] chdir("./169") = 0 [pid 5420] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5420] setpgid(0, 0) = 0 [pid 5420] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5420] write(3, "1000", 4) = 4 [pid 5420] close(3) = 0 [pid 5420] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5420] memfd_create("syzkaller", 0) = 3 [pid 5420] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5420] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5420] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5420] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5420] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5420] close(3) = 0 [pid 5420] mkdir("./file1", 0777) = 0 [ 108.560880][ T5420] loop0: detected capacity change from 0 to 8192 [ 108.571779][ T5420] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.585225][ T5420] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 108.594836][ T5420] REISERFS (device loop0): using ordered data mode [ 108.601584][ T5420] reiserfs: using flush barriers [ 108.607805][ T5420] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.624392][ T5420] REISERFS (device loop0): checking transaction log (loop0) [pid 5420] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5420] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5420] chdir("./file1") = 0 [pid 5420] ioctl(4, LOOP_CLR_FD) = 0 [pid 5420] close(4) = 0 [pid 5420] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5420] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5420] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5420] exit_group(0) = ? [pid 5420] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5420, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./169", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./169", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./169/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./169/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./169/binderfs") = 0 [ 108.674599][ T5420] REISERFS (device loop0): Using r5 hash to sort names [ 108.681763][ T5420] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./169/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./169/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./169/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./169/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./169/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./169/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./169") = 0 mkdir("./170", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5422 attached , child_tidptr=0x55555738c5d0) = 5422 [pid 5422] chdir("./170") = 0 [pid 5422] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5422] setpgid(0, 0) = 0 [pid 5422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5422] write(3, "1000", 4) = 4 [pid 5422] close(3) = 0 [pid 5422] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5422] memfd_create("syzkaller", 0) = 3 [pid 5422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5422] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5422] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5422] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5422] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5422] close(3) = 0 [pid 5422] mkdir("./file1", 0777) = 0 [ 108.825398][ T5422] loop0: detected capacity change from 0 to 8192 [ 108.844889][ T5422] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.857902][ T5422] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 108.867122][ T5422] REISERFS (device loop0): using ordered data mode [ 108.873628][ T5422] reiserfs: using flush barriers [ 108.879557][ T5422] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.895853][ T5422] REISERFS (device loop0): checking transaction log (loop0) [pid 5422] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5422] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5422] chdir("./file1") = 0 [pid 5422] ioctl(4, LOOP_CLR_FD) = 0 [pid 5422] close(4) = 0 [pid 5422] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5422] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5422] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5422] exit_group(0) = ? [pid 5422] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5422, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./170", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./170", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./170/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./170/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./170/binderfs") = 0 [ 108.940862][ T5422] REISERFS (device loop0): Using r5 hash to sort names [ 108.948343][ T5422] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./170/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./170/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./170/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./170/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./170/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./170/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./170") = 0 mkdir("./171", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5424 ./strace-static-x86_64: Process 5424 attached [pid 5424] chdir("./171") = 0 [pid 5424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5424] setpgid(0, 0) = 0 [pid 5424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5424] write(3, "1000", 4) = 4 [pid 5424] close(3) = 0 [pid 5424] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5424] memfd_create("syzkaller", 0) = 3 [pid 5424] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5424] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5424] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5424] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5424] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5424] close(3) = 0 [pid 5424] mkdir("./file1", 0777) = 0 [ 109.083703][ T5424] loop0: detected capacity change from 0 to 8192 [ 109.093594][ T5424] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.106884][ T5424] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 109.116089][ T5424] REISERFS (device loop0): using ordered data mode [ 109.122851][ T5424] reiserfs: using flush barriers [ 109.128760][ T5424] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.145095][ T5424] REISERFS (device loop0): checking transaction log (loop0) [pid 5424] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5424] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5424] chdir("./file1") = 0 [pid 5424] ioctl(4, LOOP_CLR_FD) = 0 [pid 5424] close(4) = 0 [pid 5424] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5424] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5424] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5424] exit_group(0) = ? [pid 5424] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5424, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./171", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./171", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./171/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./171/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./171/binderfs") = 0 [ 109.191845][ T5424] REISERFS (device loop0): Using r5 hash to sort names [ 109.199134][ T5424] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./171/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./171/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./171/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./171/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./171/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./171/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./171") = 0 mkdir("./172", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5426 ./strace-static-x86_64: Process 5426 attached [pid 5426] chdir("./172") = 0 [pid 5426] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5426] setpgid(0, 0) = 0 [pid 5426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5426] write(3, "1000", 4) = 4 [pid 5426] close(3) = 0 [pid 5426] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5426] memfd_create("syzkaller", 0) = 3 [pid 5426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5426] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5426] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5426] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5426] close(3) = 0 [pid 5426] mkdir("./file1", 0777) = 0 [ 109.325217][ T5426] loop0: detected capacity change from 0 to 8192 [ 109.334993][ T5426] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.348015][ T5426] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 109.357452][ T5426] REISERFS (device loop0): using ordered data mode [ 109.363956][ T5426] reiserfs: using flush barriers [ 109.370026][ T5426] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.386400][ T5426] REISERFS (device loop0): checking transaction log (loop0) [pid 5426] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5426] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5426] chdir("./file1") = 0 [pid 5426] ioctl(4, LOOP_CLR_FD) = 0 [pid 5426] close(4) = 0 [pid 5426] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5426] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5426] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5426] exit_group(0) = ? [pid 5426] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5426, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./172", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./172", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./172/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./172/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./172/binderfs") = 0 [ 109.433910][ T5426] REISERFS (device loop0): Using r5 hash to sort names [ 109.441570][ T5426] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./172/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./172/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./172/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./172/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./172/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./172/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./172") = 0 mkdir("./173", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5428 ./strace-static-x86_64: Process 5428 attached [pid 5428] chdir("./173") = 0 [pid 5428] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5428] setpgid(0, 0) = 0 [pid 5428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5428] write(3, "1000", 4) = 4 [pid 5428] close(3) = 0 [pid 5428] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5428] memfd_create("syzkaller", 0) = 3 [pid 5428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5428] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5428] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5428] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5428] close(3) = 0 [pid 5428] mkdir("./file1", 0777) = 0 [ 109.583487][ T5428] loop0: detected capacity change from 0 to 8192 [ 109.592847][ T5428] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.606606][ T5428] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 109.616241][ T5428] REISERFS (device loop0): using ordered data mode [ 109.623099][ T5428] reiserfs: using flush barriers [ 109.629117][ T5428] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.645907][ T5428] REISERFS (device loop0): checking transaction log (loop0) [pid 5428] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5428] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5428] chdir("./file1") = 0 [pid 5428] ioctl(4, LOOP_CLR_FD) = 0 [pid 5428] close(4) = 0 [pid 5428] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5428] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5428] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5428] exit_group(0) = ? [pid 5428] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5428, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./173", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./173", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./173/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./173/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./173/binderfs") = 0 [ 109.693505][ T5428] REISERFS (device loop0): Using r5 hash to sort names [ 109.700615][ T5428] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./173/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./173/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./173/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./173/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./173/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./173/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./173") = 0 mkdir("./174", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5430 ./strace-static-x86_64: Process 5430 attached [pid 5430] chdir("./174") = 0 [pid 5430] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5430] setpgid(0, 0) = 0 [pid 5430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5430] write(3, "1000", 4) = 4 [pid 5430] close(3) = 0 [pid 5430] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5430] memfd_create("syzkaller", 0) = 3 [pid 5430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5430] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5430] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5430] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5430] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5430] close(3) = 0 [pid 5430] mkdir("./file1", 0777) = 0 [ 109.834040][ T5430] loop0: detected capacity change from 0 to 8192 [ 109.844791][ T5430] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.857871][ T5430] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 109.867078][ T5430] REISERFS (device loop0): using ordered data mode [ 109.873575][ T5430] reiserfs: using flush barriers [ 109.879666][ T5430] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.896106][ T5430] REISERFS (device loop0): checking transaction log (loop0) [pid 5430] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5430] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5430] chdir("./file1") = 0 [pid 5430] ioctl(4, LOOP_CLR_FD) = 0 [pid 5430] close(4) = 0 [pid 5430] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5430] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5430] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5430] exit_group(0) = ? [pid 5430] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5430, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./174", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./174", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./174/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./174/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./174/binderfs") = 0 [ 109.942915][ T5430] REISERFS (device loop0): Using r5 hash to sort names [ 109.950336][ T5430] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./174/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./174/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./174/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./174/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./174/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./174/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./174") = 0 mkdir("./175", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5432 ./strace-static-x86_64: Process 5432 attached [pid 5432] chdir("./175") = 0 [pid 5432] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5432] setpgid(0, 0) = 0 [pid 5432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5432] write(3, "1000", 4) = 4 [pid 5432] close(3) = 0 [pid 5432] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5432] memfd_create("syzkaller", 0) = 3 [pid 5432] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5432] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5432] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5432] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5432] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5432] close(3) = 0 [pid 5432] mkdir("./file1", 0777) = 0 [ 110.084810][ T5432] loop0: detected capacity change from 0 to 8192 [ 110.094855][ T5432] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.107940][ T5432] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 110.117185][ T5432] REISERFS (device loop0): using ordered data mode [ 110.123691][ T5432] reiserfs: using flush barriers [ 110.129755][ T5432] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.146237][ T5432] REISERFS (device loop0): checking transaction log (loop0) [pid 5432] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5432] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5432] chdir("./file1") = 0 [pid 5432] ioctl(4, LOOP_CLR_FD) = 0 [pid 5432] close(4) = 0 [pid 5432] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5432] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5432] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5432] exit_group(0) = ? [pid 5432] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5432, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./175", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./175", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./175/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./175/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./175/binderfs") = 0 [ 110.191886][ T5432] REISERFS (device loop0): Using r5 hash to sort names [ 110.199040][ T5432] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./175/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./175/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./175/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./175/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./175/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./175/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./175") = 0 mkdir("./176", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5434 ./strace-static-x86_64: Process 5434 attached [pid 5434] chdir("./176") = 0 [pid 5434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5434] setpgid(0, 0) = 0 [pid 5434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5434] write(3, "1000", 4) = 4 [pid 5434] close(3) = 0 [pid 5434] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5434] memfd_create("syzkaller", 0) = 3 [pid 5434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5434] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5434] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5434] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5434] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5434] close(3) = 0 [pid 5434] mkdir("./file1", 0777) = 0 [ 110.327698][ T5434] loop0: detected capacity change from 0 to 8192 [ 110.337261][ T5434] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.350284][ T5434] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 110.359727][ T5434] REISERFS (device loop0): using ordered data mode [ 110.366242][ T5434] reiserfs: using flush barriers [ 110.372430][ T5434] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.389181][ T5434] REISERFS (device loop0): checking transaction log (loop0) [pid 5434] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5434] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5434] chdir("./file1") = 0 [pid 5434] ioctl(4, LOOP_CLR_FD) = 0 [pid 5434] close(4) = 0 [pid 5434] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5434] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5434] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5434] exit_group(0) = ? [pid 5434] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5434, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./176", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./176", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./176/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./176/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./176/binderfs") = 0 [ 110.432014][ T5434] REISERFS (device loop0): Using r5 hash to sort names [ 110.439091][ T5434] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./176/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./176/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./176/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./176/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./176/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./176/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./176") = 0 mkdir("./177", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5436 ./strace-static-x86_64: Process 5436 attached [pid 5436] chdir("./177") = 0 [pid 5436] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5436] setpgid(0, 0) = 0 [pid 5436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5436] write(3, "1000", 4) = 4 [pid 5436] close(3) = 0 [pid 5436] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5436] memfd_create("syzkaller", 0) = 3 [pid 5436] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5436] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5436] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5436] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5436] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5436] close(3) = 0 [pid 5436] mkdir("./file1", 0777) = 0 [ 110.577806][ T5436] loop0: detected capacity change from 0 to 8192 [ 110.587313][ T5436] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.600380][ T5436] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 110.609691][ T5436] REISERFS (device loop0): using ordered data mode [ 110.616463][ T5436] reiserfs: using flush barriers [ 110.622782][ T5436] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.639273][ T5436] REISERFS (device loop0): checking transaction log (loop0) [pid 5436] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5436] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5436] chdir("./file1") = 0 [pid 5436] ioctl(4, LOOP_CLR_FD) = 0 [pid 5436] close(4) = 0 [pid 5436] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5436] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5436] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5436] exit_group(0) = ? [pid 5436] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5436, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./177", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./177", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./177/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./177/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./177/binderfs") = 0 [ 110.681021][ T5436] REISERFS (device loop0): Using r5 hash to sort names [ 110.688446][ T5436] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./177/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./177/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./177/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./177/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./177/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./177/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./177") = 0 mkdir("./178", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5438 attached , child_tidptr=0x55555738c5d0) = 5438 [pid 5438] chdir("./178") = 0 [pid 5438] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5438] setpgid(0, 0) = 0 [pid 5438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5438] write(3, "1000", 4) = 4 [pid 5438] close(3) = 0 [pid 5438] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5438] memfd_create("syzkaller", 0) = 3 [pid 5438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5438] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5438] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5438] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5438] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5438] close(3) = 0 [pid 5438] mkdir("./file1", 0777) = 0 [ 110.834941][ T5438] loop0: detected capacity change from 0 to 8192 [ 110.845282][ T5438] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.858667][ T5438] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 110.868146][ T5438] REISERFS (device loop0): using ordered data mode [ 110.874661][ T5438] reiserfs: using flush barriers [ 110.880634][ T5438] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 110.897400][ T5438] REISERFS (device loop0): checking transaction log (loop0) [pid 5438] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5438] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5438] chdir("./file1") = 0 [pid 5438] ioctl(4, LOOP_CLR_FD) = 0 [pid 5438] close(4) = 0 [pid 5438] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5438] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5438] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5438] exit_group(0) = ? [pid 5438] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5438, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./178", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./178", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./178/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./178/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./178/binderfs") = 0 [ 110.944334][ T5438] REISERFS (device loop0): Using r5 hash to sort names [ 110.951808][ T5438] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./178/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./178/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./178/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./178/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./178/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./178/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./178") = 0 mkdir("./179", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5440 ./strace-static-x86_64: Process 5440 attached [pid 5440] chdir("./179") = 0 [pid 5440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5440] setpgid(0, 0) = 0 [pid 5440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5440] write(3, "1000", 4) = 4 [pid 5440] close(3) = 0 [pid 5440] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5440] memfd_create("syzkaller", 0) = 3 [pid 5440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5440] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5440] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5440] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5440] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5440] close(3) = 0 [pid 5440] mkdir("./file1", 0777) = 0 [ 111.089791][ T5440] loop0: detected capacity change from 0 to 8192 [ 111.099779][ T5440] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.112810][ T5440] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 111.122028][ T5440] REISERFS (device loop0): using ordered data mode [ 111.128551][ T5440] reiserfs: using flush barriers [ 111.134482][ T5440] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.150982][ T5440] REISERFS (device loop0): checking transaction log (loop0) [pid 5440] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5440] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5440] chdir("./file1") = 0 [pid 5440] ioctl(4, LOOP_CLR_FD) = 0 [pid 5440] close(4) = 0 [pid 5440] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5440] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5440] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5440] exit_group(0) = ? [pid 5440] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5440, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./179", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./179", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./179/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./179/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./179/binderfs") = 0 [ 111.192399][ T5440] REISERFS (device loop0): Using r5 hash to sort names [ 111.199685][ T5440] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./179/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./179/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./179/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./179/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./179/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./179/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./179") = 0 mkdir("./180", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5442 ./strace-static-x86_64: Process 5442 attached [pid 5442] chdir("./180") = 0 [pid 5442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5442] setpgid(0, 0) = 0 [pid 5442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5442] write(3, "1000", 4) = 4 [pid 5442] close(3) = 0 [pid 5442] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5442] memfd_create("syzkaller", 0) = 3 [pid 5442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5442] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5442] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5442] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5442] close(3) = 0 [pid 5442] mkdir("./file1", 0777) = 0 [ 111.331479][ T5442] loop0: detected capacity change from 0 to 8192 [ 111.341996][ T5442] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.354993][ T5442] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 111.364219][ T5442] REISERFS (device loop0): using ordered data mode [ 111.370754][ T5442] reiserfs: using flush barriers [ 111.376654][ T5442] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.393213][ T5442] REISERFS (device loop0): checking transaction log (loop0) [pid 5442] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5442] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5442] chdir("./file1") = 0 [pid 5442] ioctl(4, LOOP_CLR_FD) = 0 [pid 5442] close(4) = 0 [pid 5442] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5442] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5442] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5442] exit_group(0) = ? [pid 5442] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5442, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./180", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./180", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./180/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./180/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./180/binderfs") = 0 [ 111.440249][ T5442] REISERFS (device loop0): Using r5 hash to sort names [ 111.447338][ T5442] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./180/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./180/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./180/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./180/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./180/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./180/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./180") = 0 mkdir("./181", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5444 ./strace-static-x86_64: Process 5444 attached [pid 5444] chdir("./181") = 0 [pid 5444] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5444] setpgid(0, 0) = 0 [pid 5444] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5444] write(3, "1000", 4) = 4 [pid 5444] close(3) = 0 [pid 5444] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5444] memfd_create("syzkaller", 0) = 3 [pid 5444] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5444] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5444] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5444] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5444] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5444] close(3) = 0 [pid 5444] mkdir("./file1", 0777) = 0 [ 111.580888][ T5444] loop0: detected capacity change from 0 to 8192 [ 111.590481][ T5444] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.603671][ T5444] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 111.612917][ T5444] REISERFS (device loop0): using ordered data mode [ 111.619456][ T5444] reiserfs: using flush barriers [ 111.625161][ T5444] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.642023][ T5444] REISERFS (device loop0): checking transaction log (loop0) [pid 5444] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5444] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5444] chdir("./file1") = 0 [pid 5444] ioctl(4, LOOP_CLR_FD) = 0 [pid 5444] close(4) = 0 [pid 5444] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5444] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5444] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5444] exit_group(0) = ? [pid 5444] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5444, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./181", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./181", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./181/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./181/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./181/binderfs") = 0 [ 111.683740][ T5444] REISERFS (device loop0): Using r5 hash to sort names [ 111.690827][ T5444] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./181/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./181/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./181/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./181/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./181/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./181/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./181") = 0 mkdir("./182", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5446 attached , child_tidptr=0x55555738c5d0) = 5446 [pid 5446] chdir("./182") = 0 [pid 5446] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5446] setpgid(0, 0) = 0 [pid 5446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5446] write(3, "1000", 4) = 4 [pid 5446] close(3) = 0 [pid 5446] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5446] memfd_create("syzkaller", 0) = 3 [pid 5446] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5446] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5446] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5446] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5446] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5446] close(3) = 0 [pid 5446] mkdir("./file1", 0777) = 0 [ 111.827356][ T5446] loop0: detected capacity change from 0 to 8192 [ 111.837680][ T5446] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 111.850682][ T5446] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 111.860079][ T5446] REISERFS (device loop0): using ordered data mode [ 111.866574][ T5446] reiserfs: using flush barriers [ 111.872706][ T5446] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.889413][ T5446] REISERFS (device loop0): checking transaction log (loop0) [pid 5446] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5446] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5446] chdir("./file1") = 0 [pid 5446] ioctl(4, LOOP_CLR_FD) = 0 [pid 5446] close(4) = 0 [pid 5446] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5446] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5446] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5446] exit_group(0) = ? [pid 5446] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5446, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./182", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./182", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./182/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./182/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./182/binderfs") = 0 [ 111.936348][ T5446] REISERFS (device loop0): Using r5 hash to sort names [ 111.943753][ T5446] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./182/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./182/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./182/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./182/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./182/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./182/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./182") = 0 mkdir("./183", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5448 attached , child_tidptr=0x55555738c5d0) = 5448 [pid 5448] chdir("./183") = 0 [pid 5448] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5448] setpgid(0, 0) = 0 [pid 5448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5448] write(3, "1000", 4) = 4 [pid 5448] close(3) = 0 [pid 5448] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5448] memfd_create("syzkaller", 0) = 3 [pid 5448] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5448] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5448] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5448] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5448] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5448] close(3) = 0 [pid 5448] mkdir("./file1", 0777) = 0 [ 112.085202][ T5448] loop0: detected capacity change from 0 to 8192 [ 112.095639][ T5448] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.109047][ T5448] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 112.118667][ T5448] REISERFS (device loop0): using ordered data mode [ 112.125219][ T5448] reiserfs: using flush barriers [ 112.131143][ T5448] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.147472][ T5448] REISERFS (device loop0): checking transaction log (loop0) [pid 5448] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5448] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5448] chdir("./file1") = 0 [pid 5448] ioctl(4, LOOP_CLR_FD) = 0 [pid 5448] close(4) = 0 [pid 5448] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5448] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5448] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5448] exit_group(0) = ? [pid 5448] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5448, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./183", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./183", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./183/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./183/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./183/binderfs") = 0 [ 112.193317][ T5448] REISERFS (device loop0): Using r5 hash to sort names [ 112.200461][ T5448] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./183/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./183/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./183/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./183/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./183/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./183/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./183") = 0 mkdir("./184", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5450 ./strace-static-x86_64: Process 5450 attached [pid 5450] chdir("./184") = 0 [pid 5450] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5450] setpgid(0, 0) = 0 [pid 5450] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5450] write(3, "1000", 4) = 4 [pid 5450] close(3) = 0 [pid 5450] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5450] memfd_create("syzkaller", 0) = 3 [pid 5450] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5450] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5450] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5450] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5450] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5450] close(3) = 0 [pid 5450] mkdir("./file1", 0777) = 0 [ 112.340736][ T5450] loop0: detected capacity change from 0 to 8192 [ 112.351723][ T5450] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.364861][ T5450] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 112.374142][ T5450] REISERFS (device loop0): using ordered data mode [ 112.380713][ T5450] reiserfs: using flush barriers [ 112.386431][ T5450] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.402922][ T5450] REISERFS (device loop0): checking transaction log (loop0) [pid 5450] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5450] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5450] chdir("./file1") = 0 [pid 5450] ioctl(4, LOOP_CLR_FD) = 0 [pid 5450] close(4) = 0 [pid 5450] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5450] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5450] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5450] exit_group(0) = ? [pid 5450] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5450, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./184", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./184", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./184/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./184/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./184/binderfs") = 0 [ 112.450188][ T5450] REISERFS (device loop0): Using r5 hash to sort names [ 112.457361][ T5450] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./184/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./184/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./184/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./184/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./184/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./184/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./184") = 0 mkdir("./185", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5452 ./strace-static-x86_64: Process 5452 attached [pid 5452] chdir("./185") = 0 [pid 5452] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5452] setpgid(0, 0) = 0 [pid 5452] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5452] write(3, "1000", 4) = 4 [pid 5452] close(3) = 0 [pid 5452] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5452] memfd_create("syzkaller", 0) = 3 [pid 5452] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5452] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5452] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5452] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5452] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5452] close(3) = 0 [pid 5452] mkdir("./file1", 0777) = 0 [ 112.601376][ T5452] loop0: detected capacity change from 0 to 8192 [ 112.620805][ T5452] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.633782][ T5452] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 112.643558][ T5452] REISERFS (device loop0): using ordered data mode [ 112.650361][ T5452] reiserfs: using flush barriers [ 112.656304][ T5452] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.673056][ T5452] REISERFS (device loop0): checking transaction log (loop0) [pid 5452] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5452] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5452] chdir("./file1") = 0 [pid 5452] ioctl(4, LOOP_CLR_FD) = 0 [pid 5452] close(4) = 0 [pid 5452] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5452] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5452] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5452] exit_group(0) = ? [pid 5452] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5452, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./185", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./185", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./185/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./185/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./185/binderfs") = 0 [ 112.717153][ T5452] REISERFS (device loop0): Using r5 hash to sort names [ 112.724498][ T5452] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./185/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./185/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./185/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./185/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./185/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./185/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./185") = 0 mkdir("./186", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5454 ./strace-static-x86_64: Process 5454 attached [pid 5454] chdir("./186") = 0 [pid 5454] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5454] setpgid(0, 0) = 0 [pid 5454] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5454] write(3, "1000", 4) = 4 [pid 5454] close(3) = 0 [pid 5454] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5454] memfd_create("syzkaller", 0) = 3 [pid 5454] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5454] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5454] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5454] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5454] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5454] close(3) = 0 [pid 5454] mkdir("./file1", 0777) = 0 [ 112.875597][ T5454] loop0: detected capacity change from 0 to 8192 [ 112.885083][ T5454] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.898160][ T5454] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 112.907480][ T5454] REISERFS (device loop0): using ordered data mode [ 112.913985][ T5454] reiserfs: using flush barriers [ 112.920030][ T5454] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.936450][ T5454] REISERFS (device loop0): checking transaction log (loop0) [pid 5454] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5454] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5454] chdir("./file1") = 0 [pid 5454] ioctl(4, LOOP_CLR_FD) = 0 [pid 5454] close(4) = 0 [pid 5454] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5454] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5454] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5454] exit_group(0) = ? [pid 5454] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5454, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./186", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./186", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./186/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./186/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./186/binderfs") = 0 umount2("./186/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./186/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./186/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./186/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./186/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./186/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./186") = 0 mkdir("./187", 0777) = 0 [ 112.978667][ T5454] REISERFS (device loop0): Using r5 hash to sort names [ 112.985861][ T5454] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5456 ./strace-static-x86_64: Process 5456 attached [pid 5456] chdir("./187") = 0 [pid 5456] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5456] setpgid(0, 0) = 0 [pid 5456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5456] write(3, "1000", 4) = 4 [pid 5456] close(3) = 0 [pid 5456] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5456] memfd_create("syzkaller", 0) = 3 [pid 5456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5456] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5456] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5456] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5456] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5456] close(3) = 0 [pid 5456] mkdir("./file1", 0777) = 0 [ 113.117210][ T5456] loop0: detected capacity change from 0 to 8192 [ 113.126686][ T5456] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.140193][ T5456] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 113.149666][ T5456] REISERFS (device loop0): using ordered data mode [ 113.156427][ T5456] reiserfs: using flush barriers [ 113.162507][ T5456] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.179148][ T5456] REISERFS (device loop0): checking transaction log (loop0) [pid 5456] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5456] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5456] chdir("./file1") = 0 [pid 5456] ioctl(4, LOOP_CLR_FD) = 0 [pid 5456] close(4) = 0 [pid 5456] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5456] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5456] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5456] exit_group(0) = ? [pid 5456] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5456, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./187", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./187", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./187/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./187/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./187/binderfs") = 0 [ 113.226971][ T5456] REISERFS (device loop0): Using r5 hash to sort names [ 113.234040][ T5456] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./187/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./187/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./187/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./187/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./187/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./187/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./187") = 0 mkdir("./188", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5458 ./strace-static-x86_64: Process 5458 attached [pid 5458] chdir("./188") = 0 [pid 5458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5458] setpgid(0, 0) = 0 [pid 5458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5458] write(3, "1000", 4) = 4 [pid 5458] close(3) = 0 [pid 5458] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5458] memfd_create("syzkaller", 0) = 3 [pid 5458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5458] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5458] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5458] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5458] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5458] close(3) = 0 [pid 5458] mkdir("./file1", 0777) = 0 [ 113.363306][ T5458] loop0: detected capacity change from 0 to 8192 [ 113.372819][ T5458] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.385825][ T5458] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 113.395112][ T5458] REISERFS (device loop0): using ordered data mode [ 113.401659][ T5458] reiserfs: using flush barriers [ 113.407721][ T5458] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.424049][ T5458] REISERFS (device loop0): checking transaction log (loop0) [pid 5458] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5458] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5458] chdir("./file1") = 0 [pid 5458] ioctl(4, LOOP_CLR_FD) = 0 [pid 5458] close(4) = 0 [pid 5458] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5458] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5458] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5458] exit_group(0) = ? [pid 5458] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5458, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./188", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./188", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./188/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./188/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./188/binderfs") = 0 umount2("./188/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./188/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./188/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./188/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./188/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./188/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./188") = 0 mkdir("./189", 0777) = 0 [ 113.469979][ T5458] REISERFS (device loop0): Using r5 hash to sort names [ 113.477091][ T5458] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5460 attached , child_tidptr=0x55555738c5d0) = 5460 [pid 5460] chdir("./189") = 0 [pid 5460] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5460] setpgid(0, 0) = 0 [pid 5460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5460] write(3, "1000", 4) = 4 [pid 5460] close(3) = 0 [pid 5460] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5460] memfd_create("syzkaller", 0) = 3 [pid 5460] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5460] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5460] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5460] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5460] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5460] close(3) = 0 [pid 5460] mkdir("./file1", 0777) = 0 [ 113.609416][ T5460] loop0: detected capacity change from 0 to 8192 [ 113.620638][ T5460] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.633932][ T5460] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 113.643632][ T5460] REISERFS (device loop0): using ordered data mode [ 113.650574][ T5460] reiserfs: using flush barriers [ 113.656505][ T5460] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.673284][ T5460] REISERFS (device loop0): checking transaction log (loop0) [pid 5460] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5460] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5460] chdir("./file1") = 0 [pid 5460] ioctl(4, LOOP_CLR_FD) = 0 [pid 5460] close(4) = 0 [pid 5460] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5460] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5460] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5460] exit_group(0) = ? [pid 5460] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5460, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./189", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./189", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./189/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./189/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./189/binderfs") = 0 [ 113.720619][ T5460] REISERFS (device loop0): Using r5 hash to sort names [ 113.727869][ T5460] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./189/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./189/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./189/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./189/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./189/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./189/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./189") = 0 mkdir("./190", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5462 attached , child_tidptr=0x55555738c5d0) = 5462 [pid 5462] chdir("./190") = 0 [pid 5462] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5462] setpgid(0, 0) = 0 [pid 5462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5462] write(3, "1000", 4) = 4 [pid 5462] close(3) = 0 [pid 5462] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5462] memfd_create("syzkaller", 0) = 3 [pid 5462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5462] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5462] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5462] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5462] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5462] close(3) = 0 [pid 5462] mkdir("./file1", 0777) = 0 [ 113.853924][ T5462] loop0: detected capacity change from 0 to 8192 [ 113.863653][ T5462] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.877081][ T5462] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 113.886258][ T5462] REISERFS (device loop0): using ordered data mode [ 113.892929][ T5462] reiserfs: using flush barriers [ 113.898945][ T5462] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 113.915621][ T5462] REISERFS (device loop0): checking transaction log (loop0) [pid 5462] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5462] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5462] chdir("./file1") = 0 [pid 5462] ioctl(4, LOOP_CLR_FD) = 0 [pid 5462] close(4) = 0 [pid 5462] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5462] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5462] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5462] exit_group(0) = ? [pid 5462] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5462, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./190", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./190", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./190/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./190/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./190/binderfs") = 0 [ 113.959420][ T5462] REISERFS (device loop0): Using r5 hash to sort names [ 113.966462][ T5462] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./190/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./190/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./190/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./190/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./190/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./190/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./190") = 0 mkdir("./191", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5464 ./strace-static-x86_64: Process 5464 attached [pid 5464] chdir("./191") = 0 [pid 5464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5464] setpgid(0, 0) = 0 [pid 5464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5464] write(3, "1000", 4) = 4 [pid 5464] close(3) = 0 [pid 5464] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5464] memfd_create("syzkaller", 0) = 3 [pid 5464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5464] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5464] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5464] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5464] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5464] close(3) = 0 [pid 5464] mkdir("./file1", 0777) = 0 [ 114.090550][ T5464] loop0: detected capacity change from 0 to 8192 [ 114.100929][ T5464] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.113995][ T5464] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 114.123184][ T5464] REISERFS (device loop0): using ordered data mode [ 114.129826][ T5464] reiserfs: using flush barriers [ 114.135609][ T5464] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.152349][ T5464] REISERFS (device loop0): checking transaction log (loop0) [pid 5464] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5464] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5464] chdir("./file1") = 0 [pid 5464] ioctl(4, LOOP_CLR_FD) = 0 [pid 5464] close(4) = 0 [pid 5464] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5464] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5464] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5464] exit_group(0) = ? [pid 5464] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5464, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./191", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./191", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./191/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./191/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./191/binderfs") = 0 [ 114.200826][ T5464] REISERFS (device loop0): Using r5 hash to sort names [ 114.208321][ T5464] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./191/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./191/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./191/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./191/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./191/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./191/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./191") = 0 mkdir("./192", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5466 ./strace-static-x86_64: Process 5466 attached [pid 5466] chdir("./192") = 0 [pid 5466] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5466] setpgid(0, 0) = 0 [pid 5466] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5466] write(3, "1000", 4) = 4 [pid 5466] close(3) = 0 [pid 5466] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5466] memfd_create("syzkaller", 0) = 3 [pid 5466] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5466] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5466] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5466] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5466] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5466] close(3) = 0 [pid 5466] mkdir("./file1", 0777) = 0 [ 114.343309][ T5466] loop0: detected capacity change from 0 to 8192 [ 114.352889][ T5466] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.365952][ T5466] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 114.375207][ T5466] REISERFS (device loop0): using ordered data mode [ 114.381804][ T5466] reiserfs: using flush barriers [ 114.387850][ T5466] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.404488][ T5466] REISERFS (device loop0): checking transaction log (loop0) [pid 5466] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5466] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5466] chdir("./file1") = 0 [pid 5466] ioctl(4, LOOP_CLR_FD) = 0 [pid 5466] close(4) = 0 [pid 5466] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5466] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5466] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5466] exit_group(0) = ? [pid 5466] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5466, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./192", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./192", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./192/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./192/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./192/binderfs") = 0 [ 114.450678][ T5466] REISERFS (device loop0): Using r5 hash to sort names [ 114.457906][ T5466] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./192/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./192/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./192/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./192/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./192/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./192/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./192") = 0 mkdir("./193", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5468 attached , child_tidptr=0x55555738c5d0) = 5468 [pid 5468] chdir("./193") = 0 [pid 5468] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5468] setpgid(0, 0) = 0 [pid 5468] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5468] write(3, "1000", 4) = 4 [pid 5468] close(3) = 0 [pid 5468] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5468] memfd_create("syzkaller", 0) = 3 [pid 5468] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5468] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5468] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5468] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5468] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5468] close(3) = 0 [pid 5468] mkdir("./file1", 0777) = 0 [ 114.583208][ T5468] loop0: detected capacity change from 0 to 8192 [ 114.592735][ T5468] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.606066][ T5468] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 114.615473][ T5468] REISERFS (device loop0): using ordered data mode [ 114.622297][ T5468] reiserfs: using flush barriers [ 114.628380][ T5468] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.645019][ T5468] REISERFS (device loop0): checking transaction log (loop0) [pid 5468] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5468] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5468] chdir("./file1") = 0 [pid 5468] ioctl(4, LOOP_CLR_FD) = 0 [pid 5468] close(4) = 0 [pid 5468] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5468] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5468] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5468] exit_group(0) = ? [pid 5468] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5468, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./193", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./193", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./193/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./193/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./193/binderfs") = 0 [ 114.686410][ T5468] REISERFS (device loop0): Using r5 hash to sort names [ 114.693518][ T5468] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./193/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./193/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./193/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./193/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./193/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./193/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./193") = 0 mkdir("./194", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5470 ./strace-static-x86_64: Process 5470 attached [pid 5470] chdir("./194") = 0 [pid 5470] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5470] setpgid(0, 0) = 0 [pid 5470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5470] write(3, "1000", 4) = 4 [pid 5470] close(3) = 0 [pid 5470] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5470] memfd_create("syzkaller", 0) = 3 [pid 5470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5470] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5470] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5470] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5470] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5470] close(3) = 0 [pid 5470] mkdir("./file1", 0777) = 0 [ 114.826511][ T5470] loop0: detected capacity change from 0 to 8192 [ 114.837077][ T5470] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 114.850555][ T5470] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 114.860018][ T5470] REISERFS (device loop0): using ordered data mode [ 114.866542][ T5470] reiserfs: using flush barriers [ 114.872497][ T5470] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.888915][ T5470] REISERFS (device loop0): checking transaction log (loop0) [pid 5470] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5470] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5470] chdir("./file1") = 0 [pid 5470] ioctl(4, LOOP_CLR_FD) = 0 [pid 5470] close(4) = 0 [pid 5470] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5470] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5470] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5470] exit_group(0) = ? [pid 5470] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5470, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./194", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./194", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./194/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./194/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./194/binderfs") = 0 [ 114.931591][ T5470] REISERFS (device loop0): Using r5 hash to sort names [ 114.938971][ T5470] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./194/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./194/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./194/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./194/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./194/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./194/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./194") = 0 mkdir("./195", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5472 ./strace-static-x86_64: Process 5472 attached [pid 5472] chdir("./195") = 0 [pid 5472] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5472] setpgid(0, 0) = 0 [pid 5472] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5472] write(3, "1000", 4) = 4 [pid 5472] close(3) = 0 [pid 5472] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5472] memfd_create("syzkaller", 0) = 3 [pid 5472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5472] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5472] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5472] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5472] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5472] close(3) = 0 [pid 5472] mkdir("./file1", 0777) = 0 [ 115.083491][ T5472] loop0: detected capacity change from 0 to 8192 [ 115.093875][ T5472] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.107431][ T5472] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 115.116708][ T5472] REISERFS (device loop0): using ordered data mode [ 115.123443][ T5472] reiserfs: using flush barriers [ 115.129365][ T5472] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.145868][ T5472] REISERFS (device loop0): checking transaction log (loop0) [pid 5472] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5472] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5472] chdir("./file1") = 0 [pid 5472] ioctl(4, LOOP_CLR_FD) = 0 [pid 5472] close(4) = 0 [pid 5472] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5472] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5472] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5472] exit_group(0) = ? [pid 5472] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5472, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./195", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./195", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./195/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./195/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./195/binderfs") = 0 [ 115.187957][ T5472] REISERFS (device loop0): Using r5 hash to sort names [ 115.195008][ T5472] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./195/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./195/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./195/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./195/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./195/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./195/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./195") = 0 mkdir("./196", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5474 ./strace-static-x86_64: Process 5474 attached [pid 5474] chdir("./196") = 0 [pid 5474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5474] setpgid(0, 0) = 0 [pid 5474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5474] write(3, "1000", 4) = 4 [pid 5474] close(3) = 0 [pid 5474] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5474] memfd_create("syzkaller", 0) = 3 [pid 5474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5474] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5474] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5474] close(3) = 0 [pid 5474] mkdir("./file1", 0777) = 0 [ 115.342440][ T5474] loop0: detected capacity change from 0 to 8192 [ 115.353125][ T5474] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.366423][ T5474] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 115.375957][ T5474] REISERFS (device loop0): using ordered data mode [ 115.382727][ T5474] reiserfs: using flush barriers [ 115.388740][ T5474] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.405302][ T5474] REISERFS (device loop0): checking transaction log (loop0) [pid 5474] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5474] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5474] chdir("./file1") = 0 [pid 5474] ioctl(4, LOOP_CLR_FD) = 0 [pid 5474] close(4) = 0 [pid 5474] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5474] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5474] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5474] exit_group(0) = ? [pid 5474] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5474, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- umount2("./196", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./196", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./196/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./196/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./196/binderfs") = 0 [ 115.453050][ T5474] REISERFS (device loop0): Using r5 hash to sort names [ 115.460278][ T5474] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./196/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./196/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./196/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./196/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./196/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./196/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./196") = 0 mkdir("./197", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5476 ./strace-static-x86_64: Process 5476 attached [pid 5476] chdir("./197") = 0 [pid 5476] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5476] setpgid(0, 0) = 0 [pid 5476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5476] write(3, "1000", 4) = 4 [pid 5476] close(3) = 0 [pid 5476] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5476] memfd_create("syzkaller", 0) = 3 [pid 5476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5476] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5476] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5476] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5476] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5476] close(3) = 0 [pid 5476] mkdir("./file1", 0777) = 0 [ 115.592401][ T5476] loop0: detected capacity change from 0 to 8192 [ 115.602771][ T5476] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.615794][ T5476] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 115.625024][ T5476] REISERFS (device loop0): using ordered data mode [ 115.631551][ T5476] reiserfs: using flush barriers [ 115.637571][ T5476] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.653940][ T5476] REISERFS (device loop0): checking transaction log (loop0) [pid 5476] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5476] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5476] chdir("./file1") = 0 [pid 5476] ioctl(4, LOOP_CLR_FD) = 0 [pid 5476] close(4) = 0 [pid 5476] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5476] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5476] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5476] exit_group(0) = ? [pid 5476] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5476, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./197", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./197", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./197/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./197/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./197/binderfs") = 0 [ 115.695656][ T5476] REISERFS (device loop0): Using r5 hash to sort names [ 115.702989][ T5476] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./197/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./197/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./197/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./197/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./197/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./197/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./197") = 0 mkdir("./198", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5478 ./strace-static-x86_64: Process 5478 attached [pid 5478] chdir("./198") = 0 [pid 5478] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5478] setpgid(0, 0) = 0 [pid 5478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5478] write(3, "1000", 4) = 4 [pid 5478] close(3) = 0 [pid 5478] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5478] memfd_create("syzkaller", 0) = 3 [pid 5478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5478] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5478] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5478] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5478] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5478] close(3) = 0 [pid 5478] mkdir("./file1", 0777) = 0 [ 115.834373][ T5478] loop0: detected capacity change from 0 to 8192 [ 115.844189][ T5478] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.857725][ T5478] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 115.867324][ T5478] REISERFS (device loop0): using ordered data mode [ 115.873952][ T5478] reiserfs: using flush barriers [ 115.880015][ T5478] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.896549][ T5478] REISERFS (device loop0): checking transaction log (loop0) [pid 5478] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5478] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5478] chdir("./file1") = 0 [pid 5478] ioctl(4, LOOP_CLR_FD) = 0 [pid 5478] close(4) = 0 [pid 5478] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5478] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5478] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5478] exit_group(0) = ? [pid 5478] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5478, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./198", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./198", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./198/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./198/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./198/binderfs") = 0 [ 115.943661][ T5478] REISERFS (device loop0): Using r5 hash to sort names [ 115.950830][ T5478] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./198/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./198/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./198/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./198/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./198/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./198/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./198") = 0 mkdir("./199", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5480 ./strace-static-x86_64: Process 5480 attached [pid 5480] chdir("./199") = 0 [pid 5480] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5480] setpgid(0, 0) = 0 [pid 5480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5480] write(3, "1000", 4) = 4 [pid 5480] close(3) = 0 [pid 5480] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5480] memfd_create("syzkaller", 0) = 3 [pid 5480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5480] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5480] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5480] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5480] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5480] close(3) = 0 [pid 5480] mkdir("./file1", 0777) = 0 [ 116.095504][ T5480] loop0: detected capacity change from 0 to 8192 [ 116.106272][ T5480] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.119347][ T5480] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 116.128657][ T5480] REISERFS (device loop0): using ordered data mode [ 116.135163][ T5480] reiserfs: using flush barriers [ 116.141008][ T5480] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.157768][ T5480] REISERFS (device loop0): checking transaction log (loop0) [pid 5480] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5480] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5480] chdir("./file1") = 0 [pid 5480] ioctl(4, LOOP_CLR_FD) = 0 [pid 5480] close(4) = 0 [pid 5480] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5480] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5480] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5480] exit_group(0) = ? [pid 5480] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5480, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./199", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./199", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./199/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./199/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./199/binderfs") = 0 [ 116.204438][ T5480] REISERFS (device loop0): Using r5 hash to sort names [ 116.211625][ T5480] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./199/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./199/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./199/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./199/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./199/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./199/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./199") = 0 mkdir("./200", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5482 ./strace-static-x86_64: Process 5482 attached [pid 5482] chdir("./200") = 0 [pid 5482] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5482] setpgid(0, 0) = 0 [pid 5482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5482] write(3, "1000", 4) = 4 [pid 5482] close(3) = 0 [pid 5482] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5482] memfd_create("syzkaller", 0) = 3 [pid 5482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5482] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5482] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5482] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5482] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5482] close(3) = 0 [pid 5482] mkdir("./file1", 0777) = 0 [ 116.336483][ T5482] loop0: detected capacity change from 0 to 8192 [ 116.347602][ T5482] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.360867][ T5482] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 116.370247][ T5482] REISERFS (device loop0): using ordered data mode [ 116.376760][ T5482] reiserfs: using flush barriers [ 116.382824][ T5482] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.399211][ T5482] REISERFS (device loop0): checking transaction log (loop0) [pid 5482] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5482] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5482] chdir("./file1") = 0 [pid 5482] ioctl(4, LOOP_CLR_FD) = 0 [pid 5482] close(4) = 0 [pid 5482] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5482] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5482] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5482] exit_group(0) = ? [pid 5482] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5482, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./200", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./200", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./200/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./200/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./200/binderfs") = 0 [ 116.445420][ T5482] REISERFS (device loop0): Using r5 hash to sort names [ 116.452770][ T5482] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./200/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./200/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./200/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./200/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./200/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./200/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./200") = 0 mkdir("./201", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5484 attached , child_tidptr=0x55555738c5d0) = 5484 [pid 5484] chdir("./201") = 0 [pid 5484] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5484] setpgid(0, 0) = 0 [pid 5484] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5484] write(3, "1000", 4) = 4 [pid 5484] close(3) = 0 [pid 5484] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5484] memfd_create("syzkaller", 0) = 3 [pid 5484] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5484] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5484] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5484] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5484] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5484] close(3) = 0 [pid 5484] mkdir("./file1", 0777) = 0 [ 116.597380][ T5484] loop0: detected capacity change from 0 to 8192 [ 116.607366][ T5484] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.620418][ T5484] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 116.629643][ T5484] REISERFS (device loop0): using ordered data mode [ 116.636157][ T5484] reiserfs: using flush barriers [ 116.642124][ T5484] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.658451][ T5484] REISERFS (device loop0): checking transaction log (loop0) [pid 5484] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5484] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5484] chdir("./file1") = 0 [pid 5484] ioctl(4, LOOP_CLR_FD) = 0 [pid 5484] close(4) = 0 [pid 5484] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5484] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5484] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5484] exit_group(0) = ? [pid 5484] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5484, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./201", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./201", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./201/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./201/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./201/binderfs") = 0 [ 116.704841][ T5484] REISERFS (device loop0): Using r5 hash to sort names [ 116.712051][ T5484] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./201/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./201/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./201/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./201/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./201/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./201/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./201") = 0 mkdir("./202", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5486 ./strace-static-x86_64: Process 5486 attached [pid 5486] chdir("./202") = 0 [pid 5486] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5486] setpgid(0, 0) = 0 [pid 5486] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5486] write(3, "1000", 4) = 4 [pid 5486] close(3) = 0 [pid 5486] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5486] memfd_create("syzkaller", 0) = 3 [pid 5486] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5486] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5486] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5486] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5486] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5486] close(3) = 0 [pid 5486] mkdir("./file1", 0777) = 0 [ 116.851286][ T5486] loop0: detected capacity change from 0 to 8192 [ 116.861142][ T5486] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.874337][ T5486] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 116.883735][ T5486] REISERFS (device loop0): using ordered data mode [ 116.890410][ T5486] reiserfs: using flush barriers [ 116.896059][ T5486] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.912671][ T5486] REISERFS (device loop0): checking transaction log (loop0) [pid 5486] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5486] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5486] chdir("./file1") = 0 [pid 5486] ioctl(4, LOOP_CLR_FD) = 0 [pid 5486] close(4) = 0 [pid 5486] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5486] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5486] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5486] exit_group(0) = ? [pid 5486] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5486, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./202", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./202", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./202/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./202/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./202/binderfs") = 0 [ 116.959350][ T5486] REISERFS (device loop0): Using r5 hash to sort names [ 116.966390][ T5486] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./202/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./202/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./202/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./202/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./202/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./202/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./202") = 0 mkdir("./203", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5488 ./strace-static-x86_64: Process 5488 attached [pid 5488] chdir("./203") = 0 [pid 5488] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5488] setpgid(0, 0) = 0 [pid 5488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5488] write(3, "1000", 4) = 4 [pid 5488] close(3) = 0 [pid 5488] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5488] memfd_create("syzkaller", 0) = 3 [pid 5488] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5488] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5488] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5488] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5488] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5488] close(3) = 0 [pid 5488] mkdir("./file1", 0777) = 0 [ 117.107720][ T5488] loop0: detected capacity change from 0 to 8192 [ 117.117520][ T5488] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.130677][ T5488] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 117.140063][ T5488] REISERFS (device loop0): using ordered data mode [ 117.146612][ T5488] reiserfs: using flush barriers [ 117.152632][ T5488] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.169236][ T5488] REISERFS (device loop0): checking transaction log (loop0) [pid 5488] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5488] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5488] chdir("./file1") = 0 [pid 5488] ioctl(4, LOOP_CLR_FD) = 0 [pid 5488] close(4) = 0 [pid 5488] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5488] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5488] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5488] exit_group(0) = ? [pid 5488] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5488, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./203", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./203", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./203/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./203/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./203/binderfs") = 0 [ 117.215926][ T5488] REISERFS (device loop0): Using r5 hash to sort names [ 117.222997][ T5488] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./203/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./203/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./203/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./203/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./203/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./203/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./203") = 0 mkdir("./204", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5490 ./strace-static-x86_64: Process 5490 attached [pid 5490] chdir("./204") = 0 [pid 5490] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5490] setpgid(0, 0) = 0 [pid 5490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5490] write(3, "1000", 4) = 4 [pid 5490] close(3) = 0 [pid 5490] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5490] memfd_create("syzkaller", 0) = 3 [pid 5490] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5490] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5490] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5490] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5490] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5490] close(3) = 0 [pid 5490] mkdir("./file1", 0777) = 0 [ 117.349494][ T5490] loop0: detected capacity change from 0 to 8192 [ 117.360046][ T5490] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.373130][ T5490] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 117.382367][ T5490] REISERFS (device loop0): using ordered data mode [ 117.388963][ T5490] reiserfs: using flush barriers [ 117.394912][ T5490] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.411383][ T5490] REISERFS (device loop0): checking transaction log (loop0) [pid 5490] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5490] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5490] chdir("./file1") = 0 [pid 5490] ioctl(4, LOOP_CLR_FD) = 0 [pid 5490] close(4) = 0 [pid 5490] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5490] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5490] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5490] exit_group(0) = ? [pid 5490] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5490, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./204", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./204", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./204/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./204/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./204/binderfs") = 0 [ 117.460541][ T5490] REISERFS (device loop0): Using r5 hash to sort names [ 117.467916][ T5490] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./204/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./204/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./204/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./204/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./204/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./204/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./204") = 0 mkdir("./205", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5492 ./strace-static-x86_64: Process 5492 attached [pid 5492] chdir("./205") = 0 [pid 5492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5492] setpgid(0, 0) = 0 [pid 5492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5492] write(3, "1000", 4) = 4 [pid 5492] close(3) = 0 [pid 5492] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5492] memfd_create("syzkaller", 0) = 3 [pid 5492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5492] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5492] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5492] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5492] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5492] close(3) = 0 [pid 5492] mkdir("./file1", 0777) = 0 [ 117.599436][ T5492] loop0: detected capacity change from 0 to 8192 [ 117.609411][ T5492] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.622469][ T5492] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 117.632020][ T5492] REISERFS (device loop0): using ordered data mode [ 117.638770][ T5492] reiserfs: using flush barriers [ 117.644661][ T5492] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.661368][ T5492] REISERFS (device loop0): checking transaction log (loop0) [pid 5492] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5492] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5492] chdir("./file1") = 0 [pid 5492] ioctl(4, LOOP_CLR_FD) = 0 [pid 5492] close(4) = 0 [pid 5492] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5492] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5492] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5492] exit_group(0) = ? [pid 5492] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5492, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./205", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./205", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./205/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./205/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./205/binderfs") = 0 [ 117.707816][ T5492] REISERFS (device loop0): Using r5 hash to sort names [ 117.714987][ T5492] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./205/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./205/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./205/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./205/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./205/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./205/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./205") = 0 mkdir("./206", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5494 ./strace-static-x86_64: Process 5494 attached [pid 5494] chdir("./206") = 0 [pid 5494] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5494] setpgid(0, 0) = 0 [pid 5494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5494] write(3, "1000", 4) = 4 [pid 5494] close(3) = 0 [pid 5494] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5494] memfd_create("syzkaller", 0) = 3 [pid 5494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5494] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5494] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5494] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5494] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5494] close(3) = 0 [pid 5494] mkdir("./file1", 0777) = 0 [ 117.842130][ T5494] loop0: detected capacity change from 0 to 8192 [ 117.851590][ T5494] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.865119][ T5494] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 117.874460][ T5494] REISERFS (device loop0): using ordered data mode [ 117.881238][ T5494] reiserfs: using flush barriers [ 117.887264][ T5494] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.903578][ T5494] REISERFS (device loop0): checking transaction log (loop0) [pid 5494] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5494] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5494] chdir("./file1") = 0 [pid 5494] ioctl(4, LOOP_CLR_FD) = 0 [pid 5494] close(4) = 0 [pid 5494] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5494] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5494] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5494] exit_group(0) = ? [pid 5494] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5494, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./206", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./206", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./206/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./206/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./206/binderfs") = 0 [ 117.950206][ T5494] REISERFS (device loop0): Using r5 hash to sort names [ 117.957609][ T5494] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./206/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./206/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./206/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./206/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./206/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./206/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./206") = 0 mkdir("./207", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5496 ./strace-static-x86_64: Process 5496 attached [pid 5496] chdir("./207") = 0 [pid 5496] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5496] setpgid(0, 0) = 0 [pid 5496] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5496] write(3, "1000", 4) = 4 [pid 5496] close(3) = 0 [pid 5496] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5496] memfd_create("syzkaller", 0) = 3 [pid 5496] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5496] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5496] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5496] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5496] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5496] close(3) = 0 [pid 5496] mkdir("./file1", 0777) = 0 [ 118.083339][ T5496] loop0: detected capacity change from 0 to 8192 [ 118.094148][ T5496] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 118.107228][ T5496] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 118.116377][ T5496] REISERFS (device loop0): using ordered data mode [ 118.123209][ T5496] reiserfs: using flush barriers [ 118.129298][ T5496] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.146063][ T5496] REISERFS (device loop0): checking transaction log (loop0) [pid 5496] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5496] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5496] chdir("./file1") = 0 [pid 5496] ioctl(4, LOOP_CLR_FD) = 0 [pid 5496] close(4) = 0 [pid 5496] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5496] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5496] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5496] exit_group(0) = ? [pid 5496] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5496, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./207", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./207", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./207/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./207/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./207/binderfs") = 0 [ 118.192222][ T5496] REISERFS (device loop0): Using r5 hash to sort names [ 118.199394][ T5496] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./207/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./207/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./207/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./207/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./207/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./207/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./207") = 0 mkdir("./208", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5498 ./strace-static-x86_64: Process 5498 attached [pid 5498] chdir("./208") = 0 [pid 5498] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5498] setpgid(0, 0) = 0 [pid 5498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5498] write(3, "1000", 4) = 4 [pid 5498] close(3) = 0 [pid 5498] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5498] memfd_create("syzkaller", 0) = 3 [pid 5498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5498] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5498] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5498] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5498] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5498] close(3) = 0 [pid 5498] mkdir("./file1", 0777) = 0 [ 118.341251][ T5498] loop0: detected capacity change from 0 to 8192 [ 118.351179][ T5498] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 118.364662][ T5498] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 118.374139][ T5498] REISERFS (device loop0): using ordered data mode [ 118.380833][ T5498] reiserfs: using flush barriers [ 118.386532][ T5498] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.403146][ T5498] REISERFS (device loop0): checking transaction log (loop0) [pid 5498] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5498] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5498] chdir("./file1") = 0 [pid 5498] ioctl(4, LOOP_CLR_FD) = 0 [pid 5498] close(4) = 0 [pid 5498] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5498] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5498] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5498] exit_group(0) = ? [pid 5498] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5498, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./208", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./208", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./208/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./208/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./208/binderfs") = 0 [ 118.445365][ T5498] REISERFS (device loop0): Using r5 hash to sort names [ 118.452491][ T5498] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./208/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./208/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./208/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./208/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./208/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./208/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./208") = 0 mkdir("./209", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5500 ./strace-static-x86_64: Process 5500 attached [pid 5500] chdir("./209") = 0 [pid 5500] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5500] setpgid(0, 0) = 0 [pid 5500] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5500] write(3, "1000", 4) = 4 [pid 5500] close(3) = 0 [pid 5500] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5500] memfd_create("syzkaller", 0) = 3 [pid 5500] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5500] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5500] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5500] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5500] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5500] close(3) = 0 [pid 5500] mkdir("./file1", 0777) = 0 [ 118.584271][ T5500] loop0: detected capacity change from 0 to 8192 [ 118.593695][ T5500] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 118.606733][ T5500] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 118.616012][ T5500] REISERFS (device loop0): using ordered data mode [ 118.622589][ T5500] reiserfs: using flush barriers [ 118.628735][ T5500] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.645107][ T5500] REISERFS (device loop0): checking transaction log (loop0) [pid 5500] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5500] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5500] chdir("./file1") = 0 [pid 5500] ioctl(4, LOOP_CLR_FD) = 0 [pid 5500] close(4) = 0 [pid 5500] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5500] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5500] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5500] exit_group(0) = ? [pid 5500] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5500, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- umount2("./209", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./209", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./209/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./209/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./209/binderfs") = 0 [ 118.696464][ T5500] REISERFS (device loop0): Using r5 hash to sort names [ 118.703871][ T5500] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./209/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./209/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./209/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./209/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./209/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./209/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./209") = 0 mkdir("./210", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5502 ./strace-static-x86_64: Process 5502 attached [pid 5502] chdir("./210") = 0 [pid 5502] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5502] setpgid(0, 0) = 0 [pid 5502] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5502] write(3, "1000", 4) = 4 [pid 5502] close(3) = 0 [pid 5502] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5502] memfd_create("syzkaller", 0) = 3 [pid 5502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5502] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5502] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5502] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5502] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5502] close(3) = 0 [pid 5502] mkdir("./file1", 0777) = 0 [ 118.828481][ T5502] loop0: detected capacity change from 0 to 8192 [ 118.839018][ T5502] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 118.851999][ T5502] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 118.861228][ T5502] REISERFS (device loop0): using ordered data mode [ 118.867771][ T5502] reiserfs: using flush barriers [ 118.873525][ T5502] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 118.890176][ T5502] REISERFS (device loop0): checking transaction log (loop0) [pid 5502] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5502] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5502] chdir("./file1") = 0 [pid 5502] ioctl(4, LOOP_CLR_FD) = 0 [pid 5502] close(4) = 0 [pid 5502] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5502] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5502] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5502] exit_group(0) = ? [pid 5502] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5502, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./210", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./210", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./210/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./210/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./210/binderfs") = 0 [ 118.941060][ T5502] REISERFS (device loop0): Using r5 hash to sort names [ 118.948384][ T5502] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./210/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./210/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./210/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./210/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./210/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./210/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./210") = 0 mkdir("./211", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5504 ./strace-static-x86_64: Process 5504 attached [pid 5504] chdir("./211") = 0 [pid 5504] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5504] setpgid(0, 0) = 0 [pid 5504] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5504] write(3, "1000", 4) = 4 [pid 5504] close(3) = 0 [pid 5504] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5504] memfd_create("syzkaller", 0) = 3 [pid 5504] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5504] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5504] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5504] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5504] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5504] close(3) = 0 [pid 5504] mkdir("./file1", 0777) = 0 [ 119.071535][ T5504] loop0: detected capacity change from 0 to 8192 [ 119.081569][ T5504] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 119.094573][ T5504] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 119.103798][ T5504] REISERFS (device loop0): using ordered data mode [ 119.110349][ T5504] reiserfs: using flush barriers [ 119.116339][ T5504] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 119.132726][ T5504] REISERFS (device loop0): checking transaction log (loop0) [pid 5504] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5504] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5504] chdir("./file1") = 0 [pid 5504] ioctl(4, LOOP_CLR_FD) = 0 [pid 5504] close(4) = 0 [pid 5504] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5504] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5504] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5504] exit_group(0) = ? [pid 5504] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5504, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./211", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./211", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./211/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./211/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./211/binderfs") = 0 [ 119.174494][ T5504] REISERFS (device loop0): Using r5 hash to sort names [ 119.181835][ T5504] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./211/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./211/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./211/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./211/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./211/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./211/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./211") = 0 mkdir("./212", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5506 ./strace-static-x86_64: Process 5506 attached [pid 5506] chdir("./212") = 0 [pid 5506] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5506] setpgid(0, 0) = 0 [pid 5506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5506] write(3, "1000", 4) = 4 [pid 5506] close(3) = 0 [pid 5506] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5506] memfd_create("syzkaller", 0) = 3 [pid 5506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5506] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5506] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5506] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5506] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5506] close(3) = 0 [pid 5506] mkdir("./file1", 0777) = 0 [ 119.330394][ T5506] loop0: detected capacity change from 0 to 8192 [ 119.341526][ T5506] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 119.354503][ T5506] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 119.363735][ T5506] REISERFS (device loop0): using ordered data mode [ 119.370291][ T5506] reiserfs: using flush barriers [ 119.376103][ T5506] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 119.392598][ T5506] REISERFS (device loop0): checking transaction log (loop0) [pid 5506] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5506] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5506] chdir("./file1") = 0 [pid 5506] ioctl(4, LOOP_CLR_FD) = 0 [pid 5506] close(4) = 0 [pid 5506] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5506] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5506] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5506] exit_group(0) = ? [pid 5506] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5506, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./212", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./212", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./212/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./212/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./212/binderfs") = 0 [ 119.437607][ T5506] REISERFS (device loop0): Using r5 hash to sort names [ 119.444925][ T5506] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./212/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./212/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./212/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./212/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./212/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./212/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./212") = 0 mkdir("./213", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5508 ./strace-static-x86_64: Process 5508 attached [pid 5508] chdir("./213") = 0 [pid 5508] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5508] setpgid(0, 0) = 0 [pid 5508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5508] write(3, "1000", 4) = 4 [pid 5508] close(3) = 0 [pid 5508] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5508] memfd_create("syzkaller", 0) = 3 [pid 5508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5508] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5508] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5508] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5508] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5508] close(3) = 0 [pid 5508] mkdir("./file1", 0777) = 0 [ 119.566489][ T5508] loop0: detected capacity change from 0 to 8192 [ 119.576122][ T5508] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 119.589337][ T5508] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 119.598729][ T5508] REISERFS (device loop0): using ordered data mode [ 119.605234][ T5508] reiserfs: using flush barriers [ 119.611227][ T5508] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 119.627604][ T5508] REISERFS (device loop0): checking transaction log (loop0) [pid 5508] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5508] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5508] chdir("./file1") = 0 [pid 5508] ioctl(4, LOOP_CLR_FD) = 0 [pid 5508] close(4) = 0 [pid 5508] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5508] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5508] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5508] exit_group(0) = ? [pid 5508] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5508, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- umount2("./213", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./213", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./213/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./213/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./213/binderfs") = 0 [ 119.675072][ T5508] REISERFS (device loop0): Using r5 hash to sort names [ 119.682292][ T5508] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./213/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./213/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./213/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./213/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./213/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./213/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./213") = 0 mkdir("./214", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5510 ./strace-static-x86_64: Process 5510 attached [pid 5510] chdir("./214") = 0 [pid 5510] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5510] setpgid(0, 0) = 0 [pid 5510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5510] write(3, "1000", 4) = 4 [pid 5510] close(3) = 0 [pid 5510] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5510] memfd_create("syzkaller", 0) = 3 [pid 5510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5510] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5510] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5510] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5510] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5510] close(3) = 0 [pid 5510] mkdir("./file1", 0777) = 0 [ 119.801138][ T5510] loop0: detected capacity change from 0 to 8192 [ 119.811042][ T5510] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 119.824126][ T5510] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 119.833389][ T5510] REISERFS (device loop0): using ordered data mode [ 119.839968][ T5510] reiserfs: using flush barriers [ 119.845960][ T5510] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 119.862295][ T5510] REISERFS (device loop0): checking transaction log (loop0) [pid 5510] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5510] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5510] chdir("./file1") = 0 [pid 5510] ioctl(4, LOOP_CLR_FD) = 0 [pid 5510] close(4) = 0 [pid 5510] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5510] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5510] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5510] exit_group(0) = ? [pid 5510] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5510, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./214", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./214", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./214/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./214/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./214/binderfs") = 0 [ 119.908385][ T5510] REISERFS (device loop0): Using r5 hash to sort names [ 119.915785][ T5510] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./214/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./214/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./214/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./214/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./214/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./214/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./214") = 0 mkdir("./215", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5512 ./strace-static-x86_64: Process 5512 attached [pid 5512] chdir("./215") = 0 [pid 5512] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5512] setpgid(0, 0) = 0 [pid 5512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5512] write(3, "1000", 4) = 4 [pid 5512] close(3) = 0 [pid 5512] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5512] memfd_create("syzkaller", 0) = 3 [pid 5512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5512] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5512] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5512] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5512] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5512] close(3) = 0 [pid 5512] mkdir("./file1", 0777) = 0 [ 120.057159][ T5512] loop0: detected capacity change from 0 to 8192 [ 120.066660][ T5512] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 120.079864][ T5512] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 120.089151][ T5512] REISERFS (device loop0): using ordered data mode [ 120.095658][ T5512] reiserfs: using flush barriers [ 120.101705][ T5512] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 120.118020][ T5512] REISERFS (device loop0): checking transaction log (loop0) [pid 5512] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5512] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5512] chdir("./file1") = 0 [pid 5512] ioctl(4, LOOP_CLR_FD) = 0 [pid 5512] close(4) = 0 [pid 5512] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5512] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5512] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5512] exit_group(0) = ? [pid 5512] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5512, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./215", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./215", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./215/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./215/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./215/binderfs") = 0 [ 120.164497][ T5512] REISERFS (device loop0): Using r5 hash to sort names [ 120.171618][ T5512] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./215/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./215/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./215/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./215/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./215/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./215/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./215") = 0 mkdir("./216", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5514 attached , child_tidptr=0x55555738c5d0) = 5514 [pid 5514] chdir("./216") = 0 [pid 5514] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5514] setpgid(0, 0) = 0 [pid 5514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5514] write(3, "1000", 4) = 4 [pid 5514] close(3) = 0 [pid 5514] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5514] memfd_create("syzkaller", 0) = 3 [pid 5514] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5514] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5514] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5514] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5514] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5514] close(3) = 0 [pid 5514] mkdir("./file1", 0777) = 0 [ 120.313774][ T5514] loop0: detected capacity change from 0 to 8192 [ 120.324286][ T5514] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 120.337623][ T5514] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 120.347187][ T5514] REISERFS (device loop0): using ordered data mode [ 120.353699][ T5514] reiserfs: using flush barriers [ 120.359592][ T5514] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 120.376094][ T5514] REISERFS (device loop0): checking transaction log (loop0) [pid 5514] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5514] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5514] chdir("./file1") = 0 [pid 5514] ioctl(4, LOOP_CLR_FD) = 0 [pid 5514] close(4) = 0 [pid 5514] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5514] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5514] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5514] exit_group(0) = ? [pid 5514] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5514, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./216", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./216", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./216/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./216/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./216/binderfs") = 0 [ 120.419565][ T5514] REISERFS (device loop0): Using r5 hash to sort names [ 120.427232][ T5514] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./216/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./216/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./216/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./216/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./216/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./216/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./216") = 0 mkdir("./217", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5516 ./strace-static-x86_64: Process 5516 attached [pid 5516] chdir("./217") = 0 [pid 5516] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5516] setpgid(0, 0) = 0 [pid 5516] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5516] write(3, "1000", 4) = 4 [pid 5516] close(3) = 0 [pid 5516] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5516] memfd_create("syzkaller", 0) = 3 [pid 5516] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5516] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5516] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5516] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5516] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5516] close(3) = 0 [pid 5516] mkdir("./file1", 0777) = 0 [ 120.556480][ T5516] loop0: detected capacity change from 0 to 8192 [ 120.567404][ T5516] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 120.580388][ T5516] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 120.589798][ T5516] REISERFS (device loop0): using ordered data mode [ 120.596308][ T5516] reiserfs: using flush barriers [ 120.602504][ T5516] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 120.619049][ T5516] REISERFS (device loop0): checking transaction log (loop0) [pid 5516] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5516] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5516] chdir("./file1") = 0 [pid 5516] ioctl(4, LOOP_CLR_FD) = 0 [pid 5516] close(4) = 0 [pid 5516] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5516] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5516] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5516] exit_group(0) = ? [pid 5516] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5516, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./217", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./217", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./217/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./217/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./217/binderfs") = 0 [ 120.663951][ T5516] REISERFS (device loop0): Using r5 hash to sort names [ 120.671223][ T5516] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./217/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./217/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./217/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./217/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./217/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./217/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./217") = 0 mkdir("./218", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5518 ./strace-static-x86_64: Process 5518 attached [pid 5518] chdir("./218") = 0 [pid 5518] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5518] setpgid(0, 0) = 0 [pid 5518] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5518] write(3, "1000", 4) = 4 [pid 5518] close(3) = 0 [pid 5518] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5518] memfd_create("syzkaller", 0) = 3 [pid 5518] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5518] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5518] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5518] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5518] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5518] close(3) = 0 [pid 5518] mkdir("./file1", 0777) = 0 [ 120.797699][ T5518] loop0: detected capacity change from 0 to 8192 [ 120.807702][ T5518] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 120.820721][ T5518] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 120.829947][ T5518] REISERFS (device loop0): using ordered data mode [ 120.836456][ T5518] reiserfs: using flush barriers [ 120.842778][ T5518] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 120.859172][ T5518] REISERFS (device loop0): checking transaction log (loop0) [pid 5518] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5518] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5518] chdir("./file1") = 0 [pid 5518] ioctl(4, LOOP_CLR_FD) = 0 [pid 5518] close(4) = 0 [pid 5518] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5518] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5518] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5518] exit_group(0) = ? [pid 5518] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5518, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./218", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./218", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./218/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./218/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./218/binderfs") = 0 [ 120.902842][ T5518] REISERFS (device loop0): Using r5 hash to sort names [ 120.910057][ T5518] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./218/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./218/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./218/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./218/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./218/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./218/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./218") = 0 mkdir("./219", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5520 ./strace-static-x86_64: Process 5520 attached [pid 5520] chdir("./219") = 0 [pid 5520] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5520] setpgid(0, 0) = 0 [pid 5520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5520] write(3, "1000", 4) = 4 [pid 5520] close(3) = 0 [pid 5520] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5520] memfd_create("syzkaller", 0) = 3 [pid 5520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5520] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5520] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5520] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5520] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5520] close(3) = 0 [pid 5520] mkdir("./file1", 0777) = 0 [ 121.054622][ T5520] loop0: detected capacity change from 0 to 8192 [ 121.065727][ T5520] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.079016][ T5520] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 121.088473][ T5520] REISERFS (device loop0): using ordered data mode [ 121.094968][ T5520] reiserfs: using flush barriers [ 121.101091][ T5520] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 121.117807][ T5520] REISERFS (device loop0): checking transaction log (loop0) [pid 5520] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5520] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5520] chdir("./file1") = 0 [pid 5520] ioctl(4, LOOP_CLR_FD) = 0 [pid 5520] close(4) = 0 [pid 5520] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5520] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5520] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5520] exit_group(0) = ? [pid 5520] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5520, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./219", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./219", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./219/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./219/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./219/binderfs") = 0 [ 121.164720][ T5520] REISERFS (device loop0): Using r5 hash to sort names [ 121.172146][ T5520] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./219/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./219/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./219/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./219/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./219/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./219/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./219") = 0 mkdir("./220", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5522 ./strace-static-x86_64: Process 5522 attached [pid 5522] chdir("./220") = 0 [pid 5522] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5522] setpgid(0, 0) = 0 [pid 5522] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5522] write(3, "1000", 4) = 4 [pid 5522] close(3) = 0 [pid 5522] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5522] memfd_create("syzkaller", 0) = 3 [pid 5522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5522] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5522] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5522] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5522] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5522] close(3) = 0 [pid 5522] mkdir("./file1", 0777) = 0 [ 121.303454][ T5522] loop0: detected capacity change from 0 to 8192 [ 121.312826][ T5522] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.326074][ T5522] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 121.335531][ T5522] REISERFS (device loop0): using ordered data mode [ 121.342416][ T5522] reiserfs: using flush barriers [ 121.348572][ T5522] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 121.365087][ T5522] REISERFS (device loop0): checking transaction log (loop0) [pid 5522] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5522] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5522] chdir("./file1") = 0 [pid 5522] ioctl(4, LOOP_CLR_FD) = 0 [pid 5522] close(4) = 0 [pid 5522] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5522] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5522] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5522] exit_group(0) = ? [pid 5522] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5522, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./220", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./220", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./220/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./220/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./220/binderfs") = 0 [ 121.413130][ T5522] REISERFS (device loop0): Using r5 hash to sort names [ 121.420242][ T5522] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./220/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./220/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./220/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./220/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./220/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./220/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./220") = 0 mkdir("./221", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5524 ./strace-static-x86_64: Process 5524 attached [pid 5524] chdir("./221") = 0 [pid 5524] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5524] setpgid(0, 0) = 0 [pid 5524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5524] write(3, "1000", 4) = 4 [pid 5524] close(3) = 0 [pid 5524] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5524] memfd_create("syzkaller", 0) = 3 [pid 5524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5524] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5524] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5524] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5524] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5524] close(3) = 0 [pid 5524] mkdir("./file1", 0777) = 0 [ 121.559480][ T5524] loop0: detected capacity change from 0 to 8192 [ 121.569155][ T5524] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.582415][ T5524] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 121.591765][ T5524] REISERFS (device loop0): using ordered data mode [ 121.598338][ T5524] reiserfs: using flush barriers [ 121.604241][ T5524] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 121.620693][ T5524] REISERFS (device loop0): checking transaction log (loop0) [pid 5524] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5524] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5524] chdir("./file1") = 0 [pid 5524] ioctl(4, LOOP_CLR_FD) = 0 [pid 5524] close(4) = 0 [pid 5524] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5524] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5524] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5524] exit_group(0) = ? [pid 5524] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5524, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./221", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./221", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./221/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./221/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./221/binderfs") = 0 [ 121.667356][ T5524] REISERFS (device loop0): Using r5 hash to sort names [ 121.674394][ T5524] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./221/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./221/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./221/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./221/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./221/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./221/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./221") = 0 mkdir("./222", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5526 ./strace-static-x86_64: Process 5526 attached [pid 5526] chdir("./222") = 0 [pid 5526] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5526] setpgid(0, 0) = 0 [pid 5526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5526] write(3, "1000", 4) = 4 [pid 5526] close(3) = 0 [pid 5526] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5526] memfd_create("syzkaller", 0) = 3 [pid 5526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5526] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5526] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5526] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5526] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5526] close(3) = 0 [pid 5526] mkdir("./file1", 0777) = 0 [ 121.812825][ T5526] loop0: detected capacity change from 0 to 8192 [ 121.822522][ T5526] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.835528][ T5526] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 121.844739][ T5526] REISERFS (device loop0): using ordered data mode [ 121.851279][ T5526] reiserfs: using flush barriers [ 121.857310][ T5526] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 121.873640][ T5526] REISERFS (device loop0): checking transaction log (loop0) [pid 5526] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5526] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5526] chdir("./file1") = 0 [pid 5526] ioctl(4, LOOP_CLR_FD) = 0 [pid 5526] close(4) = 0 [pid 5526] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5526] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5526] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5526] exit_group(0) = ? [pid 5526] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5526, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./222", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./222", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./222/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./222/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./222/binderfs") = 0 [ 121.920653][ T5526] REISERFS (device loop0): Using r5 hash to sort names [ 121.928629][ T5526] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./222/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./222/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./222/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./222/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./222/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./222/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./222") = 0 mkdir("./223", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5528 ./strace-static-x86_64: Process 5528 attached [pid 5528] chdir("./223") = 0 [pid 5528] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5528] setpgid(0, 0) = 0 [pid 5528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5528] write(3, "1000", 4) = 4 [pid 5528] close(3) = 0 [pid 5528] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5528] memfd_create("syzkaller", 0) = 3 [pid 5528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5528] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5528] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5528] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5528] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5528] close(3) = 0 [pid 5528] mkdir("./file1", 0777) = 0 [ 122.064629][ T5528] loop0: detected capacity change from 0 to 8192 [ 122.074028][ T5528] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 122.087179][ T5528] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 122.096375][ T5528] REISERFS (device loop0): using ordered data mode [ 122.102966][ T5528] reiserfs: using flush barriers [ 122.108753][ T5528] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 122.125200][ T5528] REISERFS (device loop0): checking transaction log (loop0) [pid 5528] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5528] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5528] chdir("./file1") = 0 [pid 5528] ioctl(4, LOOP_CLR_FD) = 0 [pid 5528] close(4) = 0 [pid 5528] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5528] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5528] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5528] exit_group(0) = ? [pid 5528] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5528, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./223", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./223", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./223/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./223/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./223/binderfs") = 0 [ 122.172135][ T5528] REISERFS (device loop0): Using r5 hash to sort names [ 122.179317][ T5528] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./223/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./223/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./223/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./223/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./223/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./223/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./223") = 0 mkdir("./224", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5530 ./strace-static-x86_64: Process 5530 attached [pid 5530] chdir("./224") = 0 [pid 5530] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5530] setpgid(0, 0) = 0 [pid 5530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5530] write(3, "1000", 4) = 4 [pid 5530] close(3) = 0 [pid 5530] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5530] memfd_create("syzkaller", 0) = 3 [pid 5530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5530] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5530] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5530] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5530] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5530] close(3) = 0 [pid 5530] mkdir("./file1", 0777) = 0 [ 122.314766][ T5530] loop0: detected capacity change from 0 to 8192 [ 122.324668][ T5530] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 122.338095][ T5530] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 122.347573][ T5530] REISERFS (device loop0): using ordered data mode [ 122.354093][ T5530] reiserfs: using flush barriers [ 122.360015][ T5530] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 122.376428][ T5530] REISERFS (device loop0): checking transaction log (loop0) [pid 5530] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5530] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5530] chdir("./file1") = 0 [pid 5530] ioctl(4, LOOP_CLR_FD) = 0 [pid 5530] close(4) = 0 [pid 5530] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5530] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5530] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5530] exit_group(0) = ? [pid 5530] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5530, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./224", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./224", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./224/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./224/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./224/binderfs") = 0 [ 122.419190][ T5530] REISERFS (device loop0): Using r5 hash to sort names [ 122.426243][ T5530] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./224/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./224/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./224/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./224/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./224/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./224/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./224") = 0 mkdir("./225", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5532 ./strace-static-x86_64: Process 5532 attached [pid 5532] chdir("./225") = 0 [pid 5532] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5532] setpgid(0, 0) = 0 [pid 5532] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5532] write(3, "1000", 4) = 4 [pid 5532] close(3) = 0 [pid 5532] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5532] memfd_create("syzkaller", 0) = 3 [pid 5532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5532] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5532] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5532] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5532] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5532] close(3) = 0 [pid 5532] mkdir("./file1", 0777) = 0 [ 122.560978][ T5532] loop0: detected capacity change from 0 to 8192 [ 122.570302][ T5532] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 122.583380][ T5532] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 122.592625][ T5532] REISERFS (device loop0): using ordered data mode [ 122.599179][ T5532] reiserfs: using flush barriers [ 122.605166][ T5532] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 122.621681][ T5532] REISERFS (device loop0): checking transaction log (loop0) [pid 5532] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5532] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5532] chdir("./file1") = 0 [pid 5532] ioctl(4, LOOP_CLR_FD) = 0 [pid 5532] close(4) = 0 [pid 5532] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5532] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5532] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5532] exit_group(0) = ? [pid 5532] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5532, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./225", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./225/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./225/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./225/binderfs") = 0 [ 122.667733][ T5532] REISERFS (device loop0): Using r5 hash to sort names [ 122.675080][ T5532] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./225/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./225/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./225/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./225/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./225/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./225/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./225") = 0 mkdir("./226", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5534 ./strace-static-x86_64: Process 5534 attached [pid 5534] chdir("./226") = 0 [pid 5534] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5534] setpgid(0, 0) = 0 [pid 5534] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5534] write(3, "1000", 4) = 4 [pid 5534] close(3) = 0 [pid 5534] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5534] memfd_create("syzkaller", 0) = 3 [pid 5534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5534] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5534] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5534] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5534] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5534] close(3) = 0 [pid 5534] mkdir("./file1", 0777) = 0 [ 122.806523][ T5534] loop0: detected capacity change from 0 to 8192 [ 122.816155][ T5534] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 122.829299][ T5534] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 122.838615][ T5534] REISERFS (device loop0): using ordered data mode [ 122.845130][ T5534] reiserfs: using flush barriers [ 122.851277][ T5534] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 122.867724][ T5534] REISERFS (device loop0): checking transaction log (loop0) [pid 5534] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5534] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5534] chdir("./file1") = 0 [pid 5534] ioctl(4, LOOP_CLR_FD) = 0 [pid 5534] close(4) = 0 [pid 5534] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5534] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5534] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5534] exit_group(0) = ? [pid 5534] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5534, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./226", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./226/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./226/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./226/binderfs") = 0 [ 122.914633][ T5534] REISERFS (device loop0): Using r5 hash to sort names [ 122.922113][ T5534] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./226/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./226/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./226/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./226/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./226/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./226/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./226") = 0 mkdir("./227", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5536 ./strace-static-x86_64: Process 5536 attached [pid 5536] chdir("./227") = 0 [pid 5536] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5536] setpgid(0, 0) = 0 [pid 5536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5536] write(3, "1000", 4) = 4 [pid 5536] close(3) = 0 [pid 5536] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5536] memfd_create("syzkaller", 0) = 3 [pid 5536] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5536] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5536] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5536] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5536] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5536] close(3) = 0 [pid 5536] mkdir("./file1", 0777) = 0 [ 123.050595][ T5536] loop0: detected capacity change from 0 to 8192 [ 123.060206][ T5536] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 123.073271][ T5536] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 123.082565][ T5536] REISERFS (device loop0): using ordered data mode [ 123.089158][ T5536] reiserfs: using flush barriers [ 123.095072][ T5536] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 123.111534][ T5536] REISERFS (device loop0): checking transaction log (loop0) [pid 5536] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5536] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5536] chdir("./file1") = 0 [pid 5536] ioctl(4, LOOP_CLR_FD) = 0 [pid 5536] close(4) = 0 [pid 5536] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5536] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5536] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5536] exit_group(0) = ? [pid 5536] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5536, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./227", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./227/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./227/binderfs") = 0 [ 123.158688][ T5536] REISERFS (device loop0): Using r5 hash to sort names [ 123.165891][ T5536] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./227/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./227/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./227/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./227/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./227/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./227/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./227") = 0 mkdir("./228", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5538 ./strace-static-x86_64: Process 5538 attached [pid 5538] chdir("./228") = 0 [pid 5538] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5538] setpgid(0, 0) = 0 [pid 5538] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5538] write(3, "1000", 4) = 4 [pid 5538] close(3) = 0 [pid 5538] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5538] memfd_create("syzkaller", 0) = 3 [pid 5538] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5538] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5538] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5538] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5538] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5538] close(3) = 0 [pid 5538] mkdir("./file1", 0777) = 0 [ 123.299909][ T5538] loop0: detected capacity change from 0 to 8192 [ 123.310543][ T5538] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 123.323565][ T5538] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 123.332822][ T5538] REISERFS (device loop0): using ordered data mode [ 123.339353][ T5538] reiserfs: using flush barriers [ 123.345235][ T5538] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 123.361744][ T5538] REISERFS (device loop0): checking transaction log (loop0) [pid 5538] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5538] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5538] chdir("./file1") = 0 [pid 5538] ioctl(4, LOOP_CLR_FD) = 0 [pid 5538] close(4) = 0 [pid 5538] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5538] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5538] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5538] exit_group(0) = ? [pid 5538] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5538, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./228", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./228/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./228/binderfs") = 0 umount2("./228/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./228/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./228/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./228/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./228/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./228/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./228") = 0 mkdir("./229", 0777) = 0 [ 123.407806][ T5538] REISERFS (device loop0): Using r5 hash to sort names [ 123.415293][ T5538] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5540 ./strace-static-x86_64: Process 5540 attached [pid 5540] chdir("./229") = 0 [pid 5540] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5540] setpgid(0, 0) = 0 [pid 5540] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5540] write(3, "1000", 4) = 4 [pid 5540] close(3) = 0 [pid 5540] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5540] memfd_create("syzkaller", 0) = 3 [pid 5540] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5540] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5540] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5540] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5540] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5540] close(3) = 0 [pid 5540] mkdir("./file1", 0777) = 0 [ 123.548073][ T5540] loop0: detected capacity change from 0 to 8192 [ 123.557636][ T5540] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 123.571048][ T5540] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 123.580309][ T5540] REISERFS (device loop0): using ordered data mode [ 123.586867][ T5540] reiserfs: using flush barriers [ 123.592631][ T5540] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 123.609156][ T5540] REISERFS (device loop0): checking transaction log (loop0) [pid 5540] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5540] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5540] chdir("./file1") = 0 [pid 5540] ioctl(4, LOOP_CLR_FD) = 0 [pid 5540] close(4) = 0 [pid 5540] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5540] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5540] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5540] exit_group(0) = ? [pid 5540] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5540, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./229", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./229/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./229/binderfs") = 0 [ 123.651597][ T5540] REISERFS (device loop0): Using r5 hash to sort names [ 123.658865][ T5540] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./229/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./229/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./229/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./229/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./229/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./229/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./229") = 0 mkdir("./230", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5542 ./strace-static-x86_64: Process 5542 attached [pid 5542] chdir("./230") = 0 [pid 5542] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5542] setpgid(0, 0) = 0 [pid 5542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5542] write(3, "1000", 4) = 4 [pid 5542] close(3) = 0 [pid 5542] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5542] memfd_create("syzkaller", 0) = 3 [pid 5542] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5542] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5542] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5542] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5542] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5542] close(3) = 0 [pid 5542] mkdir("./file1", 0777) = 0 [ 123.794197][ T5542] loop0: detected capacity change from 0 to 8192 [ 123.803519][ T5542] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 123.816571][ T5542] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 123.825811][ T5542] REISERFS (device loop0): using ordered data mode [ 123.832384][ T5542] reiserfs: using flush barriers [ 123.838210][ T5542] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 123.854542][ T5542] REISERFS (device loop0): checking transaction log (loop0) [pid 5542] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5542] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5542] chdir("./file1") = 0 [pid 5542] ioctl(4, LOOP_CLR_FD) = 0 [pid 5542] close(4) = 0 [pid 5542] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5542] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5542] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5542] exit_group(0) = ? [pid 5542] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5542, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- umount2("./230", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./230/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./230/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./230/binderfs") = 0 [ 123.896728][ T5542] REISERFS (device loop0): Using r5 hash to sort names [ 123.903825][ T5542] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./230/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./230/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./230/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./230/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./230/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./230/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./230") = 0 mkdir("./231", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5544 ./strace-static-x86_64: Process 5544 attached [pid 5544] chdir("./231") = 0 [pid 5544] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5544] setpgid(0, 0) = 0 [pid 5544] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5544] write(3, "1000", 4) = 4 [pid 5544] close(3) = 0 [pid 5544] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5544] memfd_create("syzkaller", 0) = 3 [pid 5544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5544] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5544] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5544] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5544] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5544] close(3) = 0 [pid 5544] mkdir("./file1", 0777) = 0 [ 124.047642][ T5544] loop0: detected capacity change from 0 to 8192 [ 124.057782][ T5544] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.070860][ T5544] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 124.080114][ T5544] REISERFS (device loop0): using ordered data mode [ 124.086633][ T5544] reiserfs: using flush barriers [ 124.092519][ T5544] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 124.109056][ T5544] REISERFS (device loop0): checking transaction log (loop0) [pid 5544] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5544] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5544] chdir("./file1") = 0 [pid 5544] ioctl(4, LOOP_CLR_FD) = 0 [pid 5544] close(4) = 0 [pid 5544] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5544] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5544] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5544] exit_group(0) = ? [pid 5544] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5544, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./231", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./231/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./231/binderfs") = 0 [ 124.156021][ T5544] REISERFS (device loop0): Using r5 hash to sort names [ 124.163518][ T5544] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./231/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./231/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./231/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./231/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./231/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./231/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./231") = 0 mkdir("./232", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5546 ./strace-static-x86_64: Process 5546 attached [pid 5546] chdir("./232") = 0 [pid 5546] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5546] setpgid(0, 0) = 0 [pid 5546] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5546] write(3, "1000", 4) = 4 [pid 5546] close(3) = 0 [pid 5546] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5546] memfd_create("syzkaller", 0) = 3 [pid 5546] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5546] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5546] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5546] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5546] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5546] close(3) = 0 [pid 5546] mkdir("./file1", 0777) = 0 [ 124.292848][ T5546] loop0: detected capacity change from 0 to 8192 [ 124.303562][ T5546] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.316661][ T5546] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 124.326143][ T5546] REISERFS (device loop0): using ordered data mode [ 124.332950][ T5546] reiserfs: using flush barriers [ 124.339204][ T5546] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 124.355914][ T5546] REISERFS (device loop0): checking transaction log (loop0) [pid 5546] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5546] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5546] chdir("./file1") = 0 [pid 5546] ioctl(4, LOOP_CLR_FD) = 0 [pid 5546] close(4) = 0 [pid 5546] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5546] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5546] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5546] exit_group(0) = ? [pid 5546] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5546, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./232", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./232/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./232/binderfs") = 0 [ 124.397488][ T5546] REISERFS (device loop0): Using r5 hash to sort names [ 124.404549][ T5546] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./232/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./232/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./232/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./232/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./232/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./232/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./232") = 0 mkdir("./233", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5548 ./strace-static-x86_64: Process 5548 attached [pid 5548] chdir("./233") = 0 [pid 5548] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5548] setpgid(0, 0) = 0 [pid 5548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5548] write(3, "1000", 4) = 4 [pid 5548] close(3) = 0 [pid 5548] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5548] memfd_create("syzkaller", 0) = 3 [pid 5548] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5548] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5548] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5548] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5548] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5548] close(3) = 0 [pid 5548] mkdir("./file1", 0777) = 0 [ 124.526611][ T5548] loop0: detected capacity change from 0 to 8192 [ 124.537257][ T5548] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.550291][ T5548] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 124.559646][ T5548] REISERFS (device loop0): using ordered data mode [ 124.566177][ T5548] reiserfs: using flush barriers [ 124.572335][ T5548] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 124.588702][ T5548] REISERFS (device loop0): checking transaction log (loop0) [pid 5548] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5548] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5548] chdir("./file1") = 0 [pid 5548] ioctl(4, LOOP_CLR_FD) = 0 [pid 5548] close(4) = 0 [pid 5548] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5548] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5548] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5548] exit_group(0) = ? [pid 5548] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5548, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./233", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./233/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./233/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./233/binderfs") = 0 [ 124.635204][ T5548] REISERFS (device loop0): Using r5 hash to sort names [ 124.642334][ T5548] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./233/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./233/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./233/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./233/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./233/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./233/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./233") = 0 mkdir("./234", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5550 ./strace-static-x86_64: Process 5550 attached [pid 5550] chdir("./234") = 0 [pid 5550] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5550] setpgid(0, 0) = 0 [pid 5550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5550] write(3, "1000", 4) = 4 [pid 5550] close(3) = 0 [pid 5550] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5550] memfd_create("syzkaller", 0) = 3 [pid 5550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5550] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5550] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5550] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5550] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5550] close(3) = 0 [pid 5550] mkdir("./file1", 0777) = 0 [ 124.787642][ T5550] loop0: detected capacity change from 0 to 8192 [ 124.797410][ T5550] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.810412][ T5550] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 124.819880][ T5550] REISERFS (device loop0): using ordered data mode [ 124.826391][ T5550] reiserfs: using flush barriers [ 124.832399][ T5550] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 124.849075][ T5550] REISERFS (device loop0): checking transaction log (loop0) [pid 5550] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5550] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5550] chdir("./file1") = 0 [pid 5550] ioctl(4, LOOP_CLR_FD) = 0 [pid 5550] close(4) = 0 [pid 5550] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5550] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5550] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5550] exit_group(0) = ? [pid 5550] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5550, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./234", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./234/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./234/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./234/binderfs") = 0 [ 124.890081][ T5550] REISERFS (device loop0): Using r5 hash to sort names [ 124.897611][ T5550] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./234/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./234/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./234/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./234/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./234/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./234/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./234") = 0 mkdir("./235", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5552 ./strace-static-x86_64: Process 5552 attached [pid 5552] chdir("./235") = 0 [pid 5552] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5552] setpgid(0, 0) = 0 [pid 5552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5552] write(3, "1000", 4) = 4 [pid 5552] close(3) = 0 [pid 5552] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5552] memfd_create("syzkaller", 0) = 3 [pid 5552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5552] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5552] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5552] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5552] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5552] close(3) = 0 [pid 5552] mkdir("./file1", 0777) = 0 [ 125.022759][ T5552] loop0: detected capacity change from 0 to 8192 [ 125.032594][ T5552] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 125.045643][ T5552] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 125.054910][ T5552] REISERFS (device loop0): using ordered data mode [ 125.061445][ T5552] reiserfs: using flush barriers [ 125.067247][ T5552] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 125.084604][ T5552] REISERFS (device loop0): checking transaction log (loop0) [pid 5552] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5552] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5552] chdir("./file1") = 0 [pid 5552] ioctl(4, LOOP_CLR_FD) = 0 [pid 5552] close(4) = 0 [pid 5552] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5552] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5552] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5552] exit_group(0) = ? [pid 5552] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5552, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./235", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./235/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./235/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./235/binderfs") = 0 [ 125.127824][ T5552] REISERFS (device loop0): Using r5 hash to sort names [ 125.134869][ T5552] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./235/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./235/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./235/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./235/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./235/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./235/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./235") = 0 mkdir("./236", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5554 ./strace-static-x86_64: Process 5554 attached [pid 5554] chdir("./236") = 0 [pid 5554] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5554] setpgid(0, 0) = 0 [pid 5554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5554] write(3, "1000", 4) = 4 [pid 5554] close(3) = 0 [pid 5554] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5554] memfd_create("syzkaller", 0) = 3 [pid 5554] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5554] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5554] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5554] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5554] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5554] close(3) = 0 [pid 5554] mkdir("./file1", 0777) = 0 [ 125.273245][ T5554] loop0: detected capacity change from 0 to 8192 [ 125.284087][ T5554] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 125.297113][ T5554] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 125.306292][ T5554] REISERFS (device loop0): using ordered data mode [ 125.312853][ T5554] reiserfs: using flush barriers [ 125.318572][ T5554] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 125.335016][ T5554] REISERFS (device loop0): checking transaction log (loop0) [pid 5554] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5554] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5554] chdir("./file1") = 0 [pid 5554] ioctl(4, LOOP_CLR_FD) = 0 [pid 5554] close(4) = 0 [pid 5554] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5554] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5554] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5554] exit_group(0) = ? [pid 5554] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5554, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./236", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./236/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./236/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./236/binderfs") = 0 [ 125.381616][ T5554] REISERFS (device loop0): Using r5 hash to sort names [ 125.388786][ T5554] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./236/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./236/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./236/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./236/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./236/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./236/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./236") = 0 mkdir("./237", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5556 ./strace-static-x86_64: Process 5556 attached [pid 5556] chdir("./237") = 0 [pid 5556] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5556] setpgid(0, 0) = 0 [pid 5556] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5556] write(3, "1000", 4) = 4 [pid 5556] close(3) = 0 [pid 5556] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5556] memfd_create("syzkaller", 0) = 3 [pid 5556] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5556] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5556] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5556] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5556] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5556] close(3) = 0 [pid 5556] mkdir("./file1", 0777) = 0 [ 125.532569][ T5556] loop0: detected capacity change from 0 to 8192 [ 125.543008][ T5556] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 125.556023][ T5556] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 125.565234][ T5556] REISERFS (device loop0): using ordered data mode [ 125.571898][ T5556] reiserfs: using flush barriers [ 125.578055][ T5556] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 125.594399][ T5556] REISERFS (device loop0): checking transaction log (loop0) [pid 5556] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5556] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5556] chdir("./file1") = 0 [pid 5556] ioctl(4, LOOP_CLR_FD) = 0 [pid 5556] close(4) = 0 [pid 5556] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5556] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5556] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5556] exit_group(0) = ? [pid 5556] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5556, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./237", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./237/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./237/binderfs") = 0 [ 125.635994][ T5556] REISERFS (device loop0): Using r5 hash to sort names [ 125.643084][ T5556] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./237/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./237/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./237/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./237/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./237/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./237/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./237") = 0 mkdir("./238", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5558 ./strace-static-x86_64: Process 5558 attached [pid 5558] chdir("./238") = 0 [pid 5558] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5558] setpgid(0, 0) = 0 [pid 5558] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5558] write(3, "1000", 4) = 4 [pid 5558] close(3) = 0 [pid 5558] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5558] memfd_create("syzkaller", 0) = 3 [pid 5558] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5558] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5558] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5558] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5558] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5558] close(3) = 0 [pid 5558] mkdir("./file1", 0777) = 0 [ 125.771655][ T5558] loop0: detected capacity change from 0 to 8192 [ 125.782487][ T5558] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 125.795602][ T5558] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 125.804823][ T5558] REISERFS (device loop0): using ordered data mode [ 125.811533][ T5558] reiserfs: using flush barriers [ 125.817609][ T5558] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 125.834016][ T5558] REISERFS (device loop0): checking transaction log (loop0) [pid 5558] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5558] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5558] chdir("./file1") = 0 [pid 5558] ioctl(4, LOOP_CLR_FD) = 0 [pid 5558] close(4) = 0 [pid 5558] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5558] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5558] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5558] exit_group(0) = ? [pid 5558] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5558, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./238", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./238/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./238/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./238/binderfs") = 0 [ 125.877125][ T5558] REISERFS (device loop0): Using r5 hash to sort names [ 125.884154][ T5558] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./238/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./238/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./238/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./238/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./238/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./238/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./238") = 0 mkdir("./239", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5560 ./strace-static-x86_64: Process 5560 attached [pid 5560] chdir("./239") = 0 [pid 5560] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5560] setpgid(0, 0) = 0 [pid 5560] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5560] write(3, "1000", 4) = 4 [pid 5560] close(3) = 0 [pid 5560] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5560] memfd_create("syzkaller", 0) = 3 [pid 5560] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5560] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5560] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5560] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5560] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5560] close(3) = 0 [pid 5560] mkdir("./file1", 0777) = 0 [ 126.019548][ T5560] loop0: detected capacity change from 0 to 8192 [ 126.029464][ T5560] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 126.042513][ T5560] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 126.052010][ T5560] REISERFS (device loop0): using ordered data mode [ 126.058680][ T5560] reiserfs: using flush barriers [ 126.064392][ T5560] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 126.081012][ T5560] REISERFS (device loop0): checking transaction log (loop0) [pid 5560] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5560] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5560] chdir("./file1") = 0 [pid 5560] ioctl(4, LOOP_CLR_FD) = 0 [pid 5560] close(4) = 0 [pid 5560] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5560] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5560] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5560] exit_group(0) = ? [pid 5560] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5560, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./239", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./239/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./239/binderfs") = 0 [ 126.127821][ T5560] REISERFS (device loop0): Using r5 hash to sort names [ 126.135230][ T5560] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./239/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./239/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./239/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./239/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./239/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./239/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./239") = 0 mkdir("./240", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5562 ./strace-static-x86_64: Process 5562 attached [pid 5562] chdir("./240") = 0 [pid 5562] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5562] setpgid(0, 0) = 0 [pid 5562] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5562] write(3, "1000", 4) = 4 [pid 5562] close(3) = 0 [pid 5562] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5562] memfd_create("syzkaller", 0) = 3 [pid 5562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5562] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5562] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5562] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5562] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5562] close(3) = 0 [pid 5562] mkdir("./file1", 0777) = 0 [ 126.267953][ T5562] loop0: detected capacity change from 0 to 8192 [ 126.277532][ T5562] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 126.290607][ T5562] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 126.299902][ T5562] REISERFS (device loop0): using ordered data mode [ 126.306513][ T5562] reiserfs: using flush barriers [ 126.312452][ T5562] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 126.328843][ T5562] REISERFS (device loop0): checking transaction log (loop0) [pid 5562] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5562] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5562] chdir("./file1") = 0 [pid 5562] ioctl(4, LOOP_CLR_FD) = 0 [pid 5562] close(4) = 0 [pid 5562] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5562] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5562] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5562] exit_group(0) = ? [pid 5562] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5562, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./240", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./240/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./240/binderfs") = 0 [ 126.375745][ T5562] REISERFS (device loop0): Using r5 hash to sort names [ 126.383141][ T5562] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./240/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./240/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./240/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./240/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./240/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./240/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./240") = 0 mkdir("./241", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5564 attached , child_tidptr=0x55555738c5d0) = 5564 [pid 5564] chdir("./241") = 0 [pid 5564] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5564] setpgid(0, 0) = 0 [pid 5564] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5564] write(3, "1000", 4) = 4 [pid 5564] close(3) = 0 [pid 5564] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5564] memfd_create("syzkaller", 0) = 3 [pid 5564] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5564] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5564] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5564] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5564] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5564] close(3) = 0 [pid 5564] mkdir("./file1", 0777) = 0 [ 126.524314][ T5564] loop0: detected capacity change from 0 to 8192 [ 126.533627][ T5564] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 126.546684][ T5564] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 126.555934][ T5564] REISERFS (device loop0): using ordered data mode [ 126.562482][ T5564] reiserfs: using flush barriers [ 126.568487][ T5564] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 126.585126][ T5564] REISERFS (device loop0): checking transaction log (loop0) [pid 5564] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5564] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5564] chdir("./file1") = 0 [pid 5564] ioctl(4, LOOP_CLR_FD) = 0 [pid 5564] close(4) = 0 [pid 5564] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5564] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5564] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5564] exit_group(0) = ? [pid 5564] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5564, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./241", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./241/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./241/binderfs") = 0 [ 126.631961][ T5564] REISERFS (device loop0): Using r5 hash to sort names [ 126.639406][ T5564] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./241/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./241/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./241/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./241/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./241/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./241/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./241") = 0 mkdir("./242", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5566 ./strace-static-x86_64: Process 5566 attached [pid 5566] chdir("./242") = 0 [pid 5566] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5566] setpgid(0, 0) = 0 [pid 5566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5566] write(3, "1000", 4) = 4 [pid 5566] close(3) = 0 [pid 5566] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5566] memfd_create("syzkaller", 0) = 3 [pid 5566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5566] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5566] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5566] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5566] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5566] close(3) = 0 [pid 5566] mkdir("./file1", 0777) = 0 [ 126.767225][ T5566] loop0: detected capacity change from 0 to 8192 [ 126.777710][ T5566] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 126.790732][ T5566] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 126.800231][ T5566] REISERFS (device loop0): using ordered data mode [ 126.806747][ T5566] reiserfs: using flush barriers [ 126.812740][ T5566] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 126.830318][ T5566] REISERFS (device loop0): checking transaction log (loop0) [pid 5566] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5566] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5566] chdir("./file1") = 0 [pid 5566] ioctl(4, LOOP_CLR_FD) = 0 [pid 5566] close(4) = 0 [pid 5566] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5566] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5566] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5566] exit_group(0) = ? [pid 5566] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5566, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./242", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./242/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./242/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./242/binderfs") = 0 [ 126.873687][ T5566] REISERFS (device loop0): Using r5 hash to sort names [ 126.880754][ T5566] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./242/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./242/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./242/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./242/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./242/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./242/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./242") = 0 mkdir("./243", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5568 ./strace-static-x86_64: Process 5568 attached [pid 5568] chdir("./243") = 0 [pid 5568] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5568] setpgid(0, 0) = 0 [pid 5568] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5568] write(3, "1000", 4) = 4 [pid 5568] close(3) = 0 [pid 5568] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5568] memfd_create("syzkaller", 0) = 3 [pid 5568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5568] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5568] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5568] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5568] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5568] close(3) = 0 [pid 5568] mkdir("./file1", 0777) = 0 [ 127.009916][ T5568] loop0: detected capacity change from 0 to 8192 [ 127.019132][ T5568] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 127.032153][ T5568] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 127.041786][ T5568] REISERFS (device loop0): using ordered data mode [ 127.048614][ T5568] reiserfs: using flush barriers [ 127.054415][ T5568] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 127.070981][ T5568] REISERFS (device loop0): checking transaction log (loop0) [pid 5568] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5568] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5568] chdir("./file1") = 0 [pid 5568] ioctl(4, LOOP_CLR_FD) = 0 [pid 5568] close(4) = 0 [pid 5568] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5568] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5568] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5568] exit_group(0) = ? [pid 5568] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5568, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./243", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./243/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./243/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./243/binderfs") = 0 [ 127.117695][ T5568] REISERFS (device loop0): Using r5 hash to sort names [ 127.124994][ T5568] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./243/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./243/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./243/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./243/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./243/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./243/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./243") = 0 mkdir("./244", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5570 ./strace-static-x86_64: Process 5570 attached [pid 5570] chdir("./244") = 0 [pid 5570] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5570] setpgid(0, 0) = 0 [pid 5570] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5570] write(3, "1000", 4) = 4 [pid 5570] close(3) = 0 [pid 5570] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5570] memfd_create("syzkaller", 0) = 3 [pid 5570] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5570] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5570] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5570] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5570] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5570] close(3) = 0 [pid 5570] mkdir("./file1", 0777) = 0 [ 127.259008][ T5570] loop0: detected capacity change from 0 to 8192 [ 127.269094][ T5570] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 127.282320][ T5570] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 127.291907][ T5570] REISERFS (device loop0): using ordered data mode [ 127.298692][ T5570] reiserfs: using flush barriers [ 127.304385][ T5570] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 127.320975][ T5570] REISERFS (device loop0): checking transaction log (loop0) [pid 5570] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5570] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5570] chdir("./file1") = 0 [pid 5570] ioctl(4, LOOP_CLR_FD) = 0 [pid 5570] close(4) = 0 [pid 5570] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5570] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5570] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5570] exit_group(0) = ? [pid 5570] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5570, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./244", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./244/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./244/binderfs") = 0 [ 127.363459][ T5570] REISERFS (device loop0): Using r5 hash to sort names [ 127.370774][ T5570] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./244/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./244/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./244/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./244/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./244/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./244/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./244") = 0 mkdir("./245", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5572 ./strace-static-x86_64: Process 5572 attached [pid 5572] chdir("./245") = 0 [pid 5572] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5572] setpgid(0, 0) = 0 [pid 5572] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5572] write(3, "1000", 4) = 4 [pid 5572] close(3) = 0 [pid 5572] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5572] memfd_create("syzkaller", 0) = 3 [pid 5572] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5572] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5572] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5572] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5572] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5572] close(3) = 0 [pid 5572] mkdir("./file1", 0777) = 0 [ 127.497894][ T5572] loop0: detected capacity change from 0 to 8192 [ 127.508536][ T5572] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 127.521561][ T5572] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 127.530809][ T5572] REISERFS (device loop0): using ordered data mode [ 127.537339][ T5572] reiserfs: using flush barriers [ 127.543150][ T5572] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 127.559616][ T5572] REISERFS (device loop0): checking transaction log (loop0) [pid 5572] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5572] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5572] chdir("./file1") = 0 [pid 5572] ioctl(4, LOOP_CLR_FD) = 0 [pid 5572] close(4) = 0 [pid 5572] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5572] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5572] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5572] exit_group(0) = ? [pid 5572] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5572, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./245", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./245/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./245/binderfs") = 0 [ 127.606677][ T5572] REISERFS (device loop0): Using r5 hash to sort names [ 127.614136][ T5572] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./245/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./245/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./245/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./245/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./245/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./245/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./245") = 0 mkdir("./246", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5574 ./strace-static-x86_64: Process 5574 attached [pid 5574] chdir("./246") = 0 [pid 5574] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5574] setpgid(0, 0) = 0 [pid 5574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5574] write(3, "1000", 4) = 4 [pid 5574] close(3) = 0 [pid 5574] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5574] memfd_create("syzkaller", 0) = 3 [pid 5574] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5574] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5574] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5574] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5574] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5574] close(3) = 0 [pid 5574] mkdir("./file1", 0777) = 0 [ 127.753912][ T5574] loop0: detected capacity change from 0 to 8192 [ 127.763898][ T5574] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 127.777437][ T5574] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 127.786619][ T5574] REISERFS (device loop0): using ordered data mode [ 127.793562][ T5574] reiserfs: using flush barriers [ 127.799637][ T5574] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 127.816297][ T5574] REISERFS (device loop0): checking transaction log (loop0) [pid 5574] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5574] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5574] chdir("./file1") = 0 [pid 5574] ioctl(4, LOOP_CLR_FD) = 0 [pid 5574] close(4) = 0 [pid 5574] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5574] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5574] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5574] exit_group(0) = ? [pid 5574] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5574, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./246", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./246/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./246/binderfs") = 0 [ 127.863139][ T5574] REISERFS (device loop0): Using r5 hash to sort names [ 127.870414][ T5574] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./246/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./246/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./246/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./246/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./246/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./246/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./246") = 0 mkdir("./247", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5576 ./strace-static-x86_64: Process 5576 attached [pid 5576] chdir("./247") = 0 [pid 5576] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5576] setpgid(0, 0) = 0 [pid 5576] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5576] write(3, "1000", 4) = 4 [pid 5576] close(3) = 0 [pid 5576] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5576] memfd_create("syzkaller", 0) = 3 [pid 5576] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5576] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5576] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5576] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5576] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5576] close(3) = 0 [pid 5576] mkdir("./file1", 0777) = 0 [ 127.987166][ T5576] loop0: detected capacity change from 0 to 8192 [ 127.996418][ T5576] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 128.009783][ T5576] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 128.019150][ T5576] REISERFS (device loop0): using ordered data mode [ 128.025655][ T5576] reiserfs: using flush barriers [ 128.031758][ T5576] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 128.048555][ T5576] REISERFS (device loop0): checking transaction log (loop0) [pid 5576] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5576] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5576] chdir("./file1") = 0 [pid 5576] ioctl(4, LOOP_CLR_FD) = 0 [pid 5576] close(4) = 0 [pid 5576] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5576] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5576] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5576] exit_group(0) = ? [pid 5576] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5576, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./247", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./247/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./247/binderfs") = 0 [ 128.098728][ T5576] REISERFS (device loop0): Using r5 hash to sort names [ 128.105852][ T5576] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./247/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./247/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./247/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./247/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./247/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./247/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./247") = 0 mkdir("./248", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5578 ./strace-static-x86_64: Process 5578 attached [pid 5578] chdir("./248") = 0 [pid 5578] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5578] setpgid(0, 0) = 0 [pid 5578] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5578] write(3, "1000", 4) = 4 [pid 5578] close(3) = 0 [pid 5578] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5578] memfd_create("syzkaller", 0) = 3 [pid 5578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5578] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5578] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5578] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5578] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5578] close(3) = 0 [pid 5578] mkdir("./file1", 0777) = 0 [ 128.245948][ T5578] loop0: detected capacity change from 0 to 8192 [ 128.255007][ T5578] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 128.268058][ T5578] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 128.277280][ T5578] REISERFS (device loop0): using ordered data mode [ 128.283779][ T5578] reiserfs: using flush barriers [ 128.289898][ T5578] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 128.306316][ T5578] REISERFS (device loop0): checking transaction log (loop0) [pid 5578] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5578] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5578] chdir("./file1") = 0 [pid 5578] ioctl(4, LOOP_CLR_FD) = 0 [pid 5578] close(4) = 0 [pid 5578] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5578] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5578] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5578] exit_group(0) = ? [pid 5578] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5578, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./248", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./248/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./248/binderfs") = 0 [ 128.354057][ T5578] REISERFS (device loop0): Using r5 hash to sort names [ 128.361280][ T5578] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./248/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./248/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./248/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./248/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./248/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./248/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./248") = 0 mkdir("./249", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5580 ./strace-static-x86_64: Process 5580 attached [pid 5580] chdir("./249") = 0 [pid 5580] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5580] setpgid(0, 0) = 0 [pid 5580] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5580] write(3, "1000", 4) = 4 [pid 5580] close(3) = 0 [pid 5580] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5580] memfd_create("syzkaller", 0) = 3 [pid 5580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5580] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5580] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5580] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5580] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5580] close(3) = 0 [pid 5580] mkdir("./file1", 0777) = 0 [ 128.502440][ T5580] loop0: detected capacity change from 0 to 8192 [ 128.512922][ T5580] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 128.526222][ T5580] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 128.535563][ T5580] REISERFS (device loop0): using ordered data mode [ 128.542091][ T5580] reiserfs: using flush barriers [ 128.548074][ T5580] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 128.564382][ T5580] REISERFS (device loop0): checking transaction log (loop0) [pid 5580] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5580] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5580] chdir("./file1") = 0 [pid 5580] ioctl(4, LOOP_CLR_FD) = 0 [pid 5580] close(4) = 0 [pid 5580] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5580] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5580] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5580] exit_group(0) = ? [pid 5580] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5580, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./249", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./249/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./249/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./249/binderfs") = 0 [ 128.607259][ T5580] REISERFS (device loop0): Using r5 hash to sort names [ 128.614303][ T5580] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./249/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./249/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./249/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./249/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./249/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./249/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./249") = 0 mkdir("./250", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5582 ./strace-static-x86_64: Process 5582 attached [pid 5582] chdir("./250") = 0 [pid 5582] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5582] setpgid(0, 0) = 0 [pid 5582] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5582] write(3, "1000", 4) = 4 [pid 5582] close(3) = 0 [pid 5582] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5582] memfd_create("syzkaller", 0) = 3 [pid 5582] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5582] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5582] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5582] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5582] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5582] close(3) = 0 [pid 5582] mkdir("./file1", 0777) = 0 [ 128.745207][ T5582] loop0: detected capacity change from 0 to 8192 [ 128.755943][ T5582] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 128.769313][ T5582] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 128.778597][ T5582] REISERFS (device loop0): using ordered data mode [ 128.785361][ T5582] reiserfs: using flush barriers [ 128.791394][ T5582] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 128.808026][ T5582] REISERFS (device loop0): checking transaction log (loop0) [pid 5582] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5582] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5582] chdir("./file1") = 0 [pid 5582] ioctl(4, LOOP_CLR_FD) = 0 [pid 5582] close(4) = 0 [pid 5582] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5582] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5582] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5582] exit_group(0) = ? [pid 5582] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5582, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./250", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./250/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./250/binderfs") = 0 [ 128.855193][ T5582] REISERFS (device loop0): Using r5 hash to sort names [ 128.862465][ T5582] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./250/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./250/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./250/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./250/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./250/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./250/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./250") = 0 mkdir("./251", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5584 ./strace-static-x86_64: Process 5584 attached [pid 5584] chdir("./251") = 0 [pid 5584] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5584] setpgid(0, 0) = 0 [pid 5584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5584] write(3, "1000", 4) = 4 [pid 5584] close(3) = 0 [pid 5584] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5584] memfd_create("syzkaller", 0) = 3 [pid 5584] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5584] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5584] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5584] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5584] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5584] close(3) = 0 [pid 5584] mkdir("./file1", 0777) = 0 [ 128.982255][ T5584] loop0: detected capacity change from 0 to 8192 [ 128.992303][ T5584] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 129.005451][ T5584] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 129.014650][ T5584] REISERFS (device loop0): using ordered data mode [ 129.021200][ T5584] reiserfs: using flush barriers [ 129.026871][ T5584] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 129.043362][ T5584] REISERFS (device loop0): checking transaction log (loop0) [pid 5584] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5584] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5584] chdir("./file1") = 0 [pid 5584] ioctl(4, LOOP_CLR_FD) = 0 [pid 5584] close(4) = 0 [pid 5584] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5584] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5584] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5584] exit_group(0) = ? [pid 5584] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5584, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./251", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./251/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./251/binderfs") = 0 [ 129.093039][ T5584] REISERFS (device loop0): Using r5 hash to sort names [ 129.100469][ T5584] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./251/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./251/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./251/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./251/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./251/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./251/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./251") = 0 mkdir("./252", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5586 ./strace-static-x86_64: Process 5586 attached [pid 5586] chdir("./252") = 0 [pid 5586] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5586] setpgid(0, 0) = 0 [pid 5586] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5586] write(3, "1000", 4) = 4 [pid 5586] close(3) = 0 [pid 5586] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5586] memfd_create("syzkaller", 0) = 3 [pid 5586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5586] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5586] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5586] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5586] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5586] close(3) = 0 [pid 5586] mkdir("./file1", 0777) = 0 [ 129.227000][ T5586] loop0: detected capacity change from 0 to 8192 [ 129.237104][ T5586] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 129.250395][ T5586] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 129.260058][ T5586] REISERFS (device loop0): using ordered data mode [ 129.266895][ T5586] reiserfs: using flush barriers [ 129.272847][ T5586] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 129.289686][ T5586] REISERFS (device loop0): checking transaction log (loop0) [pid 5586] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5586] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5586] chdir("./file1") = 0 [pid 5586] ioctl(4, LOOP_CLR_FD) = 0 [pid 5586] close(4) = 0 [pid 5586] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5586] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5586] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5586] exit_group(0) = ? [pid 5586] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5586, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./252", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./252/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./252/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./252/binderfs") = 0 [ 129.337979][ T5586] REISERFS (device loop0): Using r5 hash to sort names [ 129.345270][ T5586] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./252/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./252/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./252/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./252/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./252/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./252/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./252") = 0 mkdir("./253", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5588 attached , child_tidptr=0x55555738c5d0) = 5588 [pid 5588] chdir("./253") = 0 [pid 5588] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5588] setpgid(0, 0) = 0 [pid 5588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5588] write(3, "1000", 4) = 4 [pid 5588] close(3) = 0 [pid 5588] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5588] memfd_create("syzkaller", 0) = 3 [pid 5588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5588] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5588] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5588] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5588] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5588] close(3) = 0 [pid 5588] mkdir("./file1", 0777) = 0 [ 129.493287][ T5588] loop0: detected capacity change from 0 to 8192 [ 129.504385][ T5588] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 129.517475][ T5588] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 129.526705][ T5588] REISERFS (device loop0): using ordered data mode [ 129.533251][ T5588] reiserfs: using flush barriers [ 129.539176][ T5588] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 129.555873][ T5588] REISERFS (device loop0): checking transaction log (loop0) [pid 5588] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5588] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5588] chdir("./file1") = 0 [pid 5588] ioctl(4, LOOP_CLR_FD) = 0 [pid 5588] close(4) = 0 [pid 5588] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5588] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5588] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5588] exit_group(0) = ? [pid 5588] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5588, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./253", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./253/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./253/binderfs") = 0 [ 129.602565][ T5588] REISERFS (device loop0): Using r5 hash to sort names [ 129.609635][ T5588] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./253/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./253/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./253/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./253/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./253/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./253/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./253") = 0 mkdir("./254", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5590 attached , child_tidptr=0x55555738c5d0) = 5590 [pid 5590] chdir("./254") = 0 [pid 5590] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5590] setpgid(0, 0) = 0 [pid 5590] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5590] write(3, "1000", 4) = 4 [pid 5590] close(3) = 0 [pid 5590] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5590] memfd_create("syzkaller", 0) = 3 [pid 5590] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5590] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5590] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5590] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5590] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5590] close(3) = 0 [pid 5590] mkdir("./file1", 0777) = 0 [ 129.740226][ T5590] loop0: detected capacity change from 0 to 8192 [ 129.749813][ T5590] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 129.762794][ T5590] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 129.772009][ T5590] REISERFS (device loop0): using ordered data mode [ 129.778551][ T5590] reiserfs: using flush barriers [ 129.784421][ T5590] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 129.800835][ T5590] REISERFS (device loop0): checking transaction log (loop0) [pid 5590] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5590] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5590] chdir("./file1") = 0 [pid 5590] ioctl(4, LOOP_CLR_FD) = 0 [pid 5590] close(4) = 0 [pid 5590] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5590] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5590] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5590] exit_group(0) = ? [pid 5590] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5590, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./254", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./254/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./254/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./254/binderfs") = 0 [ 129.847405][ T5590] REISERFS (device loop0): Using r5 hash to sort names [ 129.854577][ T5590] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./254/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./254/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./254/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./254/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./254/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./254/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./254") = 0 mkdir("./255", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5592 ./strace-static-x86_64: Process 5592 attached [pid 5592] chdir("./255") = 0 [pid 5592] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5592] setpgid(0, 0) = 0 [pid 5592] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5592] write(3, "1000", 4) = 4 [pid 5592] close(3) = 0 [pid 5592] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5592] memfd_create("syzkaller", 0) = 3 [pid 5592] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5592] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5592] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5592] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5592] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5592] close(3) = 0 [pid 5592] mkdir("./file1", 0777) = 0 [ 129.992997][ T5592] loop0: detected capacity change from 0 to 8192 [ 130.003607][ T5592] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 130.016581][ T5592] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 130.025787][ T5592] REISERFS (device loop0): using ordered data mode [ 130.032331][ T5592] reiserfs: using flush barriers [ 130.038204][ T5592] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 130.054684][ T5592] REISERFS (device loop0): checking transaction log (loop0) [pid 5592] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5592] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5592] chdir("./file1") = 0 [pid 5592] ioctl(4, LOOP_CLR_FD) = 0 [pid 5592] close(4) = 0 [pid 5592] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5592] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5592] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5592] exit_group(0) = ? [pid 5592] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5592, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./255", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./255/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./255/binderfs") = 0 [ 130.101083][ T5592] REISERFS (device loop0): Using r5 hash to sort names [ 130.108526][ T5592] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./255/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./255/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./255/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./255/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./255/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./255/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./255") = 0 mkdir("./256", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5594 ./strace-static-x86_64: Process 5594 attached [pid 5594] chdir("./256") = 0 [pid 5594] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5594] setpgid(0, 0) = 0 [pid 5594] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5594] write(3, "1000", 4) = 4 [pid 5594] close(3) = 0 [pid 5594] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5594] memfd_create("syzkaller", 0) = 3 [pid 5594] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5594] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5594] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5594] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5594] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5594] close(3) = 0 [pid 5594] mkdir("./file1", 0777) = 0 [ 130.237821][ T5594] loop0: detected capacity change from 0 to 8192 [ 130.247678][ T5594] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 130.260896][ T5594] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 130.270441][ T5594] REISERFS (device loop0): using ordered data mode [ 130.277332][ T5594] reiserfs: using flush barriers [ 130.283063][ T5594] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 130.299888][ T5594] REISERFS (device loop0): checking transaction log (loop0) [pid 5594] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5594] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5594] chdir("./file1") = 0 [pid 5594] ioctl(4, LOOP_CLR_FD) = 0 [pid 5594] close(4) = 0 [pid 5594] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5594] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5594] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5594] exit_group(0) = ? [pid 5594] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5594, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./256", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./256/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./256/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./256/binderfs") = 0 umount2("./256/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./256/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./256/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./256/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./256/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./256/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./256") = 0 mkdir("./257", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 130.345884][ T5594] REISERFS (device loop0): Using r5 hash to sort names [ 130.353260][ T5594] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5596 ./strace-static-x86_64: Process 5596 attached [pid 5596] chdir("./257") = 0 [pid 5596] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5596] setpgid(0, 0) = 0 [pid 5596] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5596] write(3, "1000", 4) = 4 [pid 5596] close(3) = 0 [pid 5596] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5596] memfd_create("syzkaller", 0) = 3 [pid 5596] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5596] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5596] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5596] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5596] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5596] close(3) = 0 [pid 5596] mkdir("./file1", 0777) = 0 [ 130.481833][ T5596] loop0: detected capacity change from 0 to 8192 [ 130.493322][ T5596] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 130.506295][ T5596] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 130.515508][ T5596] REISERFS (device loop0): using ordered data mode [ 130.522074][ T5596] reiserfs: using flush barriers [ 130.528197][ T5596] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 130.544647][ T5596] REISERFS (device loop0): checking transaction log (loop0) [pid 5596] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5596] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5596] chdir("./file1") = 0 [pid 5596] ioctl(4, LOOP_CLR_FD) = 0 [pid 5596] close(4) = 0 [pid 5596] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5596] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5596] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5596] exit_group(0) = ? [pid 5596] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5596, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./257", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./257/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./257/binderfs") = 0 [ 130.585466][ T5596] REISERFS (device loop0): Using r5 hash to sort names [ 130.592545][ T5596] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./257/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./257/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./257/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./257/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./257/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./257/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./257") = 0 mkdir("./258", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5598 attached , child_tidptr=0x55555738c5d0) = 5598 [pid 5598] chdir("./258") = 0 [pid 5598] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5598] setpgid(0, 0) = 0 [pid 5598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5598] write(3, "1000", 4) = 4 [pid 5598] close(3) = 0 [pid 5598] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5598] memfd_create("syzkaller", 0) = 3 [pid 5598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5598] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5598] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5598] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5598] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5598] close(3) = 0 [pid 5598] mkdir("./file1", 0777) = 0 [ 130.740301][ T5598] loop0: detected capacity change from 0 to 8192 [ 130.750266][ T5598] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 130.763413][ T5598] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 130.772739][ T5598] REISERFS (device loop0): using ordered data mode [ 130.779296][ T5598] reiserfs: using flush barriers [ 130.785167][ T5598] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 130.801636][ T5598] REISERFS (device loop0): checking transaction log (loop0) [pid 5598] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5598] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5598] chdir("./file1") = 0 [pid 5598] ioctl(4, LOOP_CLR_FD) = 0 [pid 5598] close(4) = 0 [pid 5598] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5598] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5598] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5598] exit_group(0) = ? [pid 5598] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5598, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./258", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./258/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./258/binderfs") = 0 [ 130.849682][ T5598] REISERFS (device loop0): Using r5 hash to sort names [ 130.856718][ T5598] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./258/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./258/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./258/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./258/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./258/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./258/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./258") = 0 mkdir("./259", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5600 ./strace-static-x86_64: Process 5600 attached [pid 5600] chdir("./259") = 0 [pid 5600] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5600] setpgid(0, 0) = 0 [pid 5600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5600] write(3, "1000", 4) = 4 [pid 5600] close(3) = 0 [pid 5600] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5600] memfd_create("syzkaller", 0) = 3 [pid 5600] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5600] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5600] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5600] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5600] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5600] close(3) = 0 [pid 5600] mkdir("./file1", 0777) = 0 [ 130.990849][ T5600] loop0: detected capacity change from 0 to 8192 [ 131.001128][ T5600] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 131.014409][ T5600] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 131.023831][ T5600] REISERFS (device loop0): using ordered data mode [ 131.030602][ T5600] reiserfs: using flush barriers [ 131.036397][ T5600] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 131.053052][ T5600] REISERFS (device loop0): checking transaction log (loop0) [pid 5600] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5600] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5600] chdir("./file1") = 0 [pid 5600] ioctl(4, LOOP_CLR_FD) = 0 [pid 5600] close(4) = 0 [pid 5600] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5600] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5600] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5600] exit_group(0) = ? [pid 5600] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5600, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./259", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./259/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./259/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./259/binderfs") = 0 [ 131.103124][ T5600] REISERFS (device loop0): Using r5 hash to sort names [ 131.110590][ T5600] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./259/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./259/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./259/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./259/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./259/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./259/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./259") = 0 mkdir("./260", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5602 attached , child_tidptr=0x55555738c5d0) = 5602 [pid 5602] chdir("./260") = 0 [pid 5602] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5602] setpgid(0, 0) = 0 [pid 5602] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5602] write(3, "1000", 4) = 4 [pid 5602] close(3) = 0 [pid 5602] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5602] memfd_create("syzkaller", 0) = 3 [pid 5602] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5602] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5602] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5602] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5602] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5602] close(3) = 0 [pid 5602] mkdir("./file1", 0777) = 0 [ 131.251641][ T5602] loop0: detected capacity change from 0 to 8192 [ 131.261333][ T5602] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 131.274364][ T5602] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 131.283588][ T5602] REISERFS (device loop0): using ordered data mode [ 131.290131][ T5602] reiserfs: using flush barriers [ 131.295843][ T5602] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 131.312347][ T5602] REISERFS (device loop0): checking transaction log (loop0) [pid 5602] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5602] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5602] chdir("./file1") = 0 [pid 5602] ioctl(4, LOOP_CLR_FD) = 0 [pid 5602] close(4) = 0 [pid 5602] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5602] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5602] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5602] exit_group(0) = ? [pid 5602] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5602, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./260", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./260/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./260/binderfs") = 0 [ 131.359194][ T5602] REISERFS (device loop0): Using r5 hash to sort names [ 131.366568][ T5602] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./260/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./260/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./260/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./260/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./260/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./260/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./260") = 0 mkdir("./261", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5604 ./strace-static-x86_64: Process 5604 attached [pid 5604] chdir("./261") = 0 [pid 5604] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5604] setpgid(0, 0) = 0 [pid 5604] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5604] write(3, "1000", 4) = 4 [pid 5604] close(3) = 0 [pid 5604] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5604] memfd_create("syzkaller", 0) = 3 [pid 5604] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5604] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5604] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5604] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5604] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5604] close(3) = 0 [pid 5604] mkdir("./file1", 0777) = 0 [ 131.500346][ T5604] loop0: detected capacity change from 0 to 8192 [ 131.520448][ T5604] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 131.533741][ T5604] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 131.543481][ T5604] REISERFS (device loop0): using ordered data mode [ 131.550056][ T5604] reiserfs: using flush barriers [ 131.555881][ T5604] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 131.572600][ T5604] REISERFS (device loop0): checking transaction log (loop0) [pid 5604] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5604] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5604] chdir("./file1") = 0 [pid 5604] ioctl(4, LOOP_CLR_FD) = 0 [pid 5604] close(4) = 0 [pid 5604] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5604] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5604] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5604] exit_group(0) = ? [pid 5604] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5604, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- umount2("./261", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./261/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./261/binderfs") = 0 [ 131.622516][ T5604] REISERFS (device loop0): Using r5 hash to sort names [ 131.629897][ T5604] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./261/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./261/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./261/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./261/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./261/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./261/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./261") = 0 mkdir("./262", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5606 ./strace-static-x86_64: Process 5606 attached [pid 5606] chdir("./262") = 0 [pid 5606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5606] setpgid(0, 0) = 0 [pid 5606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5606] write(3, "1000", 4) = 4 [pid 5606] close(3) = 0 [pid 5606] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5606] memfd_create("syzkaller", 0) = 3 [pid 5606] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5606] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5606] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5606] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5606] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5606] close(3) = 0 [pid 5606] mkdir("./file1", 0777) = 0 [ 131.765080][ T5606] loop0: detected capacity change from 0 to 8192 [ 131.774955][ T5606] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 131.788202][ T5606] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 131.797667][ T5606] REISERFS (device loop0): using ordered data mode [ 131.804178][ T5606] reiserfs: using flush barriers [ 131.810126][ T5606] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 131.826577][ T5606] REISERFS (device loop0): checking transaction log (loop0) [pid 5606] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5606] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5606] chdir("./file1") = 0 [pid 5606] ioctl(4, LOOP_CLR_FD) = 0 [pid 5606] close(4) = 0 [pid 5606] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5606] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5606] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5606] exit_group(0) = ? [pid 5606] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5606, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./262", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./262/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./262/binderfs") = 0 [ 131.868706][ T5606] REISERFS (device loop0): Using r5 hash to sort names [ 131.876006][ T5606] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./262/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./262/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./262/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./262/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./262/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./262/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./262") = 0 mkdir("./263", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5608 ./strace-static-x86_64: Process 5608 attached [pid 5608] chdir("./263") = 0 [pid 5608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5608] setpgid(0, 0) = 0 [pid 5608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5608] write(3, "1000", 4) = 4 [pid 5608] close(3) = 0 [pid 5608] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5608] memfd_create("syzkaller", 0) = 3 [pid 5608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5608] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5608] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5608] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5608] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5608] close(3) = 0 [pid 5608] mkdir("./file1", 0777) = 0 [ 132.002146][ T5608] loop0: detected capacity change from 0 to 8192 [ 132.011650][ T5608] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 132.024677][ T5608] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 132.033893][ T5608] REISERFS (device loop0): using ordered data mode [ 132.040442][ T5608] reiserfs: using flush barriers [ 132.046084][ T5608] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 132.062540][ T5608] REISERFS (device loop0): checking transaction log (loop0) [pid 5608] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5608] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5608] chdir("./file1") = 0 [pid 5608] ioctl(4, LOOP_CLR_FD) = 0 [pid 5608] close(4) = 0 [pid 5608] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5608] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5608] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5608] exit_group(0) = ? [pid 5608] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5608, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./263", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./263/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./263/binderfs") = 0 [ 132.110367][ T5608] REISERFS (device loop0): Using r5 hash to sort names [ 132.117717][ T5608] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./263/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./263/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./263/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./263/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./263/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./263/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./263") = 0 mkdir("./264", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5610 ./strace-static-x86_64: Process 5610 attached [pid 5610] chdir("./264") = 0 [pid 5610] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5610] setpgid(0, 0) = 0 [pid 5610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5610] write(3, "1000", 4) = 4 [pid 5610] close(3) = 0 [pid 5610] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5610] memfd_create("syzkaller", 0) = 3 [pid 5610] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5610] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5610] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5610] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5610] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5610] close(3) = 0 [pid 5610] mkdir("./file1", 0777) = 0 [ 132.242404][ T5610] loop0: detected capacity change from 0 to 8192 [ 132.252206][ T5610] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 132.265248][ T5610] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 132.274478][ T5610] REISERFS (device loop0): using ordered data mode [ 132.281008][ T5610] reiserfs: using flush barriers [ 132.287207][ T5610] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 132.303954][ T5610] REISERFS (device loop0): checking transaction log (loop0) [pid 5610] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5610] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5610] chdir("./file1") = 0 [pid 5610] ioctl(4, LOOP_CLR_FD) = 0 [pid 5610] close(4) = 0 [pid 5610] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5610] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5610] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5610] exit_group(0) = ? [pid 5610] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5610, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./264", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./264/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./264/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./264/binderfs") = 0 [ 132.350001][ T5610] REISERFS (device loop0): Using r5 hash to sort names [ 132.357148][ T5610] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./264/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./264/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./264/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./264/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./264/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./264/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./264") = 0 mkdir("./265", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5612 ./strace-static-x86_64: Process 5612 attached [pid 5612] chdir("./265") = 0 [pid 5612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5612] setpgid(0, 0) = 0 [pid 5612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5612] write(3, "1000", 4) = 4 [pid 5612] close(3) = 0 [pid 5612] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5612] memfd_create("syzkaller", 0) = 3 [pid 5612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5612] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5612] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5612] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5612] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5612] close(3) = 0 [pid 5612] mkdir("./file1", 0777) = 0 [ 132.476629][ T5612] loop0: detected capacity change from 0 to 8192 [ 132.487405][ T5612] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 132.500673][ T5612] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 132.510374][ T5612] REISERFS (device loop0): using ordered data mode [ 132.517305][ T5612] reiserfs: using flush barriers [ 132.523260][ T5612] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 132.540969][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.547300][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.557490][ T5612] REISERFS (device loop0): checking transaction log (loop0) [pid 5612] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5612] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5612] chdir("./file1") = 0 [pid 5612] ioctl(4, LOOP_CLR_FD) = 0 [pid 5612] close(4) = 0 [pid 5612] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5612] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5612] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5612] exit_group(0) = ? [pid 5612] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5612, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- umount2("./265", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 132.669434][ T5612] REISERFS (device loop0): Using r5 hash to sort names [ 132.676652][ T5612] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./265/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./265/binderfs") = 0 umount2("./265/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./265/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./265/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./265/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./265/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./265/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./265") = 0 mkdir("./266", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5614 ./strace-static-x86_64: Process 5614 attached [pid 5614] chdir("./266") = 0 [pid 5614] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5614] setpgid(0, 0) = 0 [pid 5614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5614] write(3, "1000", 4) = 4 [pid 5614] close(3) = 0 [pid 5614] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5614] memfd_create("syzkaller", 0) = 3 [pid 5614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5614] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5614] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5614] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5614] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5614] close(3) = 0 [pid 5614] mkdir("./file1", 0777) = 0 [ 132.945169][ T5614] loop0: detected capacity change from 0 to 8192 [ 132.957490][ T5614] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 132.970931][ T5614] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 132.980564][ T5614] REISERFS (device loop0): using ordered data mode [ 132.987541][ T5614] reiserfs: using flush barriers [ 132.994380][ T5614] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 133.011273][ T5614] REISERFS (device loop0): checking transaction log (loop0) [pid 5614] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5614] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5614] chdir("./file1") = 0 [pid 5614] ioctl(4, LOOP_CLR_FD) = 0 [pid 5614] close(4) = 0 [pid 5614] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5614] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5614] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5614] exit_group(0) = ? [pid 5614] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5614, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./266", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./266/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./266/binderfs") = 0 [ 133.092656][ T5614] REISERFS (device loop0): Using r5 hash to sort names [ 133.099871][ T5614] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./266/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./266/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./266/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./266/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./266/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./266/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./266") = 0 mkdir("./267", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5616 ./strace-static-x86_64: Process 5616 attached [pid 5616] chdir("./267") = 0 [pid 5616] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5616] setpgid(0, 0) = 0 [pid 5616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5616] write(3, "1000", 4) = 4 [pid 5616] close(3) = 0 [pid 5616] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5616] memfd_create("syzkaller", 0) = 3 [pid 5616] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5616] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5616] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5616] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5616] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5616] close(3) = 0 [pid 5616] mkdir("./file1", 0777) = 0 [ 133.223118][ T5616] loop0: detected capacity change from 0 to 8192 [ 133.232997][ T5616] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 133.246332][ T5616] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 133.255999][ T5616] REISERFS (device loop0): using ordered data mode [ 133.262540][ T5616] reiserfs: using flush barriers [ 133.268518][ T5616] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 133.285229][ T5616] REISERFS (device loop0): checking transaction log (loop0) [pid 5616] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5616] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5616] chdir("./file1") = 0 [pid 5616] ioctl(4, LOOP_CLR_FD) = 0 [pid 5616] close(4) = 0 [pid 5616] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5616] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5616] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5616] exit_group(0) = ? [pid 5616] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5616, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./267", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./267/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./267/binderfs") = 0 [ 133.333302][ T5616] REISERFS (device loop0): Using r5 hash to sort names [ 133.340516][ T5616] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./267/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./267/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./267/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./267/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./267/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./267/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./267") = 0 mkdir("./268", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5618 attached , child_tidptr=0x55555738c5d0) = 5618 [pid 5618] chdir("./268") = 0 [pid 5618] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5618] setpgid(0, 0) = 0 [pid 5618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5618] write(3, "1000", 4) = 4 [pid 5618] close(3) = 0 [pid 5618] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5618] memfd_create("syzkaller", 0) = 3 [pid 5618] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5618] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5618] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5618] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5618] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5618] close(3) = 0 [pid 5618] mkdir("./file1", 0777) = 0 [ 133.477669][ T5618] loop0: detected capacity change from 0 to 8192 [ 133.487891][ T5618] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 133.500883][ T5618] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 133.510118][ T5618] REISERFS (device loop0): using ordered data mode [ 133.516639][ T5618] reiserfs: using flush barriers [ 133.522646][ T5618] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 133.538961][ T5618] REISERFS (device loop0): checking transaction log (loop0) [pid 5618] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5618] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5618] chdir("./file1") = 0 [pid 5618] ioctl(4, LOOP_CLR_FD) = 0 [pid 5618] close(4) = 0 [pid 5618] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5618] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5618] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5618] exit_group(0) = ? [pid 5618] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5618, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./268", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./268/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./268/binderfs") = 0 [ 133.586653][ T5618] REISERFS (device loop0): Using r5 hash to sort names [ 133.594200][ T5618] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./268/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./268/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./268/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./268/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./268/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./268/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./268") = 0 mkdir("./269", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5620 ./strace-static-x86_64: Process 5620 attached [pid 5620] chdir("./269") = 0 [pid 5620] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5620] setpgid(0, 0) = 0 [pid 5620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5620] write(3, "1000", 4) = 4 [pid 5620] close(3) = 0 [pid 5620] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5620] memfd_create("syzkaller", 0) = 3 [pid 5620] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5620] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5620] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5620] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5620] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5620] close(3) = 0 [pid 5620] mkdir("./file1", 0777) = 0 [ 133.718208][ T5620] loop0: detected capacity change from 0 to 8192 [ 133.727941][ T5620] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 133.740954][ T5620] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 133.750396][ T5620] REISERFS (device loop0): using ordered data mode [ 133.757217][ T5620] reiserfs: using flush barriers [ 133.763009][ T5620] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 133.779588][ T5620] REISERFS (device loop0): checking transaction log (loop0) [pid 5620] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5620] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5620] chdir("./file1") = 0 [pid 5620] ioctl(4, LOOP_CLR_FD) = 0 [pid 5620] close(4) = 0 [pid 5620] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5620] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5620] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5620] exit_group(0) = ? [pid 5620] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5620, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./269", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./269/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./269/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./269/binderfs") = 0 [ 133.829054][ T5620] REISERFS (device loop0): Using r5 hash to sort names [ 133.836352][ T5620] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./269/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./269/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./269/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./269/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./269/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./269/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./269") = 0 mkdir("./270", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5622 ./strace-static-x86_64: Process 5622 attached [pid 5622] chdir("./270") = 0 [pid 5622] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5622] setpgid(0, 0) = 0 [pid 5622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5622] write(3, "1000", 4) = 4 [pid 5622] close(3) = 0 [pid 5622] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5622] memfd_create("syzkaller", 0) = 3 [pid 5622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5622] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5622] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5622] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5622] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5622] close(3) = 0 [pid 5622] mkdir("./file1", 0777) = 0 [ 133.971591][ T5622] loop0: detected capacity change from 0 to 8192 [ 133.981623][ T5622] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 133.994772][ T5622] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 134.004085][ T5622] REISERFS (device loop0): using ordered data mode [ 134.010624][ T5622] reiserfs: using flush barriers [ 134.016432][ T5622] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 134.033117][ T5622] REISERFS (device loop0): checking transaction log (loop0) [pid 5622] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5622] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5622] chdir("./file1") = 0 [pid 5622] ioctl(4, LOOP_CLR_FD) = 0 [pid 5622] close(4) = 0 [pid 5622] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5622] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5622] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5622] exit_group(0) = ? [pid 5622] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5622, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./270", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./270/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./270/binderfs") = 0 umount2("./270/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./270/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./270/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./270/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./270/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./270/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./270") = 0 mkdir("./271", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 134.078922][ T5622] REISERFS (device loop0): Using r5 hash to sort names [ 134.086046][ T5622] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5624 ./strace-static-x86_64: Process 5624 attached [pid 5624] chdir("./271") = 0 [pid 5624] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5624] setpgid(0, 0) = 0 [pid 5624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5624] write(3, "1000", 4) = 4 [pid 5624] close(3) = 0 [pid 5624] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5624] memfd_create("syzkaller", 0) = 3 [pid 5624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5624] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5624] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5624] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5624] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5624] close(3) = 0 [pid 5624] mkdir("./file1", 0777) = 0 [ 134.216008][ T5624] loop0: detected capacity change from 0 to 8192 [ 134.226435][ T5624] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 134.239714][ T5624] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 134.249287][ T5624] REISERFS (device loop0): using ordered data mode [ 134.255843][ T5624] reiserfs: using flush barriers [ 134.261955][ T5624] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 134.278306][ T5624] REISERFS (device loop0): checking transaction log (loop0) [pid 5624] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5624] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5624] chdir("./file1") = 0 [pid 5624] ioctl(4, LOOP_CLR_FD) = 0 [pid 5624] close(4) = 0 [pid 5624] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5624] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5624] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5624] exit_group(0) = ? [pid 5624] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5624, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- umount2("./271", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./271/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./271/binderfs") = 0 [ 134.326209][ T5624] REISERFS (device loop0): Using r5 hash to sort names [ 134.333275][ T5624] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./271/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./271/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./271/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./271/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./271/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./271/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./271") = 0 mkdir("./272", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5626 ./strace-static-x86_64: Process 5626 attached [pid 5626] chdir("./272") = 0 [pid 5626] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5626] setpgid(0, 0) = 0 [pid 5626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5626] write(3, "1000", 4) = 4 [pid 5626] close(3) = 0 [pid 5626] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5626] memfd_create("syzkaller", 0) = 3 [pid 5626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5626] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5626] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5626] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5626] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5626] close(3) = 0 [pid 5626] mkdir("./file1", 0777) = 0 [ 134.464927][ T5626] loop0: detected capacity change from 0 to 8192 [ 134.474703][ T5626] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 134.487818][ T5626] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 134.497080][ T5626] REISERFS (device loop0): using ordered data mode [ 134.503586][ T5626] reiserfs: using flush barriers [ 134.509530][ T5626] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 134.525955][ T5626] REISERFS (device loop0): checking transaction log (loop0) [pid 5626] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5626] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5626] chdir("./file1") = 0 [pid 5626] ioctl(4, LOOP_CLR_FD) = 0 [pid 5626] close(4) = 0 [pid 5626] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5626] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5626] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5626] exit_group(0) = ? [pid 5626] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5626, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- umount2("./272", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./272/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./272/binderfs") = 0 [ 134.572310][ T5626] REISERFS (device loop0): Using r5 hash to sort names [ 134.579864][ T5626] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./272/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./272/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./272/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./272/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./272/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./272/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./272") = 0 mkdir("./273", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5628 ./strace-static-x86_64: Process 5628 attached [pid 5628] chdir("./273") = 0 [pid 5628] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5628] setpgid(0, 0) = 0 [pid 5628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5628] write(3, "1000", 4) = 4 [pid 5628] close(3) = 0 [pid 5628] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5628] memfd_create("syzkaller", 0) = 3 [pid 5628] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5628] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5628] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5628] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5628] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5628] close(3) = 0 [pid 5628] mkdir("./file1", 0777) = 0 [ 134.710822][ T5628] loop0: detected capacity change from 0 to 8192 [ 134.720414][ T5628] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 134.733407][ T5628] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 134.742629][ T5628] REISERFS (device loop0): using ordered data mode [ 134.749164][ T5628] reiserfs: using flush barriers [ 134.754922][ T5628] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 134.771347][ T5628] REISERFS (device loop0): checking transaction log (loop0) [pid 5628] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5628] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5628] chdir("./file1") = 0 [pid 5628] ioctl(4, LOOP_CLR_FD) = 0 [pid 5628] close(4) = 0 [pid 5628] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5628] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5628] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5628] exit_group(0) = ? [pid 5628] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5628, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./273", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./273/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./273/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./273/binderfs") = 0 [ 134.812691][ T5628] REISERFS (device loop0): Using r5 hash to sort names [ 134.820011][ T5628] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./273/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./273/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./273/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./273/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./273/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./273/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./273") = 0 mkdir("./274", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5630 ./strace-static-x86_64: Process 5630 attached [pid 5630] chdir("./274") = 0 [pid 5630] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5630] setpgid(0, 0) = 0 [pid 5630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5630] write(3, "1000", 4) = 4 [pid 5630] close(3) = 0 [pid 5630] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5630] memfd_create("syzkaller", 0) = 3 [pid 5630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5630] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5630] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5630] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5630] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5630] close(3) = 0 [pid 5630] mkdir("./file1", 0777) = 0 [ 134.948400][ T5630] loop0: detected capacity change from 0 to 8192 [ 134.958170][ T5630] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 134.971124][ T5630] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 134.980549][ T5630] REISERFS (device loop0): using ordered data mode [ 134.987215][ T5630] reiserfs: using flush barriers [ 134.992934][ T5630] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 135.009626][ T5630] REISERFS (device loop0): checking transaction log (loop0) [pid 5630] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5630] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5630] chdir("./file1") = 0 [pid 5630] ioctl(4, LOOP_CLR_FD) = 0 [pid 5630] close(4) = 0 [pid 5630] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5630] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5630] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5630] exit_group(0) = ? [pid 5630] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5630, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./274", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./274/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./274/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./274/binderfs") = 0 [ 135.060237][ T5630] REISERFS (device loop0): Using r5 hash to sort names [ 135.067371][ T5630] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./274/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./274/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./274/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./274/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./274/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./274/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./274") = 0 mkdir("./275", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5632 ./strace-static-x86_64: Process 5632 attached [pid 5632] chdir("./275") = 0 [pid 5632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5632] setpgid(0, 0) = 0 [pid 5632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5632] write(3, "1000", 4) = 4 [pid 5632] close(3) = 0 [pid 5632] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5632] memfd_create("syzkaller", 0) = 3 [pid 5632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5632] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5632] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5632] close(3) = 0 [pid 5632] mkdir("./file1", 0777) = 0 [ 135.193770][ T5632] loop0: detected capacity change from 0 to 8192 [ 135.203430][ T5632] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 135.216829][ T5632] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 135.226003][ T5632] REISERFS (device loop0): using ordered data mode [ 135.232789][ T5632] reiserfs: using flush barriers [ 135.238853][ T5632] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 135.255452][ T5632] REISERFS (device loop0): checking transaction log (loop0) [pid 5632] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5632] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5632] chdir("./file1") = 0 [pid 5632] ioctl(4, LOOP_CLR_FD) = 0 [pid 5632] close(4) = 0 [pid 5632] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5632] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5632] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5632] exit_group(0) = ? [pid 5632] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5632, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./275", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./275/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./275/binderfs") = 0 [ 135.297637][ T5632] REISERFS (device loop0): Using r5 hash to sort names [ 135.304677][ T5632] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./275/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./275/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./275/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./275/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./275/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./275/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./275") = 0 mkdir("./276", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5634 ./strace-static-x86_64: Process 5634 attached [pid 5634] chdir("./276") = 0 [pid 5634] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5634] setpgid(0, 0) = 0 [pid 5634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5634] write(3, "1000", 4) = 4 [pid 5634] close(3) = 0 [pid 5634] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5634] memfd_create("syzkaller", 0) = 3 [pid 5634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5634] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5634] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5634] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5634] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5634] close(3) = 0 [pid 5634] mkdir("./file1", 0777) = 0 [ 135.444054][ T5634] loop0: detected capacity change from 0 to 8192 [ 135.454100][ T5634] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 135.467378][ T5634] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 135.476544][ T5634] REISERFS (device loop0): using ordered data mode [ 135.483332][ T5634] reiserfs: using flush barriers [ 135.489548][ T5634] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 135.506173][ T5634] REISERFS (device loop0): checking transaction log (loop0) [pid 5634] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5634] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5634] chdir("./file1") = 0 [pid 5634] ioctl(4, LOOP_CLR_FD) = 0 [pid 5634] close(4) = 0 [pid 5634] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5634] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5634] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5634] exit_group(0) = ? [pid 5634] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5634, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./276", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./276/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./276/binderfs") = 0 [ 135.548138][ T5634] REISERFS (device loop0): Using r5 hash to sort names [ 135.555165][ T5634] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./276/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./276/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./276/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./276/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./276/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./276/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./276") = 0 mkdir("./277", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5636 ./strace-static-x86_64: Process 5636 attached [pid 5636] chdir("./277") = 0 [pid 5636] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5636] setpgid(0, 0) = 0 [pid 5636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5636] write(3, "1000", 4) = 4 [pid 5636] close(3) = 0 [pid 5636] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5636] memfd_create("syzkaller", 0) = 3 [pid 5636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5636] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5636] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5636] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5636] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5636] close(3) = 0 [pid 5636] mkdir("./file1", 0777) = 0 [ 135.689215][ T5636] loop0: detected capacity change from 0 to 8192 [ 135.698870][ T5636] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 135.711878][ T5636] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 135.721496][ T5636] REISERFS (device loop0): using ordered data mode [ 135.728245][ T5636] reiserfs: using flush barriers [ 135.734056][ T5636] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 135.750677][ T5636] REISERFS (device loop0): checking transaction log (loop0) [pid 5636] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5636] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5636] chdir("./file1") = 0 [pid 5636] ioctl(4, LOOP_CLR_FD) = 0 [pid 5636] close(4) = 0 [pid 5636] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5636] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5636] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5636] exit_group(0) = ? [pid 5636] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5636, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./277", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./277/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./277/binderfs") = 0 [ 135.801077][ T5636] REISERFS (device loop0): Using r5 hash to sort names [ 135.808511][ T5636] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./277/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./277/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./277/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./277/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./277/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./277/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./277") = 0 mkdir("./278", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5638 ./strace-static-x86_64: Process 5638 attached [pid 5638] chdir("./278") = 0 [pid 5638] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5638] setpgid(0, 0) = 0 [pid 5638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5638] write(3, "1000", 4) = 4 [pid 5638] close(3) = 0 [pid 5638] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5638] memfd_create("syzkaller", 0) = 3 [pid 5638] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5638] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5638] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5638] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5638] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5638] close(3) = 0 [pid 5638] mkdir("./file1", 0777) = 0 [ 135.952290][ T5638] loop0: detected capacity change from 0 to 8192 [ 135.962624][ T5638] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 135.975906][ T5638] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 135.985277][ T5638] REISERFS (device loop0): using ordered data mode [ 135.991958][ T5638] reiserfs: using flush barriers [ 135.997948][ T5638] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 136.014645][ T5638] REISERFS (device loop0): checking transaction log (loop0) [pid 5638] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5638] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5638] chdir("./file1") = 0 [pid 5638] ioctl(4, LOOP_CLR_FD) = 0 [pid 5638] close(4) = 0 [pid 5638] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5638] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5638] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5638] exit_group(0) = ? [pid 5638] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5638, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- umount2("./278", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./278/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./278/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./278/binderfs") = 0 [ 136.064094][ T5638] REISERFS (device loop0): Using r5 hash to sort names [ 136.071309][ T5638] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./278/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./278/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./278/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./278/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./278/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./278/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./278") = 0 mkdir("./279", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5640 attached , child_tidptr=0x55555738c5d0) = 5640 [pid 5640] chdir("./279") = 0 [pid 5640] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5640] setpgid(0, 0) = 0 [pid 5640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5640] write(3, "1000", 4) = 4 [pid 5640] close(3) = 0 [pid 5640] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5640] memfd_create("syzkaller", 0) = 3 [pid 5640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5640] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5640] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5640] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5640] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5640] close(3) = 0 [pid 5640] mkdir("./file1", 0777) = 0 [ 136.201593][ T5640] loop0: detected capacity change from 0 to 8192 [ 136.211384][ T5640] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 136.224424][ T5640] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 136.233682][ T5640] REISERFS (device loop0): using ordered data mode [ 136.240254][ T5640] reiserfs: using flush barriers [ 136.245920][ T5640] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 136.262417][ T5640] REISERFS (device loop0): checking transaction log (loop0) [pid 5640] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5640] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5640] chdir("./file1") = 0 [pid 5640] ioctl(4, LOOP_CLR_FD) = 0 [pid 5640] close(4) = 0 [pid 5640] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5640] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5640] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5640] exit_group(0) = ? [pid 5640] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5640, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./279", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./279/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./279/binderfs") = 0 [ 136.309022][ T5640] REISERFS (device loop0): Using r5 hash to sort names [ 136.316093][ T5640] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./279/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./279/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./279/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./279/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./279/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./279/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./279") = 0 mkdir("./280", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5642 ./strace-static-x86_64: Process 5642 attached [pid 5642] chdir("./280") = 0 [pid 5642] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5642] setpgid(0, 0) = 0 [pid 5642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5642] write(3, "1000", 4) = 4 [pid 5642] close(3) = 0 [pid 5642] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5642] memfd_create("syzkaller", 0) = 3 [pid 5642] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5642] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5642] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5642] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5642] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5642] close(3) = 0 [pid 5642] mkdir("./file1", 0777) = 0 [ 136.432540][ T5642] loop0: detected capacity change from 0 to 8192 [ 136.442309][ T5642] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 136.455325][ T5642] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 136.464586][ T5642] REISERFS (device loop0): using ordered data mode [ 136.471226][ T5642] reiserfs: using flush barriers [ 136.477186][ T5642] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 136.493626][ T5642] REISERFS (device loop0): checking transaction log (loop0) [pid 5642] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5642] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5642] chdir("./file1") = 0 [pid 5642] ioctl(4, LOOP_CLR_FD) = 0 [pid 5642] close(4) = 0 [pid 5642] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5642] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5642] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5642] exit_group(0) = ? [pid 5642] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5642, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./280", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./280/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./280/binderfs") = 0 [ 136.539888][ T5642] REISERFS (device loop0): Using r5 hash to sort names [ 136.547192][ T5642] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./280/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./280/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./280/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./280/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./280/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./280/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./280") = 0 mkdir("./281", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5644 ./strace-static-x86_64: Process 5644 attached [pid 5644] chdir("./281") = 0 [pid 5644] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5644] setpgid(0, 0) = 0 [pid 5644] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5644] write(3, "1000", 4) = 4 [pid 5644] close(3) = 0 [pid 5644] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5644] memfd_create("syzkaller", 0) = 3 [pid 5644] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5644] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5644] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5644] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5644] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5644] close(3) = 0 [pid 5644] mkdir("./file1", 0777) = 0 [ 136.680370][ T5644] loop0: detected capacity change from 0 to 8192 [ 136.689753][ T5644] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 136.702749][ T5644] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 136.711965][ T5644] REISERFS (device loop0): using ordered data mode [ 136.718497][ T5644] reiserfs: using flush barriers [ 136.724318][ T5644] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 136.740806][ T5644] REISERFS (device loop0): checking transaction log (loop0) [pid 5644] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5644] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5644] chdir("./file1") = 0 [pid 5644] ioctl(4, LOOP_CLR_FD) = 0 [pid 5644] close(4) = 0 [pid 5644] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5644] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5644] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5644] exit_group(0) = ? [pid 5644] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5644, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./281", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./281/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./281/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./281/binderfs") = 0 [ 136.789833][ T5644] REISERFS (device loop0): Using r5 hash to sort names [ 136.797227][ T5644] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./281/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./281/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./281/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./281/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./281/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./281/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./281") = 0 mkdir("./282", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5646 ./strace-static-x86_64: Process 5646 attached [pid 5646] chdir("./282") = 0 [pid 5646] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5646] setpgid(0, 0) = 0 [pid 5646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5646] write(3, "1000", 4) = 4 [pid 5646] close(3) = 0 [pid 5646] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5646] memfd_create("syzkaller", 0) = 3 [pid 5646] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5646] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5646] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5646] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5646] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5646] close(3) = 0 [pid 5646] mkdir("./file1", 0777) = 0 [ 136.923960][ T5646] loop0: detected capacity change from 0 to 8192 [ 136.933923][ T5646] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 136.947010][ T5646] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 136.956178][ T5646] REISERFS (device loop0): using ordered data mode [ 136.962741][ T5646] reiserfs: using flush barriers [ 136.968657][ T5646] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 136.985139][ T5646] REISERFS (device loop0): checking transaction log (loop0) [pid 5646] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5646] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5646] chdir("./file1") = 0 [pid 5646] ioctl(4, LOOP_CLR_FD) = 0 [pid 5646] close(4) = 0 [pid 5646] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5646] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5646] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5646] exit_group(0) = ? [pid 5646] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5646, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./282", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./282/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./282/binderfs") = 0 [ 137.031648][ T5646] REISERFS (device loop0): Using r5 hash to sort names [ 137.038943][ T5646] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./282/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./282/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./282/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./282/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./282/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./282/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./282") = 0 mkdir("./283", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5648 ./strace-static-x86_64: Process 5648 attached [pid 5648] chdir("./283") = 0 [pid 5648] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5648] setpgid(0, 0) = 0 [pid 5648] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5648] write(3, "1000", 4) = 4 [pid 5648] close(3) = 0 [pid 5648] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5648] memfd_create("syzkaller", 0) = 3 [pid 5648] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5648] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5648] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5648] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5648] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5648] close(3) = 0 [pid 5648] mkdir("./file1", 0777) = 0 [ 137.171895][ T5648] loop0: detected capacity change from 0 to 8192 [ 137.182303][ T5648] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 137.195416][ T5648] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 137.204784][ T5648] REISERFS (device loop0): using ordered data mode [ 137.211759][ T5648] reiserfs: using flush barriers [ 137.217868][ T5648] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 137.234502][ T5648] REISERFS (device loop0): checking transaction log (loop0) [pid 5648] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5648] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5648] chdir("./file1") = 0 [pid 5648] ioctl(4, LOOP_CLR_FD) = 0 [pid 5648] close(4) = 0 [pid 5648] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5648] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5648] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5648] exit_group(0) = ? [pid 5648] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5648, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./283", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./283/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./283/binderfs") = 0 [ 137.275647][ T5648] REISERFS (device loop0): Using r5 hash to sort names [ 137.282732][ T5648] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./283/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./283/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./283/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./283/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./283/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./283/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./283") = 0 mkdir("./284", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5650 ./strace-static-x86_64: Process 5650 attached [pid 5650] chdir("./284") = 0 [pid 5650] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5650] setpgid(0, 0) = 0 [pid 5650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5650] write(3, "1000", 4) = 4 [pid 5650] close(3) = 0 [pid 5650] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5650] memfd_create("syzkaller", 0) = 3 [pid 5650] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5650] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5650] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5650] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5650] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5650] close(3) = 0 [pid 5650] mkdir("./file1", 0777) = 0 [ 137.427848][ T5650] loop0: detected capacity change from 0 to 8192 [ 137.438150][ T5650] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 137.451192][ T5650] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 137.460691][ T5650] REISERFS (device loop0): using ordered data mode [ 137.467477][ T5650] reiserfs: using flush barriers [ 137.473272][ T5650] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 137.489649][ T5650] REISERFS (device loop0): checking transaction log (loop0) [pid 5650] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5650] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5650] chdir("./file1") = 0 [pid 5650] ioctl(4, LOOP_CLR_FD) = 0 [pid 5650] close(4) = 0 [pid 5650] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5650] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5650] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5650] exit_group(0) = ? [pid 5650] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5650, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./284", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./284/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./284/binderfs") = 0 [ 137.537095][ T5650] REISERFS (device loop0): Using r5 hash to sort names [ 137.544148][ T5650] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./284/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./284/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./284/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./284/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./284/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./284/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./284") = 0 mkdir("./285", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5652 ./strace-static-x86_64: Process 5652 attached [pid 5652] chdir("./285") = 0 [pid 5652] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5652] setpgid(0, 0) = 0 [pid 5652] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5652] write(3, "1000", 4) = 4 [pid 5652] close(3) = 0 [pid 5652] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5652] memfd_create("syzkaller", 0) = 3 [pid 5652] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5652] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5652] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5652] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5652] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5652] close(3) = 0 [pid 5652] mkdir("./file1", 0777) = 0 [ 137.677570][ T5652] loop0: detected capacity change from 0 to 8192 [ 137.687372][ T5652] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 137.700357][ T5652] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 137.709603][ T5652] REISERFS (device loop0): using ordered data mode [ 137.716117][ T5652] reiserfs: using flush barriers [ 137.722073][ T5652] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 137.738414][ T5652] REISERFS (device loop0): checking transaction log (loop0) [pid 5652] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5652] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5652] chdir("./file1") = 0 [pid 5652] ioctl(4, LOOP_CLR_FD) = 0 [pid 5652] close(4) = 0 [pid 5652] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5652] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5652] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5652] exit_group(0) = ? [pid 5652] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5652, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./285", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./285/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./285/binderfs") = 0 [ 137.779671][ T5652] REISERFS (device loop0): Using r5 hash to sort names [ 137.786708][ T5652] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./285/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./285/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./285/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./285/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./285/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./285/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./285") = 0 mkdir("./286", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5654 ./strace-static-x86_64: Process 5654 attached [pid 5654] chdir("./286") = 0 [pid 5654] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5654] setpgid(0, 0) = 0 [pid 5654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5654] write(3, "1000", 4) = 4 [pid 5654] close(3) = 0 [pid 5654] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5654] memfd_create("syzkaller", 0) = 3 [pid 5654] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5654] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5654] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5654] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5654] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5654] close(3) = 0 [pid 5654] mkdir("./file1", 0777) = 0 [ 137.910966][ T5654] loop0: detected capacity change from 0 to 8192 [ 137.920947][ T5654] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 137.933947][ T5654] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 137.943181][ T5654] REISERFS (device loop0): using ordered data mode [ 137.949707][ T5654] reiserfs: using flush barriers [ 137.955588][ T5654] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 137.972162][ T5654] REISERFS (device loop0): checking transaction log (loop0) [pid 5654] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5654] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5654] chdir("./file1") = 0 [pid 5654] ioctl(4, LOOP_CLR_FD) = 0 [pid 5654] close(4) = 0 [pid 5654] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5654] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5654] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5654] exit_group(0) = ? [pid 5654] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5654, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./286", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./286/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./286/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./286/binderfs") = 0 [ 138.018719][ T5654] REISERFS (device loop0): Using r5 hash to sort names [ 138.025911][ T5654] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./286/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./286/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./286/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./286/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./286/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./286/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./286") = 0 mkdir("./287", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5656 ./strace-static-x86_64: Process 5656 attached [pid 5656] chdir("./287") = 0 [pid 5656] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5656] setpgid(0, 0) = 0 [pid 5656] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5656] write(3, "1000", 4) = 4 [pid 5656] close(3) = 0 [pid 5656] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5656] memfd_create("syzkaller", 0) = 3 [pid 5656] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5656] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5656] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5656] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5656] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5656] close(3) = 0 [pid 5656] mkdir("./file1", 0777) = 0 [ 138.154590][ T5656] loop0: detected capacity change from 0 to 8192 [ 138.164059][ T5656] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 138.177366][ T5656] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 138.187234][ T5656] REISERFS (device loop0): using ordered data mode [ 138.194026][ T5656] reiserfs: using flush barriers [ 138.200119][ T5656] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 138.216765][ T5656] REISERFS (device loop0): checking transaction log (loop0) [pid 5656] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5656] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5656] chdir("./file1") = 0 [pid 5656] ioctl(4, LOOP_CLR_FD) = 0 [pid 5656] close(4) = 0 [pid 5656] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5656] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5656] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5656] exit_group(0) = ? [pid 5656] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5656, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- umount2("./287", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./287/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./287/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./287/binderfs") = 0 [ 138.264310][ T5656] REISERFS (device loop0): Using r5 hash to sort names [ 138.271428][ T5656] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./287/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./287/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./287/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./287/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./287/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./287/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./287") = 0 mkdir("./288", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5658 ./strace-static-x86_64: Process 5658 attached [pid 5658] chdir("./288") = 0 [pid 5658] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5658] setpgid(0, 0) = 0 [pid 5658] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5658] write(3, "1000", 4) = 4 [pid 5658] close(3) = 0 [pid 5658] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5658] memfd_create("syzkaller", 0) = 3 [pid 5658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5658] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5658] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5658] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5658] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5658] close(3) = 0 [pid 5658] mkdir("./file1", 0777) = 0 [ 138.398367][ T5658] loop0: detected capacity change from 0 to 8192 [ 138.407834][ T5658] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 138.420832][ T5658] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 138.430293][ T5658] REISERFS (device loop0): using ordered data mode [ 138.437108][ T5658] reiserfs: using flush barriers [ 138.442820][ T5658] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 138.459636][ T5658] REISERFS (device loop0): checking transaction log (loop0) [pid 5658] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5658] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5658] chdir("./file1") = 0 [pid 5658] ioctl(4, LOOP_CLR_FD) = 0 [pid 5658] close(4) = 0 [pid 5658] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5658] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5658] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5658] exit_group(0) = ? [pid 5658] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5658, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./288", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./288/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./288/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./288/binderfs") = 0 [ 138.506368][ T5658] REISERFS (device loop0): Using r5 hash to sort names [ 138.513730][ T5658] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./288/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./288/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./288/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./288/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./288/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./288/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./288") = 0 mkdir("./289", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5660 ./strace-static-x86_64: Process 5660 attached [pid 5660] chdir("./289") = 0 [pid 5660] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5660] setpgid(0, 0) = 0 [pid 5660] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5660] write(3, "1000", 4) = 4 [pid 5660] close(3) = 0 [pid 5660] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5660] memfd_create("syzkaller", 0) = 3 [pid 5660] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5660] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5660] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5660] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5660] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5660] close(3) = 0 [pid 5660] mkdir("./file1", 0777) = 0 [ 138.647939][ T5660] loop0: detected capacity change from 0 to 8192 [ 138.658291][ T5660] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 138.671282][ T5660] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 138.680869][ T5660] REISERFS (device loop0): using ordered data mode [ 138.687873][ T5660] reiserfs: using flush barriers [ 138.693801][ T5660] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 138.710540][ T5660] REISERFS (device loop0): checking transaction log (loop0) [pid 5660] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5660] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5660] chdir("./file1") = 0 [pid 5660] ioctl(4, LOOP_CLR_FD) = 0 [pid 5660] close(4) = 0 [pid 5660] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5660] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5660] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5660] exit_group(0) = ? [pid 5660] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5660, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./289", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./289/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./289/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./289/binderfs") = 0 [ 138.756330][ T5660] REISERFS (device loop0): Using r5 hash to sort names [ 138.763520][ T5660] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./289/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./289/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./289/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./289/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./289/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./289/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./289") = 0 mkdir("./290", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5662 ./strace-static-x86_64: Process 5662 attached [pid 5662] chdir("./290") = 0 [pid 5662] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5662] setpgid(0, 0) = 0 [pid 5662] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5662] write(3, "1000", 4) = 4 [pid 5662] close(3) = 0 [pid 5662] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5662] memfd_create("syzkaller", 0) = 3 [pid 5662] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5662] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5662] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5662] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5662] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5662] close(3) = 0 [pid 5662] mkdir("./file1", 0777) = 0 [ 138.889725][ T5662] loop0: detected capacity change from 0 to 8192 [ 138.899482][ T5662] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 138.912513][ T5662] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 138.921983][ T5662] REISERFS (device loop0): using ordered data mode [ 138.928622][ T5662] reiserfs: using flush barriers [ 138.934315][ T5662] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 138.950724][ T5662] REISERFS (device loop0): checking transaction log (loop0) [pid 5662] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5662] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5662] chdir("./file1") = 0 [pid 5662] ioctl(4, LOOP_CLR_FD) = 0 [pid 5662] close(4) = 0 [pid 5662] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5662] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5662] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5662] exit_group(0) = ? [pid 5662] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5662, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./290", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./290", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./290/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./290/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./290/binderfs") = 0 [ 138.999204][ T5662] REISERFS (device loop0): Using r5 hash to sort names [ 139.006382][ T5662] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./290/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./290/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./290/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./290/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./290/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./290/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./290") = 0 mkdir("./291", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5664 ./strace-static-x86_64: Process 5664 attached [pid 5664] chdir("./291") = 0 [pid 5664] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5664] setpgid(0, 0) = 0 [pid 5664] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5664] write(3, "1000", 4) = 4 [pid 5664] close(3) = 0 [pid 5664] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5664] memfd_create("syzkaller", 0) = 3 [pid 5664] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5664] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5664] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5664] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5664] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5664] close(3) = 0 [pid 5664] mkdir("./file1", 0777) = 0 [ 139.133745][ T5664] loop0: detected capacity change from 0 to 8192 [ 139.143820][ T5664] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 139.156884][ T5664] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 139.166084][ T5664] REISERFS (device loop0): using ordered data mode [ 139.172647][ T5664] reiserfs: using flush barriers [ 139.178477][ T5664] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 139.194939][ T5664] REISERFS (device loop0): checking transaction log (loop0) [pid 5664] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5664] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5664] chdir("./file1") = 0 [pid 5664] ioctl(4, LOOP_CLR_FD) = 0 [pid 5664] close(4) = 0 [pid 5664] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5664] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5664] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5664] exit_group(0) = ? [pid 5664] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5664, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./291", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./291", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./291/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./291/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./291/binderfs") = 0 [ 139.241329][ T5664] REISERFS (device loop0): Using r5 hash to sort names [ 139.248574][ T5664] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./291/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./291/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./291/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./291/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./291/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./291/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./291") = 0 mkdir("./292", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5666 ./strace-static-x86_64: Process 5666 attached [pid 5666] chdir("./292") = 0 [pid 5666] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5666] setpgid(0, 0) = 0 [pid 5666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5666] write(3, "1000", 4) = 4 [pid 5666] close(3) = 0 [pid 5666] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5666] memfd_create("syzkaller", 0) = 3 [pid 5666] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5666] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5666] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5666] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5666] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5666] close(3) = 0 [pid 5666] mkdir("./file1", 0777) = 0 [ 139.392418][ T5666] loop0: detected capacity change from 0 to 8192 [ 139.403295][ T5666] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 139.416405][ T5666] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 139.426051][ T5666] REISERFS (device loop0): using ordered data mode [ 139.432648][ T5666] reiserfs: using flush barriers [ 139.438396][ T5666] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 139.454885][ T5666] REISERFS (device loop0): checking transaction log (loop0) [pid 5666] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5666] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5666] chdir("./file1") = 0 [pid 5666] ioctl(4, LOOP_CLR_FD) = 0 [pid 5666] close(4) = 0 [pid 5666] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5666] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5666] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5666] exit_group(0) = ? [pid 5666] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5666, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- umount2("./292", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./292", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./292/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./292/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./292/binderfs") = 0 [ 139.498161][ T5666] REISERFS (device loop0): Using r5 hash to sort names [ 139.505189][ T5666] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./292/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./292/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./292/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./292/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./292/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./292/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./292") = 0 mkdir("./293", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5668 ./strace-static-x86_64: Process 5668 attached [pid 5668] chdir("./293") = 0 [pid 5668] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5668] setpgid(0, 0) = 0 [pid 5668] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5668] write(3, "1000", 4) = 4 [pid 5668] close(3) = 0 [pid 5668] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5668] memfd_create("syzkaller", 0) = 3 [pid 5668] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5668] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5668] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5668] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5668] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5668] close(3) = 0 [pid 5668] mkdir("./file1", 0777) = 0 [ 139.637902][ T5668] loop0: detected capacity change from 0 to 8192 [ 139.647679][ T5668] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 139.661322][ T5668] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 139.670755][ T5668] REISERFS (device loop0): using ordered data mode [ 139.677442][ T5668] reiserfs: using flush barriers [ 139.683327][ T5668] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 139.700211][ T5668] REISERFS (device loop0): checking transaction log (loop0) [pid 5668] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5668] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5668] chdir("./file1") = 0 [pid 5668] ioctl(4, LOOP_CLR_FD) = 0 [pid 5668] close(4) = 0 [pid 5668] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5668] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5668] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5668] exit_group(0) = ? [pid 5668] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5668, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./293", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./293", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./293/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./293/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./293/binderfs") = 0 [ 139.754295][ T5668] REISERFS (device loop0): Using r5 hash to sort names [ 139.761438][ T5668] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./293/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./293/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./293/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./293/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./293/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./293/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./293") = 0 mkdir("./294", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5670 ./strace-static-x86_64: Process 5670 attached [pid 5670] chdir("./294") = 0 [pid 5670] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5670] setpgid(0, 0) = 0 [pid 5670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5670] write(3, "1000", 4) = 4 [pid 5670] close(3) = 0 [pid 5670] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5670] memfd_create("syzkaller", 0) = 3 [pid 5670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5670] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5670] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5670] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5670] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5670] close(3) = 0 [pid 5670] mkdir("./file1", 0777) = 0 [ 139.894352][ T5670] loop0: detected capacity change from 0 to 8192 [ 139.903816][ T5670] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 139.916882][ T5670] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 139.926052][ T5670] REISERFS (device loop0): using ordered data mode [ 139.932635][ T5670] reiserfs: using flush barriers [ 139.938706][ T5670] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 139.955143][ T5670] REISERFS (device loop0): checking transaction log (loop0) [pid 5670] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5670] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5670] chdir("./file1") = 0 [pid 5670] ioctl(4, LOOP_CLR_FD) = 0 [pid 5670] close(4) = 0 [pid 5670] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5670] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5670] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5670] exit_group(0) = ? [pid 5670] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5670, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./294", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./294", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./294/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./294/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./294/binderfs") = 0 [ 140.001525][ T5670] REISERFS (device loop0): Using r5 hash to sort names [ 140.008631][ T5670] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./294/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./294/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./294/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./294/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./294/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./294/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./294") = 0 mkdir("./295", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5672 ./strace-static-x86_64: Process 5672 attached [pid 5672] chdir("./295") = 0 [pid 5672] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5672] setpgid(0, 0) = 0 [pid 5672] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5672] write(3, "1000", 4) = 4 [pid 5672] close(3) = 0 [pid 5672] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5672] memfd_create("syzkaller", 0) = 3 [pid 5672] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5672] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5672] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5672] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5672] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5672] close(3) = 0 [pid 5672] mkdir("./file1", 0777) = 0 [ 140.143469][ T5672] loop0: detected capacity change from 0 to 8192 [ 140.154348][ T5672] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 140.167404][ T5672] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 140.176637][ T5672] REISERFS (device loop0): using ordered data mode [ 140.183187][ T5672] reiserfs: using flush barriers [ 140.189162][ T5672] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 140.205573][ T5672] REISERFS (device loop0): checking transaction log (loop0) [pid 5672] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5672] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5672] chdir("./file1") = 0 [pid 5672] ioctl(4, LOOP_CLR_FD) = 0 [pid 5672] close(4) = 0 [pid 5672] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5672] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5672] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5672] exit_group(0) = ? [pid 5672] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5672, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./295", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./295", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./295/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./295/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./295/binderfs") = 0 [ 140.252432][ T5672] REISERFS (device loop0): Using r5 hash to sort names [ 140.259835][ T5672] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./295/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./295/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./295/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./295/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./295/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./295/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./295") = 0 mkdir("./296", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5674 ./strace-static-x86_64: Process 5674 attached [pid 5674] chdir("./296") = 0 [pid 5674] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5674] setpgid(0, 0) = 0 [pid 5674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5674] write(3, "1000", 4) = 4 [pid 5674] close(3) = 0 [pid 5674] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5674] memfd_create("syzkaller", 0) = 3 [pid 5674] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5674] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5674] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5674] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5674] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5674] close(3) = 0 [pid 5674] mkdir("./file1", 0777) = 0 [ 140.378942][ T5674] loop0: detected capacity change from 0 to 8192 [ 140.389679][ T5674] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 140.402812][ T5674] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 140.412410][ T5674] REISERFS (device loop0): using ordered data mode [ 140.419159][ T5674] reiserfs: using flush barriers [ 140.425048][ T5674] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 140.441584][ T5674] REISERFS (device loop0): checking transaction log (loop0) [pid 5674] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5674] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5674] chdir("./file1") = 0 [pid 5674] ioctl(4, LOOP_CLR_FD) = 0 [pid 5674] close(4) = 0 [pid 5674] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5674] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5674] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5674] exit_group(0) = ? [pid 5674] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5674, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./296", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./296", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./296/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./296/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./296/binderfs") = 0 [ 140.488106][ T5674] REISERFS (device loop0): Using r5 hash to sort names [ 140.495567][ T5674] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./296/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./296/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./296/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./296/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./296/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./296/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./296") = 0 mkdir("./297", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5676 ./strace-static-x86_64: Process 5676 attached [pid 5676] chdir("./297") = 0 [pid 5676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5676] setpgid(0, 0) = 0 [pid 5676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5676] write(3, "1000", 4) = 4 [pid 5676] close(3) = 0 [pid 5676] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5676] memfd_create("syzkaller", 0) = 3 [pid 5676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5676] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5676] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5676] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5676] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5676] close(3) = 0 [pid 5676] mkdir("./file1", 0777) = 0 [ 140.615304][ T5676] loop0: detected capacity change from 0 to 8192 [ 140.624739][ T5676] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 140.638004][ T5676] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 140.647639][ T5676] REISERFS (device loop0): using ordered data mode [ 140.654406][ T5676] reiserfs: using flush barriers [ 140.660458][ T5676] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 140.677138][ T5676] REISERFS (device loop0): checking transaction log (loop0) [pid 5676] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5676] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5676] chdir("./file1") = 0 [pid 5676] ioctl(4, LOOP_CLR_FD) = 0 [pid 5676] close(4) = 0 [pid 5676] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5676] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5676] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5676] exit_group(0) = ? [pid 5676] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5676, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- umount2("./297", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./297", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./297/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./297/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./297/binderfs") = 0 [ 140.730949][ T5676] REISERFS (device loop0): Using r5 hash to sort names [ 140.738344][ T5676] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./297/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./297/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./297/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./297/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./297/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./297/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./297") = 0 mkdir("./298", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5678 ./strace-static-x86_64: Process 5678 attached [pid 5678] chdir("./298") = 0 [pid 5678] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5678] setpgid(0, 0) = 0 [pid 5678] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5678] write(3, "1000", 4) = 4 [pid 5678] close(3) = 0 [pid 5678] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5678] memfd_create("syzkaller", 0) = 3 [pid 5678] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5678] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5678] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5678] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5678] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5678] close(3) = 0 [pid 5678] mkdir("./file1", 0777) = 0 [ 140.877710][ T5678] loop0: detected capacity change from 0 to 8192 [ 140.887252][ T5678] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 140.900259][ T5678] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 140.909478][ T5678] REISERFS (device loop0): using ordered data mode [ 140.915990][ T5678] reiserfs: using flush barriers [ 140.921916][ T5678] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 140.938191][ T5678] REISERFS (device loop0): checking transaction log (loop0) [pid 5678] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5678] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5678] chdir("./file1") = 0 [pid 5678] ioctl(4, LOOP_CLR_FD) = 0 [pid 5678] close(4) = 0 [pid 5678] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5678] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5678] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5678] exit_group(0) = ? [pid 5678] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5678, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./298", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./298", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./298/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./298/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./298/binderfs") = 0 [ 140.988107][ T5678] REISERFS (device loop0): Using r5 hash to sort names [ 140.995512][ T5678] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./298/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./298/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./298/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./298/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./298/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./298/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./298") = 0 mkdir("./299", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5680 ./strace-static-x86_64: Process 5680 attached [pid 5680] chdir("./299") = 0 [pid 5680] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5680] setpgid(0, 0) = 0 [pid 5680] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5680] write(3, "1000", 4) = 4 [pid 5680] close(3) = 0 [pid 5680] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5680] memfd_create("syzkaller", 0) = 3 [pid 5680] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5680] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5680] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5680] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5680] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5680] close(3) = 0 [pid 5680] mkdir("./file1", 0777) = 0 [ 141.132485][ T5680] loop0: detected capacity change from 0 to 8192 [ 141.142528][ T5680] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 141.155547][ T5680] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 141.164793][ T5680] REISERFS (device loop0): using ordered data mode [ 141.171358][ T5680] reiserfs: using flush barriers [ 141.177175][ T5680] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 141.193512][ T5680] REISERFS (device loop0): checking transaction log (loop0) [pid 5680] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5680] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5680] chdir("./file1") = 0 [pid 5680] ioctl(4, LOOP_CLR_FD) = 0 [pid 5680] close(4) = 0 [pid 5680] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 141.242932][ T5680] REISERFS (device loop0): Using r5 hash to sort names [ 141.250340][ T5680] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 141.278895][ T5680] [ 141.281248][ T5680] ====================================================== [ 141.288243][ T5680] WARNING: possible circular locking dependency detected [ 141.295235][ T5680] 6.1.0-syzkaller-11674-g84e57d292203 #0 Not tainted [ 141.301883][ T5680] ------------------------------------------------------ [ 141.308874][ T5680] syz-executor385/5680 is trying to acquire lock: [ 141.315261][ T5680] ffff88801825c090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x77/0xd0 [ 141.324211][ T5680] [ 141.324211][ T5680] but task is already holding lock: [ 141.331553][ T5680] ffff88801c4ee198 (&mm->mmap_lock#2){++++}-{3:3}, at: vm_mmap_pgoff+0x14d/0x2b0 [ 141.340659][ T5680] [ 141.340659][ T5680] which lock already depends on the new lock. [ 141.340659][ T5680] [ 141.351040][ T5680] [ 141.351040][ T5680] the existing dependency chain (in reverse order) is: [ 141.360027][ T5680] [ 141.360027][ T5680] -> #1 (&mm->mmap_lock#2){++++}-{3:3}: [ 141.367736][ T5680] lock_acquire+0x182/0x3c0 [ 141.372755][ T5680] __might_fault+0xb2/0x110 [ 141.377775][ T5680] reiserfs_ioctl+0x11c/0x340 [ 141.382966][ T5680] __se_sys_ioctl+0xfb/0x170 [ 141.388071][ T5680] do_syscall_64+0x3d/0xb0 [ 141.393012][ T5680] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 141.399424][ T5680] [ 141.399424][ T5680] -> #0 (&sbi->lock){+.+.}-{3:3}: [ 141.406614][ T5680] validate_chain+0x1898/0x6ae0 [ 141.411979][ T5680] __lock_acquire+0x1292/0x1f60 [ 141.417332][ T5680] lock_acquire+0x182/0x3c0 [ 141.422337][ T5680] __mutex_lock_common+0x1bd/0x26e0 [ 141.428043][ T5680] mutex_lock_nested+0x17/0x20 [ 141.433308][ T5680] reiserfs_write_lock+0x77/0xd0 [ 141.438751][ T5680] reiserfs_dirty_inode+0xdf/0x230 [ 141.444364][ T5680] __mark_inode_dirty+0x1e7/0x600 [ 141.449973][ T5680] touch_atime+0x3d3/0x630 [ 141.454902][ T5680] generic_file_mmap+0xbb/0x120 [ 141.460262][ T5680] mmap_region+0xfe6/0x1e20 [ 141.465267][ T5680] do_mmap+0x8d9/0xf30 [ 141.469834][ T5680] vm_mmap_pgoff+0x19e/0x2b0 [ 141.474930][ T5680] ksys_mmap_pgoff+0x48c/0x6d0 [ 141.480193][ T5680] do_syscall_64+0x3d/0xb0 [ 141.485109][ T5680] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 141.491513][ T5680] [ 141.491513][ T5680] other info that might help us debug this: [ 141.491513][ T5680] [ 141.501722][ T5680] Possible unsafe locking scenario: [ 141.501722][ T5680] [ 141.509150][ T5680] CPU0 CPU1 [ 141.514492][ T5680] ---- ---- [ 141.519834][ T5680] lock(&mm->mmap_lock#2); [ 141.524318][ T5680] lock(&sbi->lock); [ 141.530796][ T5680] lock(&mm->mmap_lock#2); [ 141.537799][ T5680] lock(&sbi->lock); [ 141.541757][ T5680] [ 141.541757][ T5680] *** DEADLOCK *** [ 141.541757][ T5680] [ 141.549876][ T5680] 2 locks held by syz-executor385/5680: [ 141.555394][ T5680] #0: ffff88801c4ee198 (&mm->mmap_lock#2){++++}-{3:3}, at: vm_mmap_pgoff+0x14d/0x2b0 [ 141.564942][ T5680] #1: ffff888020cca460 (sb_writers#9){.+.+}-{0:0}, at: generic_file_mmap+0xbb/0x120 [ 141.574402][ T5680] [ 141.574402][ T5680] stack backtrace: [ 141.580271][ T5680] CPU: 1 PID: 5680 Comm: syz-executor385 Not tainted 6.1.0-syzkaller-11674-g84e57d292203 #0 [ 141.590318][ T5680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 141.600358][ T5680] Call Trace: [ 141.603622][ T5680] [ 141.606542][ T5680] dump_stack_lvl+0x1b1/0x290 [ 141.611211][ T5680] ? nf_tcp_handle_invalid+0x630/0x630 [ 141.616655][ T5680] ? print_circular_bug+0x13e/0x1c0 [ 141.621837][ T5680] check_noncircular+0x2cc/0x390 [ 141.626765][ T5680] ? add_chain_block+0x850/0x850 [ 141.631705][ T5680] ? add_lock_to_list+0x1c7/0x2d0 [ 141.636715][ T5680] validate_chain+0x1898/0x6ae0 [ 141.641553][ T5680] ? lockdep_unlock+0x144/0x2e0 [ 141.646383][ T5680] ? reacquire_held_locks+0x650/0x650 [ 141.651737][ T5680] ? add_lock_to_list+0x1c7/0x2d0 [ 141.656745][ T5680] ? validate_chain+0x1478/0x6ae0 [ 141.661756][ T5680] ? lockdep_unlock+0x144/0x2e0 [ 141.666586][ T5680] ? reacquire_held_locks+0x650/0x650 [ 141.671939][ T5680] ? add_lock_to_list+0x1c7/0x2d0 [ 141.676945][ T5680] ? validate_chain+0x1478/0x6ae0 [ 141.681957][ T5680] ? rcu_read_lock_sched_held+0x87/0x110 [ 141.687569][ T5680] ? reacquire_held_locks+0x650/0x650 [ 141.692921][ T5680] ? reacquire_held_locks+0x650/0x650 [ 141.698273][ T5680] ? reacquire_held_locks+0x650/0x650 [ 141.703635][ T5680] ? validate_chain+0x177/0x6ae0 [ 141.708553][ T5680] ? reacquire_held_locks+0x650/0x650 [ 141.713906][ T5680] ? validate_chain+0x177/0x6ae0 [ 141.718833][ T5680] ? validate_chain+0x177/0x6ae0 [ 141.723749][ T5680] ? reacquire_held_locks+0x650/0x650 [ 141.729101][ T5680] ? validate_chain+0x177/0x6ae0 [ 141.734023][ T5680] ? stack_trace_save+0x1e0/0x1e0 [ 141.739029][ T5680] ? rcu_read_lock_sched_held+0x87/0x110 [ 141.744644][ T5680] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 141.750604][ T5680] ? rcu_lock_release+0x5/0x20 [ 141.755356][ T5680] ? mas_wr_modify+0x8a2/0x6d60 [ 141.760190][ T5680] ? read_lock_is_recursive+0x10/0x10 [ 141.765544][ T5680] ? stack_trace_save+0x1e0/0x1e0 [ 141.770549][ T5680] ? rcu_read_lock_sched_held+0x87/0x110 [ 141.776165][ T5680] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 141.782125][ T5680] ? rcu_lock_release+0x5/0x20 [ 141.786871][ T5680] ? read_lock_is_recursive+0x10/0x10 [ 141.792246][ T5680] ? rcu_lock_release+0x5/0x20 [ 141.796991][ T5680] ? __lock_acquire+0x1f60/0x1f60 [ 141.802003][ T5680] ? deref_stack_reg+0x17a/0x210 [ 141.806921][ T5680] ? preempt_count_add+0x8d/0x180 [ 141.811928][ T5680] ? stack_trace_save+0x1e0/0x1e0 [ 141.816935][ T5680] ? is_bpf_text_address+0x253/0x270 [ 141.822203][ T5680] ? stack_trace_save+0x1e0/0x1e0 [ 141.827229][ T5680] ? rcu_read_lock_sched_held+0x87/0x110 [ 141.832839][ T5680] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 141.838800][ T5680] ? rcu_lock_release+0x5/0x20 [ 141.843547][ T5680] ? read_lock_is_recursive+0x10/0x10 [ 141.848909][ T5680] ? rcu_lock_release+0x5/0x20 [ 141.853655][ T5680] ? __lock_acquire+0x1f60/0x1f60 [ 141.858662][ T5680] ? deref_stack_reg+0x17a/0x210 [ 141.863581][ T5680] ? preempt_count_add+0x8d/0x180 [ 141.868590][ T5680] ? stack_trace_save+0x1e0/0x1e0 [ 141.873615][ T5680] ? is_bpf_text_address+0x253/0x270 [ 141.878888][ T5680] ? stack_trace_save+0x1e0/0x1e0 [ 141.883896][ T5680] ? mark_lock+0x9a/0x350 [ 141.888213][ T5680] ? rcu_read_lock_sched_held+0x87/0x110 [ 141.893829][ T5680] ? rcu_lock_release+0x5/0x20 [ 141.898589][ T5680] ? rcu_lock_release+0x5/0x20 [ 141.903363][ T5680] ? __lock_acquire+0x1f60/0x1f60 [ 141.908374][ T5680] ? stack_trace_save+0x1e0/0x1e0 [ 141.913388][ T5680] ? rcu_read_lock_sched_held+0x87/0x110 [ 141.919001][ T5680] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 141.924961][ T5680] ? mark_lock+0x9a/0x350 [ 141.929273][ T5680] __lock_acquire+0x1292/0x1f60 [ 141.934108][ T5680] lock_acquire+0x182/0x3c0 [ 141.938602][ T5680] ? reiserfs_write_lock+0x77/0xd0 [ 141.943712][ T5680] ? read_lock_is_recursive+0x10/0x10 [ 141.949065][ T5680] ? __might_sleep+0xc0/0xc0 [ 141.953634][ T5680] ? rcu_read_lock_sched_held+0x87/0x110 [ 141.959247][ T5680] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 141.965209][ T5680] __mutex_lock_common+0x1bd/0x26e0 [ 141.970399][ T5680] ? reiserfs_write_lock+0x77/0xd0 [ 141.975498][ T5680] ? mark_lock+0x9a/0x350 [ 141.979813][ T5680] ? reiserfs_write_lock+0x77/0xd0 [ 141.984906][ T5680] ? lockdep_hardirqs_on_prepare+0x428/0x790 [ 141.990954][ T5680] ? mutex_lock_io_nested+0x60/0x60 [ 141.996306][ T5680] ? print_irqtrace_events+0x220/0x220 [ 142.001745][ T5680] ? ktime_get_coarse_real_ts64+0x45/0x140 [ 142.007540][ T5680] ? lockdep_hardirqs_on+0x8d/0x130 [ 142.012724][ T5680] mutex_lock_nested+0x17/0x20 [ 142.017473][ T5680] reiserfs_write_lock+0x77/0xd0 [ 142.022391][ T5680] reiserfs_dirty_inode+0xdf/0x230 [ 142.027488][ T5680] ? reiserfs_free_inode+0x20/0x20 [ 142.032579][ T5680] ? rcu_read_lock_sched_held+0x87/0x110 [ 142.038195][ T5680] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 142.044155][ T5680] ? current_time+0x1ea/0x300 [ 142.048814][ T5680] ? reiserfs_free_inode+0x20/0x20 [ 142.053906][ T5680] __mark_inode_dirty+0x1e7/0x600 [ 142.058911][ T5680] ? generic_file_mmap+0xbb/0x120 [ 142.063923][ T5680] touch_atime+0x3d3/0x630 [ 142.068324][ T5680] ? current_time+0x300/0x300 [ 142.072981][ T5680] ? kmem_cache_alloc+0x20a/0x350 [ 142.078070][ T5680] ? vm_area_alloc+0x20/0xe0 [ 142.082641][ T5680] generic_file_mmap+0xbb/0x120 [ 142.087477][ T5680] mmap_region+0xfe6/0x1e20 [ 142.091963][ T5680] ? file_mmap_ok+0x150/0x150 [ 142.096620][ T5680] ? validate_mm+0x2a4/0x330 [ 142.101187][ T5680] ? cap_mmap_addr+0x164/0x2d0 [ 142.105935][ T5680] ? lock_page+0xb2/0x2b0 [ 142.110247][ T5680] do_mmap+0x8d9/0xf30 [ 142.114298][ T5680] ? mlock_future_check+0x100/0x100 [ 142.119476][ T5680] ? down_write+0x270/0x270 [ 142.123963][ T5680] ? apparmor_file_free_security+0xf0/0xf0 [ 142.129749][ T5680] ? bpf_lsm_mmap_file+0x5/0x10 [ 142.134595][ T5680] vm_mmap_pgoff+0x19e/0x2b0 [ 142.139254][ T5680] ? lockdep_hardirqs_on+0x8d/0x130 [ 142.144435][ T5680] ? account_locked_vm+0xd0/0xd0 [ 142.149353][ T5680] ksys_mmap_pgoff+0x48c/0x6d0 [ 142.154100][ T5680] do_syscall_64+0x3d/0xb0 [ 142.158498][ T5680] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 142.164372][ T5680] RIP: 0033:0x7f53cf293f79 [ 142.168768][ T5680] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 142.188353][ T5680] RSP: 002b:00007ffcd8b37098 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [pid 5680] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5680] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5680] exit_group(0) = ? [pid 5680] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5680, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- umount2("./299", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./299", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./299/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./299/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./299/binderfs") = 0 umount2("./299/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./299/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./299/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./299/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./299/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./299/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./299") = 0 mkdir("./300", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 142.196841][ T5680] RAX: ffffffffffffffda RBX: 00000000000225f7 RCX: 00007f53cf293f79 [ 142.204792][ T5680] RDX: 0000000000800001 RSI: 0000000000b36000 RDI: 0000000020000000 [ 142.212741][ T5680] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000000 [ 142.220692][ T5680] R10: 0000000000028011 R11: 0000000000000246 R12: 00007ffcd8b370cc [ 142.228644][ T5680] R13: 00007ffcd8b37100 R14: 00007ffcd8b370e0 R15: 000000000000012b [ 142.236598][ T5680] close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5682 ./strace-static-x86_64: Process 5682 attached [pid 5682] chdir("./300") = 0 [pid 5682] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5682] setpgid(0, 0) = 0 [pid 5682] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5682] write(3, "1000", 4) = 4 [pid 5682] close(3) = 0 [pid 5682] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5682] memfd_create("syzkaller", 0) = 3 [pid 5682] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5682] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5682] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5682] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5682] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5682] close(3) = 0 [pid 5682] mkdir("./file1", 0777) = 0 [ 142.309618][ T5682] loop0: detected capacity change from 0 to 8192 [ 142.318448][ T5682] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 142.331456][ T5682] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 142.340676][ T5682] REISERFS (device loop0): using ordered data mode [ 142.347214][ T5682] reiserfs: using flush barriers [ 142.352924][ T5682] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 142.369212][ T5682] REISERFS (device loop0): checking transaction log (loop0) [ 142.396745][ T5682] REISERFS (device loop0): Using r5 hash to sort names [pid 5682] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5682] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5682] chdir("./file1") = 0 [pid 5682] ioctl(4, LOOP_CLR_FD) = 0 [pid 5682] close(4) = 0 [pid 5682] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5682] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5682] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5682] exit_group(0) = ? [pid 5682] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5682, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./300", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./300", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./300/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./300/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./300/binderfs") = 0 umount2("./300/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./300/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./300/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./300/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./300/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./300/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./300") = 0 mkdir("./301", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 142.403897][ T5682] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5684 ./strace-static-x86_64: Process 5684 attached [pid 5684] chdir("./301") = 0 [pid 5684] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5684] setpgid(0, 0) = 0 [pid 5684] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5684] write(3, "1000", 4) = 4 [pid 5684] close(3) = 0 [pid 5684] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5684] memfd_create("syzkaller", 0) = 3 [pid 5684] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5684] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5684] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5684] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5684] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5684] close(3) = 0 [pid 5684] mkdir("./file1", 0777) = 0 [ 142.495962][ T5684] loop0: detected capacity change from 0 to 8192 [ 142.504564][ T5684] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 142.517757][ T5684] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 142.527289][ T5684] REISERFS (device loop0): using ordered data mode [ 142.533950][ T5684] reiserfs: using flush barriers [ 142.539717][ T5684] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 142.556304][ T5684] REISERFS (device loop0): checking transaction log (loop0) [pid 5684] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5684] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5684] chdir("./file1") = 0 [pid 5684] ioctl(4, LOOP_CLR_FD) = 0 [pid 5684] close(4) = 0 [pid 5684] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5684] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5684] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5684] exit_group(0) = ? [pid 5684] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5684, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./301", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./301", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./301/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./301/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./301/binderfs") = 0 umount2("./301/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./301/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./301/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./301/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./301/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./301/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./301") = 0 mkdir("./302", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5686 attached [pid 5686] chdir("./302") = 0 [pid 5686] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5686] setpgid(0, 0) = 0 [pid 5686] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... clone resumed>, child_tidptr=0x55555738c5d0) = 5686 [pid 5686] <... openat resumed>) = 3 [pid 5686] write(3, "1000", 4) = 4 [pid 5686] close(3) = 0 [pid 5686] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5686] memfd_create("syzkaller", 0) = 3 [pid 5686] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [ 142.595323][ T5684] REISERFS (device loop0): Using r5 hash to sort names [ 142.602402][ T5684] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5686] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5686] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5686] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5686] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5686] close(3) = 0 [pid 5686] mkdir("./file1", 0777) = 0 [ 142.689585][ T5686] loop0: detected capacity change from 0 to 8192 [ 142.698019][ T5686] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 142.711392][ T5686] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 142.720621][ T5686] REISERFS (device loop0): using ordered data mode [ 142.727152][ T5686] reiserfs: using flush barriers [ 142.732647][ T5686] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 142.749001][ T5686] REISERFS (device loop0): checking transaction log (loop0) [ 142.779146][ T5686] REISERFS (device loop0): Using r5 hash to sort names [pid 5686] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5686] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5686] chdir("./file1") = 0 [pid 5686] ioctl(4, LOOP_CLR_FD) = 0 [pid 5686] close(4) = 0 [pid 5686] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5686] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5686] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5686] exit_group(0) = ? [pid 5686] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5686, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./302", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./302", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./302/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./302/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./302/binderfs") = 0 [ 142.786169][ T5686] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./302/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./302/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./302/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./302/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./302/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./302/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./302") = 0 mkdir("./303", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5688 ./strace-static-x86_64: Process 5688 attached [pid 5688] chdir("./303") = 0 [pid 5688] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5688] setpgid(0, 0) = 0 [pid 5688] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5688] write(3, "1000", 4) = 4 [pid 5688] close(3) = 0 [pid 5688] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5688] memfd_create("syzkaller", 0) = 3 [pid 5688] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5688] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5688] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5688] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5688] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5688] close(3) = 0 [pid 5688] mkdir("./file1", 0777) = 0 [ 142.879865][ T5688] loop0: detected capacity change from 0 to 8192 [ 142.888359][ T5688] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 142.901377][ T5688] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 142.910624][ T5688] REISERFS (device loop0): using ordered data mode [ 142.917140][ T5688] reiserfs: using flush barriers [ 142.922728][ T5688] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 142.939059][ T5688] REISERFS (device loop0): checking transaction log (loop0) [ 142.968074][ T5688] REISERFS (device loop0): Using r5 hash to sort names [pid 5688] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5688] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5688] chdir("./file1") = 0 [pid 5688] ioctl(4, LOOP_CLR_FD) = 0 [pid 5688] close(4) = 0 [pid 5688] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5688] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5688] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5688] exit_group(0) = ? [pid 5688] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5688, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./303", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./303", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./303/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./303/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./303/binderfs") = 0 umount2("./303/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./303/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./303/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./303/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./303/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 142.975293][ T5688] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./303/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./303") = 0 mkdir("./304", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5690 attached , child_tidptr=0x55555738c5d0) = 5690 [pid 5690] chdir("./304") = 0 [pid 5690] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5690] setpgid(0, 0) = 0 [pid 5690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5690] write(3, "1000", 4) = 4 [pid 5690] close(3) = 0 [pid 5690] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5690] memfd_create("syzkaller", 0) = 3 [pid 5690] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5690] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5690] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5690] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5690] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5690] close(3) = 0 [pid 5690] mkdir("./file1", 0777) = 0 [ 143.061640][ T5690] loop0: detected capacity change from 0 to 8192 [ 143.070127][ T5690] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 143.083303][ T5690] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 143.092582][ T5690] REISERFS (device loop0): using ordered data mode [ 143.099133][ T5690] reiserfs: using flush barriers [ 143.104734][ T5690] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 143.121108][ T5690] REISERFS (device loop0): checking transaction log (loop0) [ 143.149178][ T5690] REISERFS (device loop0): Using r5 hash to sort names [pid 5690] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5690] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5690] chdir("./file1") = 0 [pid 5690] ioctl(4, LOOP_CLR_FD) = 0 [pid 5690] close(4) = 0 [pid 5690] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5690] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5690] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5690] exit_group(0) = ? [pid 5690] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5690, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- umount2("./304", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./304", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./304/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./304/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./304/binderfs") = 0 umount2("./304/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 143.156212][ T5690] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./304/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./304/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./304/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./304/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./304/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./304") = 0 mkdir("./305", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5692 attached , child_tidptr=0x55555738c5d0) = 5692 [pid 5692] chdir("./305") = 0 [pid 5692] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5692] setpgid(0, 0) = 0 [pid 5692] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5692] write(3, "1000", 4) = 4 [pid 5692] close(3) = 0 [pid 5692] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5692] memfd_create("syzkaller", 0) = 3 [pid 5692] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5692] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5692] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5692] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5692] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5692] close(3) = 0 [pid 5692] mkdir("./file1", 0777) = 0 [ 143.249558][ T5692] loop0: detected capacity change from 0 to 8192 [ 143.258953][ T5692] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 143.271929][ T5692] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 143.281127][ T5692] REISERFS (device loop0): using ordered data mode [ 143.287643][ T5692] reiserfs: using flush barriers [ 143.293077][ T5692] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 143.309437][ T5692] REISERFS (device loop0): checking transaction log (loop0) [ 143.339133][ T5692] REISERFS (device loop0): Using r5 hash to sort names [pid 5692] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5692] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5692] chdir("./file1") = 0 [pid 5692] ioctl(4, LOOP_CLR_FD) = 0 [pid 5692] close(4) = 0 [pid 5692] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5692] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5692] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5692] exit_group(0) = ? [pid 5692] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5692, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- umount2("./305", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./305", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./305/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./305/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./305/binderfs") = 0 umount2("./305/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./305/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./305/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./305/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./305/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 [ 143.346127][ T5692] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(4) = 0 rmdir("./305/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./305") = 0 mkdir("./306", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5694 ./strace-static-x86_64: Process 5694 attached [pid 5694] chdir("./306") = 0 [pid 5694] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5694] setpgid(0, 0) = 0 [pid 5694] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5694] write(3, "1000", 4) = 4 [pid 5694] close(3) = 0 [pid 5694] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5694] memfd_create("syzkaller", 0) = 3 [pid 5694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5694] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5694] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5694] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5694] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5694] close(3) = 0 [pid 5694] mkdir("./file1", 0777) = 0 [ 143.425920][ T5694] loop0: detected capacity change from 0 to 8192 [ 143.434499][ T5694] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 143.447659][ T5694] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 143.456852][ T5694] REISERFS (device loop0): using ordered data mode [ 143.463350][ T5694] reiserfs: using flush barriers [ 143.468899][ T5694] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 143.485370][ T5694] REISERFS (device loop0): checking transaction log (loop0) [ 143.515118][ T5694] REISERFS (device loop0): Using r5 hash to sort names [pid 5694] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5694] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5694] chdir("./file1") = 0 [pid 5694] ioctl(4, LOOP_CLR_FD) = 0 [pid 5694] close(4) = 0 [pid 5694] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5694] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5694] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5694] exit_group(0) = ? [pid 5694] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5694, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- umount2("./306", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./306", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./306/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./306/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./306/binderfs") = 0 umount2("./306/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./306/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./306/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./306/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./306/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./306/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 143.522127][ T5694] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./306") = 0 mkdir("./307", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5696 ./strace-static-x86_64: Process 5696 attached [pid 5696] chdir("./307") = 0 [pid 5696] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5696] setpgid(0, 0) = 0 [pid 5696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5696] write(3, "1000", 4) = 4 [pid 5696] close(3) = 0 [pid 5696] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5696] memfd_create("syzkaller", 0) = 3 [pid 5696] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5696] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5696] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5696] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5696] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5696] close(3) = 0 [pid 5696] mkdir("./file1", 0777) = 0 [ 143.611394][ T5696] loop0: detected capacity change from 0 to 8192 [ 143.620542][ T5696] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 143.633595][ T5696] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 143.642771][ T5696] REISERFS (device loop0): using ordered data mode [ 143.649293][ T5696] reiserfs: using flush barriers [ 143.654881][ T5696] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 143.671224][ T5696] REISERFS (device loop0): checking transaction log (loop0) [ 143.701021][ T5696] REISERFS (device loop0): Using r5 hash to sort names [pid 5696] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5696] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5696] chdir("./file1") = 0 [pid 5696] ioctl(4, LOOP_CLR_FD) = 0 [pid 5696] close(4) = 0 [pid 5696] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5696] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5696] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5696] exit_group(0) = ? [pid 5696] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5696, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- umount2("./307", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./307", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./307/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./307/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./307/binderfs") = 0 umount2("./307/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./307/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./307/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./307/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./307/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./307/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./307") = 0 mkdir("./308", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5698 ./strace-static-x86_64: Process 5698 attached [pid 5698] chdir("./308") = 0 [pid 5698] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5698] setpgid(0, 0) = 0 [pid 5698] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5698] write(3, "1000", 4) = 4 [pid 5698] close(3) = 0 [pid 5698] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5698] memfd_create("syzkaller", 0) = 3 [pid 5698] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [ 143.708244][ T5696] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5698] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5698] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5698] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5698] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5698] close(3) = 0 [pid 5698] mkdir("./file1", 0777) = 0 [ 143.801291][ T5698] loop0: detected capacity change from 0 to 8192 [ 143.810681][ T5698] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 143.823723][ T5698] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 143.832919][ T5698] REISERFS (device loop0): using ordered data mode [ 143.839456][ T5698] reiserfs: using flush barriers [ 143.845060][ T5698] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 143.861382][ T5698] REISERFS (device loop0): checking transaction log (loop0) [ 143.890050][ T5698] REISERFS (device loop0): Using r5 hash to sort names [pid 5698] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5698] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5698] chdir("./file1") = 0 [pid 5698] ioctl(4, LOOP_CLR_FD) = 0 [pid 5698] close(4) = 0 [pid 5698] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5698] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5698] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5698] exit_group(0) = ? [pid 5698] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5698, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./308", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./308", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./308/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./308/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./308/binderfs") = 0 [ 143.897270][ T5698] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./308/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./308/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./308/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./308/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./308/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./308/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./308") = 0 mkdir("./309", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5700 ./strace-static-x86_64: Process 5700 attached [pid 5700] chdir("./309") = 0 [pid 5700] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5700] setpgid(0, 0) = 0 [pid 5700] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5700] write(3, "1000", 4) = 4 [pid 5700] close(3) = 0 [pid 5700] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5700] memfd_create("syzkaller", 0) = 3 [pid 5700] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5700] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5700] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5700] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5700] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5700] close(3) = 0 [pid 5700] mkdir("./file1", 0777) = 0 [ 143.988722][ T5700] loop0: detected capacity change from 0 to 8192 [ 143.996750][ T5700] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.009803][ T5700] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 144.019015][ T5700] REISERFS (device loop0): using ordered data mode [ 144.025509][ T5700] reiserfs: using flush barriers [ 144.031103][ T5700] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.047529][ T5700] REISERFS (device loop0): checking transaction log (loop0) [ 144.075249][ T5700] REISERFS (device loop0): Using r5 hash to sort names [pid 5700] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5700] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5700] chdir("./file1") = 0 [pid 5700] ioctl(4, LOOP_CLR_FD) = 0 [pid 5700] close(4) = 0 [pid 5700] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5700] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5700] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5700] exit_group(0) = ? [pid 5700] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5700, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./309", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./309", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./309/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./309/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./309/binderfs") = 0 umount2("./309/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./309/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./309/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./309/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./309/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./309/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./309") = 0 mkdir("./310", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5702 ./strace-static-x86_64: Process 5702 attached [pid 5702] chdir("./310") = 0 [pid 5702] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5702] setpgid(0, 0) = 0 [pid 5702] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5702] write(3, "1000", 4) = 4 [pid 5702] close(3) = 0 [pid 5702] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5702] memfd_create("syzkaller", 0) = 3 [ 144.082406][ T5700] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5702] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5702] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5702] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5702] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5702] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5702] close(3) = 0 [pid 5702] mkdir("./file1", 0777) = 0 [ 144.165859][ T5702] loop0: detected capacity change from 0 to 8192 [ 144.174764][ T5702] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.188029][ T5702] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 144.197385][ T5702] REISERFS (device loop0): using ordered data mode [ 144.203873][ T5702] reiserfs: using flush barriers [ 144.209609][ T5702] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.225990][ T5702] REISERFS (device loop0): checking transaction log (loop0) [ 144.254391][ T5702] REISERFS (device loop0): Using r5 hash to sort names [pid 5702] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5702] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5702] chdir("./file1") = 0 [pid 5702] ioctl(4, LOOP_CLR_FD) = 0 [pid 5702] close(4) = 0 [pid 5702] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5702] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5702] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5702] exit_group(0) = ? [pid 5702] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5702, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./310", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./310", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./310/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./310/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./310/binderfs") = 0 [ 144.261440][ T5702] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./310/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./310/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./310/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./310/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./310/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./310/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./310") = 0 mkdir("./311", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5704 attached , child_tidptr=0x55555738c5d0) = 5704 [pid 5704] chdir("./311") = 0 [pid 5704] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5704] setpgid(0, 0) = 0 [pid 5704] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5704] write(3, "1000", 4) = 4 [pid 5704] close(3) = 0 [pid 5704] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5704] memfd_create("syzkaller", 0) = 3 [pid 5704] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5704] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5704] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5704] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5704] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5704] close(3) = 0 [pid 5704] mkdir("./file1", 0777) = 0 [ 144.356723][ T5704] loop0: detected capacity change from 0 to 8192 [ 144.365138][ T5704] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.378177][ T5704] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 144.387715][ T5704] REISERFS (device loop0): using ordered data mode [ 144.394204][ T5704] reiserfs: using flush barriers [ 144.399977][ T5704] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.416371][ T5704] REISERFS (device loop0): checking transaction log (loop0) [ 144.446547][ T5704] REISERFS (device loop0): Using r5 hash to sort names [pid 5704] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5704] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5704] chdir("./file1") = 0 [pid 5704] ioctl(4, LOOP_CLR_FD) = 0 [pid 5704] close(4) = 0 [pid 5704] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5704] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5704] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5704] exit_group(0) = ? [pid 5704] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5704, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./311", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./311", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./311/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./311/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./311/binderfs") = 0 umount2("./311/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./311/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./311/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./311/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./311/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./311/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./311") = 0 mkdir("./312", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5706 ./strace-static-x86_64: Process 5706 attached [pid 5706] chdir("./312") = 0 [pid 5706] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5706] setpgid(0, 0) = 0 [pid 5706] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5706] write(3, "1000", 4) = 4 [pid 5706] close(3) = 0 [pid 5706] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5706] memfd_create("syzkaller", 0) = 3 [pid 5706] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [ 144.453622][ T5704] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5706] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5706] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5706] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5706] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5706] close(3) = 0 [pid 5706] mkdir("./file1", 0777) = 0 [ 144.537295][ T5706] loop0: detected capacity change from 0 to 8192 [ 144.546113][ T5706] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.559147][ T5706] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 144.568317][ T5706] REISERFS (device loop0): using ordered data mode [ 144.574845][ T5706] reiserfs: using flush barriers [ 144.580530][ T5706] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.596829][ T5706] REISERFS (device loop0): checking transaction log (loop0) [ 144.624743][ T5706] REISERFS (device loop0): Using r5 hash to sort names [pid 5706] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5706] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5706] chdir("./file1") = 0 [pid 5706] ioctl(4, LOOP_CLR_FD) = 0 [pid 5706] close(4) = 0 [pid 5706] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5706] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5706] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5706] exit_group(0) = ? [pid 5706] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5706, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./312", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./312", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./312/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./312/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./312/binderfs") = 0 [ 144.631782][ T5706] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./312/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./312/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./312/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./312/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./312/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./312/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./312") = 0 mkdir("./313", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5708 ./strace-static-x86_64: Process 5708 attached [pid 5708] chdir("./313") = 0 [pid 5708] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5708] setpgid(0, 0) = 0 [pid 5708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5708] write(3, "1000", 4) = 4 [pid 5708] close(3) = 0 [pid 5708] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5708] memfd_create("syzkaller", 0) = 3 [pid 5708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5708] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5708] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5708] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5708] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5708] close(3) = 0 [pid 5708] mkdir("./file1", 0777) = 0 [ 144.728790][ T5708] loop0: detected capacity change from 0 to 8192 [ 144.737567][ T5708] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.750660][ T5708] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 144.760036][ T5708] REISERFS (device loop0): using ordered data mode [ 144.766656][ T5708] reiserfs: using flush barriers [ 144.772317][ T5708] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.788755][ T5708] REISERFS (device loop0): checking transaction log (loop0) [ 144.816070][ T5708] REISERFS (device loop0): Using r5 hash to sort names [pid 5708] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5708] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5708] chdir("./file1") = 0 [pid 5708] ioctl(4, LOOP_CLR_FD) = 0 [pid 5708] close(4) = 0 [pid 5708] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5708] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5708] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5708] exit_group(0) = ? [pid 5708] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5708, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./313", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./313", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./313/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./313/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./313/binderfs") = 0 [ 144.823088][ T5708] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./313/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./313/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./313/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./313/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./313/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./313/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./313") = 0 mkdir("./314", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5710 ./strace-static-x86_64: Process 5710 attached [pid 5710] chdir("./314") = 0 [pid 5710] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5710] setpgid(0, 0) = 0 [pid 5710] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5710] write(3, "1000", 4) = 4 [pid 5710] close(3) = 0 [pid 5710] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5710] memfd_create("syzkaller", 0) = 3 [pid 5710] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5710] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5710] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5710] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5710] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5710] close(3) = 0 [pid 5710] mkdir("./file1", 0777) = 0 [ 144.919990][ T5710] loop0: detected capacity change from 0 to 8192 [ 144.928146][ T5710] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 144.941154][ T5710] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 144.950341][ T5710] REISERFS (device loop0): using ordered data mode [ 144.956884][ T5710] reiserfs: using flush barriers [ 144.962605][ T5710] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.978864][ T5710] REISERFS (device loop0): checking transaction log (loop0) [ 145.007075][ T5710] REISERFS (device loop0): Using r5 hash to sort names [pid 5710] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5710] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5710] chdir("./file1") = 0 [pid 5710] ioctl(4, LOOP_CLR_FD) = 0 [pid 5710] close(4) = 0 [pid 5710] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5710] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5710] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5710] exit_group(0) = ? [pid 5710] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5710, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./314", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./314", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./314/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./314/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./314/binderfs") = 0 umount2("./314/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./314/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 145.014197][ T5710] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. lstat("./314/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./314/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./314/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./314/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./314") = 0 mkdir("./315", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5712 attached , child_tidptr=0x55555738c5d0) = 5712 [pid 5712] chdir("./315") = 0 [pid 5712] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5712] setpgid(0, 0) = 0 [pid 5712] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5712] write(3, "1000", 4) = 4 [pid 5712] close(3) = 0 [pid 5712] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5712] memfd_create("syzkaller", 0) = 3 [pid 5712] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5712] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5712] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5712] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5712] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5712] close(3) = 0 [pid 5712] mkdir("./file1", 0777) = 0 [ 145.110888][ T5712] loop0: detected capacity change from 0 to 8192 [ 145.119439][ T5712] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 145.132568][ T5712] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 145.141876][ T5712] REISERFS (device loop0): using ordered data mode [ 145.148493][ T5712] reiserfs: using flush barriers [ 145.153909][ T5712] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 145.170343][ T5712] REISERFS (device loop0): checking transaction log (loop0) [ 145.200976][ T5712] REISERFS (device loop0): Using r5 hash to sort names [pid 5712] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5712] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5712] chdir("./file1") = 0 [pid 5712] ioctl(4, LOOP_CLR_FD) = 0 [pid 5712] close(4) = 0 [pid 5712] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5712] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5712] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5712] exit_group(0) = ? [pid 5712] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5712, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./315", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./315", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./315/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./315/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./315/binderfs") = 0 umount2("./315/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./315/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./315/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./315/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./315/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./315/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./315") = 0 mkdir("./316", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5714 ./strace-static-x86_64: Process 5714 attached [pid 5714] chdir("./316") = 0 [pid 5714] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5714] setpgid(0, 0) = 0 [pid 5714] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5714] write(3, "1000", 4) = 4 [pid 5714] close(3) = 0 [pid 5714] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5714] memfd_create("syzkaller", 0) = 3 [pid 5714] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [ 145.208155][ T5712] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5714] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5714] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5714] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5714] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5714] close(3) = 0 [pid 5714] mkdir("./file1", 0777) = 0 [ 145.277769][ T5714] loop0: detected capacity change from 0 to 8192 [ 145.286174][ T5714] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 145.299559][ T5714] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 145.308862][ T5714] REISERFS (device loop0): using ordered data mode [ 145.315383][ T5714] reiserfs: using flush barriers [ 145.320970][ T5714] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 145.337254][ T5714] REISERFS (device loop0): checking transaction log (loop0) [ 145.364840][ T5714] REISERFS (device loop0): Using r5 hash to sort names [pid 5714] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5714] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5714] chdir("./file1") = 0 [pid 5714] ioctl(4, LOOP_CLR_FD) = 0 [pid 5714] close(4) = 0 [pid 5714] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5714] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5714] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5714] exit_group(0) = ? [pid 5714] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5714, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./316", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./316", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./316/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./316/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./316/binderfs") = 0 umount2("./316/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./316/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./316/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./316/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./316/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./316/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./316") = 0 mkdir("./317", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 145.371881][ T5714] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5716 ./strace-static-x86_64: Process 5716 attached [pid 5716] chdir("./317") = 0 [pid 5716] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5716] setpgid(0, 0) = 0 [pid 5716] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5716] write(3, "1000", 4) = 4 [pid 5716] close(3) = 0 [pid 5716] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5716] memfd_create("syzkaller", 0) = 3 [pid 5716] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5716] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5716] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5716] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5716] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5716] close(3) = 0 [pid 5716] mkdir("./file1", 0777) = 0 [ 145.454916][ T5716] loop0: detected capacity change from 0 to 8192 [ 145.463460][ T5716] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 145.476586][ T5716] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 145.485782][ T5716] REISERFS (device loop0): using ordered data mode [ 145.492290][ T5716] reiserfs: using flush barriers [ 145.497804][ T5716] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 145.514030][ T5716] REISERFS (device loop0): checking transaction log (loop0) [ 145.542108][ T5716] REISERFS (device loop0): Using r5 hash to sort names [pid 5716] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5716] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5716] chdir("./file1") = 0 [pid 5716] ioctl(4, LOOP_CLR_FD) = 0 [pid 5716] close(4) = 0 [pid 5716] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5716] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5716] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5716] exit_group(0) = ? [pid 5716] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5716, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./317", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./317", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./317/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./317/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./317/binderfs") = 0 umount2("./317/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./317/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./317/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./317/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./317/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 [ 145.549157][ T5716] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(4) = 0 rmdir("./317/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./317") = 0 mkdir("./318", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5718 ./strace-static-x86_64: Process 5718 attached [pid 5718] chdir("./318") = 0 [pid 5718] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5718] setpgid(0, 0) = 0 [pid 5718] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5718] write(3, "1000", 4) = 4 [pid 5718] close(3) = 0 [pid 5718] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5718] memfd_create("syzkaller", 0) = 3 [pid 5718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5718] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5718] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5718] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5718] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5718] close(3) = 0 [pid 5718] mkdir("./file1", 0777) = 0 [ 145.633679][ T5718] loop0: detected capacity change from 0 to 8192 [ 145.643304][ T5718] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 145.656503][ T5718] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 145.665771][ T5718] REISERFS (device loop0): using ordered data mode [ 145.672313][ T5718] reiserfs: using flush barriers [ 145.677889][ T5718] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 145.694201][ T5718] REISERFS (device loop0): checking transaction log (loop0) [ 145.721857][ T5718] REISERFS (device loop0): Using r5 hash to sort names [pid 5718] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5718] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5718] chdir("./file1") = 0 [pid 5718] ioctl(4, LOOP_CLR_FD) = 0 [pid 5718] close(4) = 0 [pid 5718] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5718] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5718] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5718] exit_group(0) = ? [pid 5718] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5718, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- umount2("./318", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./318", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./318/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./318/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./318/binderfs") = 0 umount2("./318/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./318/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./318/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./318/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./318/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./318/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./318") = 0 mkdir("./319", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 145.728989][ T5718] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5720 ./strace-static-x86_64: Process 5720 attached [pid 5720] chdir("./319") = 0 [pid 5720] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5720] setpgid(0, 0) = 0 [pid 5720] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5720] write(3, "1000", 4) = 4 [pid 5720] close(3) = 0 [pid 5720] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5720] memfd_create("syzkaller", 0) = 3 [pid 5720] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5720] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5720] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5720] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5720] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5720] close(3) = 0 [pid 5720] mkdir("./file1", 0777) = 0 [ 145.809936][ T5720] loop0: detected capacity change from 0 to 8192 [ 145.818116][ T5720] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 145.831282][ T5720] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 145.840666][ T5720] REISERFS (device loop0): using ordered data mode [ 145.847368][ T5720] reiserfs: using flush barriers [ 145.852912][ T5720] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 145.869388][ T5720] REISERFS (device loop0): checking transaction log (loop0) [ 145.899970][ T5720] REISERFS (device loop0): Using r5 hash to sort names [pid 5720] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5720] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5720] chdir("./file1") = 0 [pid 5720] ioctl(4, LOOP_CLR_FD) = 0 [pid 5720] close(4) = 0 [pid 5720] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5720] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5720] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5720] exit_group(0) = ? [pid 5720] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5720, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- umount2("./319", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./319", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./319/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./319/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./319/binderfs") = 0 umount2("./319/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./319/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./319/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./319/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./319/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./319/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./319") = 0 mkdir("./320", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5722 ./strace-static-x86_64: Process 5722 attached [pid 5722] chdir("./320") = 0 [pid 5722] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5722] setpgid(0, 0) = 0 [pid 5722] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5722] write(3, "1000", 4) = 4 [pid 5722] close(3) = 0 [pid 5722] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5722] memfd_create("syzkaller", 0) = 3 [pid 5722] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [ 145.906987][ T5720] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5722] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5722] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5722] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5722] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5722] close(3) = 0 [pid 5722] mkdir("./file1", 0777) = 0 [ 145.985506][ T5722] loop0: detected capacity change from 0 to 8192 [ 145.995303][ T5722] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 146.008335][ T5722] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 146.017538][ T5722] REISERFS (device loop0): using ordered data mode [ 146.024033][ T5722] reiserfs: using flush barriers [ 146.029607][ T5722] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.046001][ T5722] REISERFS (device loop0): checking transaction log (loop0) [ 146.073910][ T5722] REISERFS (device loop0): Using r5 hash to sort names [pid 5722] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5722] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5722] chdir("./file1") = 0 [pid 5722] ioctl(4, LOOP_CLR_FD) = 0 [pid 5722] close(4) = 0 [pid 5722] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5722] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5722] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5722] exit_group(0) = ? [pid 5722] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5722, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./320", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./320", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./320/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./320/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./320/binderfs") = 0 umount2("./320/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./320/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./320/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./320/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./320/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./320/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./320") = 0 [ 146.081119][ T5722] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. mkdir("./321", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5724 ./strace-static-x86_64: Process 5724 attached [pid 5724] chdir("./321") = 0 [pid 5724] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5724] setpgid(0, 0) = 0 [pid 5724] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5724] write(3, "1000", 4) = 4 [pid 5724] close(3) = 0 [pid 5724] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5724] memfd_create("syzkaller", 0) = 3 [pid 5724] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5724] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5724] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5724] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5724] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5724] close(3) = 0 [pid 5724] mkdir("./file1", 0777) = 0 [ 146.165031][ T5724] loop0: detected capacity change from 0 to 8192 [ 146.173960][ T5724] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 146.187002][ T5724] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 146.196153][ T5724] REISERFS (device loop0): using ordered data mode [ 146.202788][ T5724] reiserfs: using flush barriers [ 146.208438][ T5724] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.224723][ T5724] REISERFS (device loop0): checking transaction log (loop0) [ 146.254540][ T5724] REISERFS (device loop0): Using r5 hash to sort names [pid 5724] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5724] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5724] chdir("./file1") = 0 [pid 5724] ioctl(4, LOOP_CLR_FD) = 0 [pid 5724] close(4) = 0 [pid 5724] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5724] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5724] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5724] exit_group(0) = ? [pid 5724] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5724, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./321", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./321", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./321/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./321/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./321/binderfs") = 0 umount2("./321/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./321/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./321/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./321/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./321/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 146.261603][ T5724] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./321/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./321") = 0 mkdir("./322", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5726 ./strace-static-x86_64: Process 5726 attached [pid 5726] chdir("./322") = 0 [pid 5726] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5726] setpgid(0, 0) = 0 [pid 5726] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5726] write(3, "1000", 4) = 4 [pid 5726] close(3) = 0 [pid 5726] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5726] memfd_create("syzkaller", 0) = 3 [pid 5726] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5726] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5726] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5726] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5726] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5726] close(3) = 0 [pid 5726] mkdir("./file1", 0777) = 0 [ 146.346005][ T5726] loop0: detected capacity change from 0 to 8192 [ 146.354754][ T5726] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 146.367897][ T5726] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 146.377101][ T5726] REISERFS (device loop0): using ordered data mode [ 146.383602][ T5726] reiserfs: using flush barriers [ 146.389345][ T5726] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.405612][ T5726] REISERFS (device loop0): checking transaction log (loop0) [ 146.433172][ T5726] REISERFS (device loop0): Using r5 hash to sort names [pid 5726] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5726] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5726] chdir("./file1") = 0 [pid 5726] ioctl(4, LOOP_CLR_FD) = 0 [pid 5726] close(4) = 0 [pid 5726] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5726] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5726] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5726] exit_group(0) = ? [pid 5726] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5726, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./322", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./322", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./322/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./322/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./322/binderfs") = 0 umount2("./322/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./322/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./322/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./322/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./322/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 146.440461][ T5726] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./322/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./322") = 0 mkdir("./323", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5728 ./strace-static-x86_64: Process 5728 attached [pid 5728] chdir("./323") = 0 [pid 5728] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5728] setpgid(0, 0) = 0 [pid 5728] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5728] write(3, "1000", 4) = 4 [pid 5728] close(3) = 0 [pid 5728] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5728] memfd_create("syzkaller", 0) = 3 [pid 5728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5728] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5728] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5728] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5728] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5728] close(3) = 0 [pid 5728] mkdir("./file1", 0777) = 0 [ 146.523400][ T5728] loop0: detected capacity change from 0 to 8192 [ 146.533142][ T5728] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 146.546260][ T5728] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 146.555498][ T5728] REISERFS (device loop0): using ordered data mode [ 146.562033][ T5728] reiserfs: using flush barriers [ 146.567538][ T5728] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.583870][ T5728] REISERFS (device loop0): checking transaction log (loop0) [ 146.612862][ T5728] REISERFS (device loop0): Using r5 hash to sort names [pid 5728] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5728] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5728] chdir("./file1") = 0 [pid 5728] ioctl(4, LOOP_CLR_FD) = 0 [pid 5728] close(4) = 0 [pid 5728] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5728] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5728] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5728] exit_group(0) = ? [pid 5728] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5728, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./323", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./323", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./323/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./323/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./323/binderfs") = 0 umount2("./323/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./323/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./323/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./323/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./323/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./323/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./323") = 0 mkdir("./324", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 146.620005][ T5728] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5730 ./strace-static-x86_64: Process 5730 attached [pid 5730] chdir("./324") = 0 [pid 5730] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5730] setpgid(0, 0) = 0 [pid 5730] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5730] write(3, "1000", 4) = 4 [pid 5730] close(3) = 0 [pid 5730] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5730] memfd_create("syzkaller", 0) = 3 [pid 5730] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5730] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5730] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5730] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5730] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5730] close(3) = 0 [pid 5730] mkdir("./file1", 0777) = 0 [ 146.718385][ T5730] loop0: detected capacity change from 0 to 8192 [ 146.727519][ T5730] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 146.740635][ T5730] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 146.749988][ T5730] REISERFS (device loop0): using ordered data mode [ 146.756614][ T5730] reiserfs: using flush barriers [ 146.762308][ T5730] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.778837][ T5730] REISERFS (device loop0): checking transaction log (loop0) [ 146.807818][ T5730] REISERFS (device loop0): Using r5 hash to sort names [pid 5730] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5730] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5730] chdir("./file1") = 0 [pid 5730] ioctl(4, LOOP_CLR_FD) = 0 [pid 5730] close(4) = 0 [pid 5730] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5730] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5730] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5730] exit_group(0) = ? [pid 5730] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5730, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./324", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./324", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./324/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./324/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./324/binderfs") = 0 umount2("./324/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./324/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./324/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./324/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./324/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./324/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./324") = 0 mkdir("./325", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 146.814843][ T5730] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5732 ./strace-static-x86_64: Process 5732 attached [pid 5732] chdir("./325") = 0 [pid 5732] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5732] setpgid(0, 0) = 0 [pid 5732] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5732] write(3, "1000", 4) = 4 [pid 5732] close(3) = 0 [pid 5732] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5732] memfd_create("syzkaller", 0) = 3 [pid 5732] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5732] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5732] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5732] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5732] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5732] close(3) = 0 [pid 5732] mkdir("./file1", 0777) = 0 [ 146.889247][ T5732] loop0: detected capacity change from 0 to 8192 [ 146.897597][ T5732] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 146.910732][ T5732] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 146.919968][ T5732] REISERFS (device loop0): using ordered data mode [ 146.926471][ T5732] reiserfs: using flush barriers [ 146.932081][ T5732] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.948590][ T5732] REISERFS (device loop0): checking transaction log (loop0) [ 146.978768][ T5732] REISERFS (device loop0): Using r5 hash to sort names [pid 5732] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5732] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5732] chdir("./file1") = 0 [pid 5732] ioctl(4, LOOP_CLR_FD) = 0 [pid 5732] close(4) = 0 [pid 5732] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5732] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5732] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5732] exit_group(0) = ? [pid 5732] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5732, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./325", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./325", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./325/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./325/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./325/binderfs") = 0 [ 146.985896][ T5732] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./325/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./325/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./325/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./325/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./325/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./325/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./325") = 0 mkdir("./326", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5734 attached , child_tidptr=0x55555738c5d0) = 5734 [pid 5734] chdir("./326") = 0 [pid 5734] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5734] setpgid(0, 0) = 0 [pid 5734] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5734] write(3, "1000", 4) = 4 [pid 5734] close(3) = 0 [pid 5734] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5734] memfd_create("syzkaller", 0) = 3 [pid 5734] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5734] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5734] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5734] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5734] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5734] close(3) = 0 [pid 5734] mkdir("./file1", 0777) = 0 [ 147.081991][ T5734] loop0: detected capacity change from 0 to 8192 [ 147.091224][ T5734] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.104217][ T5734] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 147.113552][ T5734] REISERFS (device loop0): using ordered data mode [ 147.120079][ T5734] reiserfs: using flush barriers [ 147.125497][ T5734] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.141798][ T5734] REISERFS (device loop0): checking transaction log (loop0) [ 147.171229][ T5734] REISERFS (device loop0): Using r5 hash to sort names [pid 5734] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5734] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5734] chdir("./file1") = 0 [pid 5734] ioctl(4, LOOP_CLR_FD) = 0 [pid 5734] close(4) = 0 [pid 5734] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5734] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5734] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5734] exit_group(0) = ? [pid 5734] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5734, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- umount2("./326", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./326", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./326/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./326/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./326/binderfs") = 0 umount2("./326/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 147.178302][ T5734] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./326/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./326/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./326/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./326/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./326/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./326") = 0 mkdir("./327", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5736 ./strace-static-x86_64: Process 5736 attached [pid 5736] chdir("./327") = 0 [pid 5736] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5736] setpgid(0, 0) = 0 [pid 5736] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5736] write(3, "1000", 4) = 4 [pid 5736] close(3) = 0 [pid 5736] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5736] memfd_create("syzkaller", 0) = 3 [pid 5736] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5736] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5736] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5736] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5736] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5736] close(3) = 0 [pid 5736] mkdir("./file1", 0777) = 0 [ 147.271109][ T5736] loop0: detected capacity change from 0 to 8192 [ 147.280275][ T5736] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.293579][ T5736] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 147.302892][ T5736] REISERFS (device loop0): using ordered data mode [ 147.309525][ T5736] reiserfs: using flush barriers [ 147.315037][ T5736] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.331696][ T5736] REISERFS (device loop0): checking transaction log (loop0) [pid 5736] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5736] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5736] chdir("./file1") = 0 [pid 5736] ioctl(4, LOOP_CLR_FD) = 0 [pid 5736] close(4) = 0 [pid 5736] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5736] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5736] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5736] exit_group(0) = ? [pid 5736] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5736, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- umount2("./327", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./327", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./327/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./327/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./327/binderfs") = 0 umount2("./327/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./327/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./327/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./327/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./327/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./327/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./327") = 0 mkdir("./328", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 147.361986][ T5736] REISERFS (device loop0): Using r5 hash to sort names [ 147.369000][ T5736] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5738 ./strace-static-x86_64: Process 5738 attached [pid 5738] chdir("./328") = 0 [pid 5738] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5738] setpgid(0, 0) = 0 [pid 5738] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5738] write(3, "1000", 4) = 4 [pid 5738] close(3) = 0 [pid 5738] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5738] memfd_create("syzkaller", 0) = 3 [pid 5738] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5738] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5738] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5738] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5738] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5738] close(3) = 0 [pid 5738] mkdir("./file1", 0777) = 0 [ 147.459151][ T5738] loop0: detected capacity change from 0 to 8192 [ 147.467939][ T5738] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.480927][ T5738] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 147.490172][ T5738] REISERFS (device loop0): using ordered data mode [ 147.497567][ T5738] reiserfs: using flush barriers [ 147.503108][ T5738] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.519439][ T5738] REISERFS (device loop0): checking transaction log (loop0) [ 147.547752][ T5738] REISERFS (device loop0): Using r5 hash to sort names [pid 5738] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5738] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5738] chdir("./file1") = 0 [pid 5738] ioctl(4, LOOP_CLR_FD) = 0 [pid 5738] close(4) = 0 [pid 5738] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5738] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5738] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5738] exit_group(0) = ? [pid 5738] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5738, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./328", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./328", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./328/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./328/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./328/binderfs") = 0 [ 147.554801][ T5738] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./328/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./328/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./328/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./328/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./328/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./328/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./328") = 0 mkdir("./329", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5740 ./strace-static-x86_64: Process 5740 attached [pid 5740] chdir("./329") = 0 [pid 5740] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5740] setpgid(0, 0) = 0 [pid 5740] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5740] write(3, "1000", 4) = 4 [pid 5740] close(3) = 0 [pid 5740] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5740] memfd_create("syzkaller", 0) = 3 [pid 5740] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5740] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5740] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5740] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5740] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5740] close(3) = 0 [pid 5740] mkdir("./file1", 0777) = 0 [ 147.640129][ T5740] loop0: detected capacity change from 0 to 8192 [ 147.649576][ T5740] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.662645][ T5740] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 147.672183][ T5740] REISERFS (device loop0): using ordered data mode [ 147.678823][ T5740] reiserfs: using flush barriers [ 147.684373][ T5740] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.700810][ T5740] REISERFS (device loop0): checking transaction log (loop0) [pid 5740] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5740] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5740] chdir("./file1") = 0 [pid 5740] ioctl(4, LOOP_CLR_FD) = 0 [pid 5740] close(4) = 0 [pid 5740] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5740] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5740] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5740] exit_group(0) = ? [pid 5740] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5740, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- umount2("./329", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./329", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./329/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./329/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./329/binderfs") = 0 umount2("./329/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./329/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./329/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./329/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./329/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./329/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./329") = 0 mkdir("./330", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 147.731044][ T5740] REISERFS (device loop0): Using r5 hash to sort names [ 147.738203][ T5740] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5742 attached [pid 5742] chdir("./330" [pid 5073] <... clone resumed>, child_tidptr=0x55555738c5d0) = 5742 [pid 5742] <... chdir resumed>) = 0 [pid 5742] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5742] setpgid(0, 0) = 0 [pid 5742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5742] write(3, "1000", 4) = 4 [pid 5742] close(3) = 0 [pid 5742] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5742] memfd_create("syzkaller", 0) = 3 [pid 5742] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5742] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5742] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5742] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5742] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5742] close(3) = 0 [pid 5742] mkdir("./file1", 0777) = 0 [ 147.827944][ T5742] loop0: detected capacity change from 0 to 8192 [ 147.836199][ T5742] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 147.849268][ T5742] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 147.858506][ T5742] REISERFS (device loop0): using ordered data mode [ 147.864990][ T5742] reiserfs: using flush barriers [ 147.870583][ T5742] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 147.886906][ T5742] REISERFS (device loop0): checking transaction log (loop0) [ 147.914383][ T5742] REISERFS (device loop0): Using r5 hash to sort names [pid 5742] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5742] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5742] chdir("./file1") = 0 [pid 5742] ioctl(4, LOOP_CLR_FD) = 0 [pid 5742] close(4) = 0 [pid 5742] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5742] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5742] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5742] exit_group(0) = ? [pid 5742] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5742, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./330", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./330", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./330/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./330/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./330/binderfs") = 0 umount2("./330/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./330/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./330/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./330/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./330/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./330/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./330") = 0 mkdir("./331", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5744 ./strace-static-x86_64: Process 5744 attached [pid 5744] chdir("./331") = 0 [pid 5744] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5744] setpgid(0, 0) = 0 [pid 5744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5744] write(3, "1000", 4) = 4 [ 147.921521][ T5742] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5744] close(3) = 0 [pid 5744] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5744] memfd_create("syzkaller", 0) = 3 [pid 5744] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5744] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5744] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5744] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5744] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5744] close(3) = 0 [pid 5744] mkdir("./file1", 0777) = 0 [ 147.998720][ T5744] loop0: detected capacity change from 0 to 8192 [ 148.007264][ T5744] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 148.020251][ T5744] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 148.029457][ T5744] REISERFS (device loop0): using ordered data mode [ 148.035973][ T5744] reiserfs: using flush barriers [ 148.041520][ T5744] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 148.057765][ T5744] REISERFS (device loop0): checking transaction log (loop0) [pid 5744] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5744] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5744] chdir("./file1") = 0 [pid 5744] ioctl(4, LOOP_CLR_FD) = 0 [pid 5744] close(4) = 0 [pid 5744] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5744] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5744] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5744] exit_group(0) = ? [pid 5744] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5744, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./331", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./331", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./331/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./331/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./331/binderfs") = 0 umount2("./331/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./331/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./331/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./331/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./331/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./331/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./331") = 0 mkdir("./332", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 148.089119][ T5744] REISERFS (device loop0): Using r5 hash to sort names [ 148.096239][ T5744] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5746 ./strace-static-x86_64: Process 5746 attached [pid 5746] chdir("./332") = 0 [pid 5746] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5746] setpgid(0, 0) = 0 [pid 5746] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5746] write(3, "1000", 4) = 4 [pid 5746] close(3) = 0 [pid 5746] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5746] memfd_create("syzkaller", 0) = 3 [pid 5746] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5746] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5746] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5746] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5746] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5746] close(3) = 0 [pid 5746] mkdir("./file1", 0777) = 0 [ 148.183151][ T5746] loop0: detected capacity change from 0 to 8192 [ 148.191952][ T5746] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 148.205000][ T5746] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 148.214273][ T5746] REISERFS (device loop0): using ordered data mode [ 148.220781][ T5746] reiserfs: using flush barriers [ 148.226233][ T5746] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 148.242652][ T5746] REISERFS (device loop0): checking transaction log (loop0) [ 148.273232][ T5746] REISERFS (device loop0): Using r5 hash to sort names [pid 5746] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5746] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5746] chdir("./file1") = 0 [pid 5746] ioctl(4, LOOP_CLR_FD) = 0 [pid 5746] close(4) = 0 [pid 5746] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5746] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5746] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5746] exit_group(0) = ? [pid 5746] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5746, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./332", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./332", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./332/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./332/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./332/binderfs") = 0 umount2("./332/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./332/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./332/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./332/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./332/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./332/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./332") = 0 mkdir("./333", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5748 ./strace-static-x86_64: Process 5748 attached [pid 5748] chdir("./333") = 0 [pid 5748] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5748] setpgid(0, 0) = 0 [pid 5748] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5748] write(3, "1000", 4) = 4 [pid 5748] close(3) = 0 [pid 5748] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5748] memfd_create("syzkaller", 0) = 3 [pid 5748] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [ 148.280229][ T5746] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5748] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5748] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5748] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5748] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5748] close(3) = 0 [pid 5748] mkdir("./file1", 0777) = 0 [ 148.365457][ T5748] loop0: detected capacity change from 0 to 8192 [ 148.374731][ T5748] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 148.388157][ T5748] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 148.397513][ T5748] REISERFS (device loop0): using ordered data mode [ 148.404014][ T5748] reiserfs: using flush barriers [ 148.409694][ T5748] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 148.426055][ T5748] REISERFS (device loop0): checking transaction log (loop0) [pid 5748] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5748] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5748] chdir("./file1") = 0 [pid 5748] ioctl(4, LOOP_CLR_FD) = 0 [pid 5748] close(4) = 0 [pid 5748] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5748] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5748] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5748] exit_group(0) = ? [pid 5748] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5748, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./333", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./333", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./333/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./333/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./333/binderfs") = 0 umount2("./333/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./333/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./333/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./333/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./333/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./333/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./333") = 0 mkdir("./334", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 148.456467][ T5748] REISERFS (device loop0): Using r5 hash to sort names [ 148.463747][ T5748] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5750 ./strace-static-x86_64: Process 5750 attached [pid 5750] chdir("./334") = 0 [pid 5750] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5750] setpgid(0, 0) = 0 [pid 5750] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5750] write(3, "1000", 4) = 4 [pid 5750] close(3) = 0 [pid 5750] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5750] memfd_create("syzkaller", 0) = 3 [pid 5750] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5750] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5750] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5750] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5750] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5750] close(3) = 0 [pid 5750] mkdir("./file1", 0777) = 0 [ 148.550908][ T5750] loop0: detected capacity change from 0 to 8192 [ 148.560102][ T5750] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 148.573446][ T5750] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 148.582757][ T5750] REISERFS (device loop0): using ordered data mode [ 148.589287][ T5750] reiserfs: using flush barriers [ 148.594821][ T5750] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 148.611205][ T5750] REISERFS (device loop0): checking transaction log (loop0) [ 148.641244][ T5750] REISERFS (device loop0): Using r5 hash to sort names [pid 5750] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5750] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5750] chdir("./file1") = 0 [pid 5750] ioctl(4, LOOP_CLR_FD) = 0 [pid 5750] close(4) = 0 [pid 5750] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5750] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5750] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5750] exit_group(0) = ? [pid 5750] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5750, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./334", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./334", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./334/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./334/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./334/binderfs") = 0 umount2("./334/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./334/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./334/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./334/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./334/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./334/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 [ 148.648281][ T5750] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 rmdir("./334") = 0 mkdir("./335", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5752 ./strace-static-x86_64: Process 5752 attached [pid 5752] chdir("./335") = 0 [pid 5752] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5752] setpgid(0, 0) = 0 [pid 5752] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5752] write(3, "1000", 4) = 4 [pid 5752] close(3) = 0 [pid 5752] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5752] memfd_create("syzkaller", 0) = 3 [pid 5752] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5752] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5752] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5752] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5752] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5752] close(3) = 0 [pid 5752] mkdir("./file1", 0777) = 0 [ 148.750290][ T5752] loop0: detected capacity change from 0 to 8192 [ 148.759190][ T5752] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 148.772207][ T5752] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 148.781391][ T5752] REISERFS (device loop0): using ordered data mode [ 148.787919][ T5752] reiserfs: using flush barriers [ 148.793507][ T5752] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 148.810904][ T5752] REISERFS (device loop0): checking transaction log (loop0) [pid 5752] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5752] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5752] chdir("./file1") = 0 [pid 5752] ioctl(4, LOOP_CLR_FD) = 0 [pid 5752] close(4) = 0 [pid 5752] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5752] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5752] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5752] exit_group(0) = ? [pid 5752] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5752, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./335", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./335", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./335/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./335/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./335/binderfs") = 0 umount2("./335/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./335/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./335/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./335/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./335/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./335/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./335") = 0 mkdir("./336", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5754 ./strace-static-x86_64: Process 5754 attached [pid 5754] chdir("./336") = 0 [pid 5754] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5754] setpgid(0, 0) = 0 [ 148.840638][ T5752] REISERFS (device loop0): Using r5 hash to sort names [ 148.847748][ T5752] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5754] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5754] write(3, "1000", 4) = 4 [pid 5754] close(3) = 0 [pid 5754] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5754] memfd_create("syzkaller", 0) = 3 [pid 5754] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5754] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5754] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5754] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5754] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5754] close(3) = 0 [pid 5754] mkdir("./file1", 0777) = 0 [ 148.934085][ T5754] loop0: detected capacity change from 0 to 8192 [ 148.942639][ T5754] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 148.955630][ T5754] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 148.964802][ T5754] REISERFS (device loop0): using ordered data mode [ 148.971329][ T5754] reiserfs: using flush barriers [ 148.976864][ T5754] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 148.993253][ T5754] REISERFS (device loop0): checking transaction log (loop0) [ 149.020621][ T5754] REISERFS (device loop0): Using r5 hash to sort names [pid 5754] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5754] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5754] chdir("./file1") = 0 [pid 5754] ioctl(4, LOOP_CLR_FD) = 0 [pid 5754] close(4) = 0 [pid 5754] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5754] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5754] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5754] exit_group(0) = ? [pid 5754] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5754, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./336", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./336", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./336/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./336/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./336/binderfs") = 0 umount2("./336/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./336/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./336/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 149.027722][ T5754] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./336/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./336/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./336/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./336") = 0 mkdir("./337", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5756 ./strace-static-x86_64: Process 5756 attached [pid 5756] chdir("./337") = 0 [pid 5756] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5756] setpgid(0, 0) = 0 [pid 5756] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5756] write(3, "1000", 4) = 4 [pid 5756] close(3) = 0 [pid 5756] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5756] memfd_create("syzkaller", 0) = 3 [pid 5756] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5756] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5756] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5756] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5756] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5756] close(3) = 0 [pid 5756] mkdir("./file1", 0777) = 0 [ 149.114884][ T5756] loop0: detected capacity change from 0 to 8192 [ 149.124079][ T5756] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 149.137153][ T5756] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 149.146304][ T5756] REISERFS (device loop0): using ordered data mode [ 149.152958][ T5756] reiserfs: using flush barriers [ 149.158554][ T5756] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 149.174815][ T5756] REISERFS (device loop0): checking transaction log (loop0) [ 149.204958][ T5756] REISERFS (device loop0): Using r5 hash to sort names [pid 5756] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5756] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5756] chdir("./file1") = 0 [pid 5756] ioctl(4, LOOP_CLR_FD) = 0 [pid 5756] close(4) = 0 [pid 5756] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5756] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5756] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5756] exit_group(0) = ? [pid 5756] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5756, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./337", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./337", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./337/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./337/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./337/binderfs") = 0 umount2("./337/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./337/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./337/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./337/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./337/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./337/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./337") = 0 mkdir("./338", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 149.212040][ T5756] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5758 ./strace-static-x86_64: Process 5758 attached [pid 5758] chdir("./338") = 0 [pid 5758] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5758] setpgid(0, 0) = 0 [pid 5758] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5758] write(3, "1000", 4) = 4 [pid 5758] close(3) = 0 [pid 5758] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5758] memfd_create("syzkaller", 0) = 3 [pid 5758] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5758] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5758] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5758] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5758] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5758] close(3) = 0 [pid 5758] mkdir("./file1", 0777) = 0 [ 149.321894][ T5758] loop0: detected capacity change from 0 to 8192 [ 149.330385][ T5758] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 149.343376][ T5758] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 149.352540][ T5758] REISERFS (device loop0): using ordered data mode [ 149.359058][ T5758] reiserfs: using flush barriers [ 149.364658][ T5758] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 149.381043][ T5758] REISERFS (device loop0): checking transaction log (loop0) [ 149.411059][ T5758] REISERFS (device loop0): Using r5 hash to sort names [pid 5758] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5758] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5758] chdir("./file1") = 0 [pid 5758] ioctl(4, LOOP_CLR_FD) = 0 [pid 5758] close(4) = 0 [pid 5758] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5758] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5758] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5758] exit_group(0) = ? [pid 5758] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5758, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- umount2("./338", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./338", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./338/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./338/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./338/binderfs") = 0 umount2("./338/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./338/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./338/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./338/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./338/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 149.418084][ T5758] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./338/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./338") = 0 mkdir("./339", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5760 attached , child_tidptr=0x55555738c5d0) = 5760 [pid 5760] chdir("./339") = 0 [pid 5760] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5760] setpgid(0, 0) = 0 [pid 5760] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5760] write(3, "1000", 4) = 4 [pid 5760] close(3) = 0 [pid 5760] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5760] memfd_create("syzkaller", 0) = 3 [pid 5760] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5760] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5760] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5760] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5760] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5760] close(3) = 0 [pid 5760] mkdir("./file1", 0777) = 0 [ 149.507348][ T5760] loop0: detected capacity change from 0 to 8192 [ 149.516061][ T5760] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 149.529206][ T5760] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 149.538568][ T5760] REISERFS (device loop0): using ordered data mode [ 149.545186][ T5760] reiserfs: using flush barriers [ 149.550851][ T5760] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 149.567327][ T5760] REISERFS (device loop0): checking transaction log (loop0) [ 149.596453][ T5760] REISERFS (device loop0): Using r5 hash to sort names [pid 5760] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5760] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5760] chdir("./file1") = 0 [pid 5760] ioctl(4, LOOP_CLR_FD) = 0 [pid 5760] close(4) = 0 [pid 5760] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5760] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5760] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5760] exit_group(0) = ? [pid 5760] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5760, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./339", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./339", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./339/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./339/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./339/binderfs") = 0 [ 149.603477][ T5760] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./339/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./339/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./339/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./339/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./339/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./339/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./339") = 0 mkdir("./340", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5762 ./strace-static-x86_64: Process 5762 attached [pid 5762] chdir("./340") = 0 [pid 5762] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5762] setpgid(0, 0) = 0 [pid 5762] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5762] write(3, "1000", 4) = 4 [pid 5762] close(3) = 0 [pid 5762] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5762] memfd_create("syzkaller", 0) = 3 [pid 5762] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5762] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5762] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5762] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5762] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5762] close(3) = 0 [pid 5762] mkdir("./file1", 0777) = 0 [ 149.705386][ T5762] loop0: detected capacity change from 0 to 8192 [ 149.713793][ T5762] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 149.726797][ T5762] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 149.735955][ T5762] REISERFS (device loop0): using ordered data mode [ 149.742486][ T5762] reiserfs: using flush barriers [ 149.748150][ T5762] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 149.764401][ T5762] REISERFS (device loop0): checking transaction log (loop0) [ 149.793302][ T5762] REISERFS (device loop0): Using r5 hash to sort names [pid 5762] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5762] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5762] chdir("./file1") = 0 [pid 5762] ioctl(4, LOOP_CLR_FD) = 0 [pid 5762] close(4) = 0 [pid 5762] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5762] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5762] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5762] exit_group(0) = ? [pid 5762] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5762, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./340", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./340", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./340/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./340/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./340/binderfs") = 0 umount2("./340/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./340/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./340/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./340/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./340/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 149.800350][ T5762] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. rmdir("./340/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./340") = 0 mkdir("./341", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5764 ./strace-static-x86_64: Process 5764 attached [pid 5764] chdir("./341") = 0 [pid 5764] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5764] setpgid(0, 0) = 0 [pid 5764] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5764] write(3, "1000", 4) = 4 [pid 5764] close(3) = 0 [pid 5764] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5764] memfd_create("syzkaller", 0) = 3 [pid 5764] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5764] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5764] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5764] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5764] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5764] close(3) = 0 [pid 5764] mkdir("./file1", 0777) = 0 [ 149.888344][ T5764] loop0: detected capacity change from 0 to 8192 [ 149.896416][ T5764] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 149.909628][ T5764] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 149.918934][ T5764] REISERFS (device loop0): using ordered data mode [ 149.925421][ T5764] reiserfs: using flush barriers [ 149.931134][ T5764] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 149.947507][ T5764] REISERFS (device loop0): checking transaction log (loop0) [ 149.977064][ T5764] REISERFS (device loop0): Using r5 hash to sort names [pid 5764] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5764] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5764] chdir("./file1") = 0 [pid 5764] ioctl(4, LOOP_CLR_FD) = 0 [pid 5764] close(4) = 0 [pid 5764] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5764] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5764] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5764] exit_group(0) = ? [pid 5764] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5764, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./341", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./341", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./341/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./341/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./341/binderfs") = 0 umount2("./341/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./341/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./341/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 149.984067][ T5764] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. umount2("./341/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./341/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./341/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./341") = 0 mkdir("./342", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5766 ./strace-static-x86_64: Process 5766 attached [pid 5766] chdir("./342") = 0 [pid 5766] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5766] setpgid(0, 0) = 0 [pid 5766] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5766] write(3, "1000", 4) = 4 [pid 5766] close(3) = 0 [pid 5766] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5766] memfd_create("syzkaller", 0) = 3 [pid 5766] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5766] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5766] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5766] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5766] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5766] close(3) = 0 [pid 5766] mkdir("./file1", 0777) = 0 [ 150.072474][ T5766] loop0: detected capacity change from 0 to 8192 [ 150.080948][ T5766] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.094064][ T5766] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 150.103478][ T5766] REISERFS (device loop0): using ordered data mode [ 150.110184][ T5766] reiserfs: using flush barriers [ 150.115672][ T5766] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.132127][ T5766] REISERFS (device loop0): checking transaction log (loop0) [ 150.161706][ T5766] REISERFS (device loop0): Using r5 hash to sort names [pid 5766] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5766] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5766] chdir("./file1") = 0 [pid 5766] ioctl(4, LOOP_CLR_FD) = 0 [pid 5766] close(4) = 0 [pid 5766] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5766] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5766] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5766] exit_group(0) = ? [pid 5766] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5766, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./342", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./342", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./342/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./342/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./342/binderfs") = 0 umount2("./342/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./342/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./342/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./342/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./342/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 150.168795][ T5766] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./342/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./342") = 0 mkdir("./343", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5768 ./strace-static-x86_64: Process 5768 attached [pid 5768] chdir("./343") = 0 [pid 5768] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5768] setpgid(0, 0) = 0 [pid 5768] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5768] write(3, "1000", 4) = 4 [pid 5768] close(3) = 0 [pid 5768] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5768] memfd_create("syzkaller", 0) = 3 [pid 5768] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5768] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5768] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5768] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5768] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5768] close(3) = 0 [pid 5768] mkdir("./file1", 0777) = 0 [ 150.257125][ T5768] loop0: detected capacity change from 0 to 8192 [ 150.266413][ T5768] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.279623][ T5768] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 150.288990][ T5768] REISERFS (device loop0): using ordered data mode [ 150.295493][ T5768] reiserfs: using flush barriers [ 150.301126][ T5768] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.317812][ T5768] REISERFS (device loop0): checking transaction log (loop0) [ 150.345494][ T5768] REISERFS (device loop0): Using r5 hash to sort names [pid 5768] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5768] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5768] chdir("./file1") = 0 [pid 5768] ioctl(4, LOOP_CLR_FD) = 0 [pid 5768] close(4) = 0 [pid 5768] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5768] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5768] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5768] exit_group(0) = ? [pid 5768] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5768, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- umount2("./343", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./343", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./343/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./343/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./343/binderfs") = 0 umount2("./343/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./343/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./343/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./343/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./343/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 [ 150.352525][ T5768] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./343/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./343") = 0 mkdir("./344", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5770 ./strace-static-x86_64: Process 5770 attached [pid 5770] chdir("./344") = 0 [pid 5770] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5770] setpgid(0, 0) = 0 [pid 5770] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5770] write(3, "1000", 4) = 4 [pid 5770] close(3) = 0 [pid 5770] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5770] memfd_create("syzkaller", 0) = 3 [pid 5770] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5770] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5770] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5770] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5770] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5770] close(3) = 0 [pid 5770] mkdir("./file1", 0777) = 0 [ 150.435965][ T5770] loop0: detected capacity change from 0 to 8192 [ 150.445189][ T5770] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.458311][ T5770] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 150.467558][ T5770] REISERFS (device loop0): using ordered data mode [ 150.474079][ T5770] reiserfs: using flush barriers [ 150.479841][ T5770] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.496105][ T5770] REISERFS (device loop0): checking transaction log (loop0) [ 150.523967][ T5770] REISERFS (device loop0): Using r5 hash to sort names [pid 5770] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5770] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5770] chdir("./file1") = 0 [pid 5770] ioctl(4, LOOP_CLR_FD) = 0 [pid 5770] close(4) = 0 [pid 5770] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5770] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5770] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5770] exit_group(0) = ? [pid 5770] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5770, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./344", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./344", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./344/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./344/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./344/binderfs") = 0 umount2("./344/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./344/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./344/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./344/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./344/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./344/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./344") = 0 mkdir("./345", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5772 ./strace-static-x86_64: Process 5772 attached [pid 5772] chdir("./345") = 0 [pid 5772] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5772] setpgid(0, 0) = 0 [pid 5772] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5772] write(3, "1000", 4) = 4 [pid 5772] close(3) = 0 [pid 5772] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5772] memfd_create("syzkaller", 0) = 3 [pid 5772] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [ 150.531142][ T5770] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5772] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5772] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5772] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5772] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5772] close(3) = 0 [pid 5772] mkdir("./file1", 0777) = 0 [ 150.615233][ T5772] loop0: detected capacity change from 0 to 8192 [ 150.624520][ T5772] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.637939][ T5772] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 150.647594][ T5772] REISERFS (device loop0): using ordered data mode [ 150.654227][ T5772] reiserfs: using flush barriers [ 150.660003][ T5772] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.676539][ T5772] REISERFS (device loop0): checking transaction log (loop0) [pid 5772] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5772] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5772] chdir("./file1") = 0 [pid 5772] ioctl(4, LOOP_CLR_FD) = 0 [pid 5772] close(4) = 0 [pid 5772] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5772] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5772] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5772] exit_group(0) = ? [pid 5772] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5772, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./345", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./345", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./345/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./345/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./345/binderfs") = 0 umount2("./345/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./345/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./345/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./345/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./345/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./345/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./345") = 0 mkdir("./346", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5774 ./strace-static-x86_64: Process 5774 attached [pid 5774] chdir("./346") = 0 [pid 5774] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5774] setpgid(0, 0) = 0 [pid 5774] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5774] write(3, "1000", 4) = 4 [pid 5774] close(3) = 0 [pid 5774] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5774] memfd_create("syzkaller", 0) = 3 [ 150.709011][ T5772] REISERFS (device loop0): Using r5 hash to sort names [ 150.716089][ T5772] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5774] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5774] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5774] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5774] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5774] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5774] close(3) = 0 [pid 5774] mkdir("./file1", 0777) = 0 [ 150.797107][ T5774] loop0: detected capacity change from 0 to 8192 [ 150.805318][ T5774] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.818666][ T5774] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 150.828125][ T5774] REISERFS (device loop0): using ordered data mode [ 150.834739][ T5774] reiserfs: using flush barriers [ 150.840396][ T5774] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 150.856659][ T5774] REISERFS (device loop0): checking transaction log (loop0) [pid 5774] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5774] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5774] chdir("./file1") = 0 [pid 5774] ioctl(4, LOOP_CLR_FD) = 0 [pid 5774] close(4) = 0 [pid 5774] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5774] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5774] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5774] exit_group(0) = ? [pid 5774] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5774, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./346", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./346", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./346/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./346/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./346/binderfs") = 0 umount2("./346/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./346/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./346/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./346/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./346/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./346/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./346") = 0 mkdir("./347", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 150.887682][ T5774] REISERFS (device loop0): Using r5 hash to sort names [ 150.894682][ T5774] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5776 ./strace-static-x86_64: Process 5776 attached [pid 5776] chdir("./347") = 0 [pid 5776] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5776] setpgid(0, 0) = 0 [pid 5776] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5776] write(3, "1000", 4) = 4 [pid 5776] close(3) = 0 [pid 5776] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5776] memfd_create("syzkaller", 0) = 3 [pid 5776] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5776] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5776] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5776] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5776] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5776] close(3) = 0 [pid 5776] mkdir("./file1", 0777) = 0 [ 150.979814][ T5776] loop0: detected capacity change from 0 to 8192 [ 150.987895][ T5776] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 151.000854][ T5776] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 151.010176][ T5776] REISERFS (device loop0): using ordered data mode [ 151.016662][ T5776] reiserfs: using flush barriers [ 151.022332][ T5776] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 151.038717][ T5776] REISERFS (device loop0): checking transaction log (loop0) [ 151.069488][ T5776] REISERFS (device loop0): Using r5 hash to sort names [pid 5776] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5776] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5776] chdir("./file1") = 0 [pid 5776] ioctl(4, LOOP_CLR_FD) = 0 [pid 5776] close(4) = 0 [pid 5776] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5776] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5776] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5776] exit_group(0) = ? [pid 5776] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5776, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./347", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./347", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./347/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./347/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./347/binderfs") = 0 umount2("./347/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./347/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./347/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./347/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./347/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./347/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./347") = 0 [ 151.076480][ T5776] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. mkdir("./348", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5778 ./strace-static-x86_64: Process 5778 attached [pid 5778] chdir("./348") = 0 [pid 5778] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5778] setpgid(0, 0) = 0 [pid 5778] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5778] write(3, "1000", 4) = 4 [pid 5778] close(3) = 0 [pid 5778] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5778] memfd_create("syzkaller", 0) = 3 [pid 5778] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5778] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5778] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5778] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5778] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5778] close(3) = 0 [pid 5778] mkdir("./file1", 0777) = 0 [ 151.158630][ T5778] loop0: detected capacity change from 0 to 8192 [ 151.167156][ T5778] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 151.180245][ T5778] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 151.189600][ T5778] REISERFS (device loop0): using ordered data mode [ 151.196241][ T5778] reiserfs: using flush barriers [ 151.202164][ T5778] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 151.218615][ T5778] REISERFS (device loop0): checking transaction log (loop0) [ 151.245930][ T5778] REISERFS (device loop0): Using r5 hash to sort names [pid 5778] mount("/dev/loop0", "./file1", "reiserfs", MS_NOEXEC|MS_DIRSYNC|MS_SILENT|MS_RELATIME, "") = 0 [pid 5778] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5778] chdir("./file1") = 0 [pid 5778] ioctl(4, LOOP_CLR_FD) = 0 [pid 5778] close(4) = 0 [pid 5778] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5778] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5778] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5778] exit_group(0) = ? [pid 5778] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5778, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./348", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./348", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555738d620 /* 4 entries */, 32768) = 112 umount2("./348/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./348/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./348/binderfs") = 0 umount2("./348/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./348/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./348/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./348/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./348/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 151.252927][ T5778] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. getdents64(4, 0x555557395660 /* 2 entries */, 32768) = 48 getdents64(4, 0x555557395660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./348/file1") = 0 getdents64(3, 0x55555738d620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./348") = 0 mkdir("./349", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555738c5d0) = 5780 ./strace-static-x86_64: Process 5780 attached [pid 5780] chdir("./349") = 0 [pid 5780] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5780] setpgid(0, 0) = 0 [pid 5780] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5780] write(3, "1000", 4) = 4 [pid 5780] close(3) = 0 [pid 5780] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5780] memfd_create("syzkaller", 0) = 3 [pid 5780] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f53c6e46000 [pid 5780] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5780] munmap(0x7f53c6e46000, 4194304) = 0 [pid 5780] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5780] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5780] close(3) = 0 [pid 5780] mkdir("./file1", 0777) = 0