./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor422389576 <...> Warning: Permanently added '10.128.1.44' (ED25519) to the list of known hosts. execve("./syz-executor422389576", ["./syz-executor422389576"], 0x7ffd40750610 /* 10 vars */) = 0 brk(NULL) = 0x555561f8f000 brk(0x555561f8fe00) = 0x555561f8fe00 arch_prctl(ARCH_SET_FS, 0x555561f8f480) = 0 set_tid_address(0x555561f8f750) = 5833 set_robust_list(0x555561f8f760, 24) = 0 rseq(0x555561f8fda0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor422389576", 4096) = 27 getrandom("\xeb\x31\x71\x31\xb0\x18\x5d\xc8", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555561f8fe00 brk(0x555561fb0e00) = 0x555561fb0e00 brk(0x555561fb1000) = 0x555561fb1000 mprotect(0x7fda22773000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 mkdir("/syzcgroup", 0777) = 0 mkdir("/syzcgroup/unified", 0777) = 0 mount("none", "/syzcgroup/unified", "cgroup2", 0, NULL) = 0 chmod("/syzcgroup/unified", 0777) = 0 openat(AT_FDCWD, "/syzcgroup/unified/cgroup.subtree_control", O_WRONLY) = 3 write(3, "+cpu", 4) = 4 write(3, "+io", 3) = 3 write(3, "+pids", 5) = 5 close(3) = 0 mkdir("/syzcgroup/net", 0777) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "net") = -1 EINVAL (Invalid argument) mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio") = 0 umount2("/syzcgroup/net", 0) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "devices") = 0 [ 87.351844][ T5833] cgroup: Unknown subsys name 'net' umount2("/syzcgroup/net", 0) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "blkio") = 0 umount2("/syzcgroup/net", 0) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "freezer") = 0 umount2("/syzcgroup/net", 0) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = 0 chmod("/syzcgroup/net", 0777) = 0 mkdir("/syzcgroup/cpu", 0777) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset") = -1 EINVAL (Invalid argument) mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct") = 0 umount2("/syzcgroup/cpu", 0) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "hugetlb") = 0 umount2("/syzcgroup/cpu", 0) = 0 [ 87.532885][ T5833] cgroup: Unknown subsys name 'cpuset' mount("none", "/syzcgroup/cpu", "cgroup", 0, "rlimit") = -1 EINVAL (Invalid argument) mount("none", "/syzcgroup/cpu", "cgroup", 0, "memory") = 0 umount2("/syzcgroup/cpu", 0) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted) [ 87.586853][ T5833] cgroup: Unknown subsys name 'rlimit' mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = 0 chmod("/syzcgroup/cpu", 0777) = 0 openat(AT_FDCWD, "/syzcgroup/cpu/cgroup.clone_children", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/syzcgroup/cpu/cpuset.memory_pressure_enabled", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7fda226c5310, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fda226cdd10}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7fda226c5310, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fda226cdd10}, NULL, 8) = 0 mkdir("./syzkaller.GYg8eK", 0700) = 0 chmod("./syzkaller.GYg8eK", 0777) = 0 chdir("./syzkaller.GYg8eK") = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5835 attached , child_tidptr=0x555561f8f750) = 5835 [pid 5835] set_robust_list(0x555561f8f760, 24) = 0 [pid 5835] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5835] getppid() = 0 [pid 5835] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5835] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5835] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5835] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5835] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5835] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5835] unshare(CLONE_NEWNS) = 0 [pid 5835] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5835] unshare(CLONE_NEWIPC) = 0 [pid 5835] unshare(CLONE_NEWCGROUP) = 0 [pid 5835] unshare(CLONE_NEWUTS) = 0 [pid 5835] unshare(CLONE_SYSVSEM) = 0 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "16777216", 8) = 8 [pid 5835] close(3) = 0 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "536870912", 9) = 9 [pid 5835] close(3) = 0 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "1024", 4) = 4 [pid 5835] close(3) = 0 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "8192", 4) = 4 [pid 5835] close(3) = 0 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "1024", 4) = 4 [pid 5835] close(3) = 0 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "1024", 4) = 4 [pid 5835] close(3) = 0 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5835] close(3) = 0 [pid 5835] getpid() = 1 [pid 5835] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5839] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 2 [pid 5839] <... set_robust_list resumed>) = 0 [pid 5839] chdir("./0") = 0 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5839] setpgid(0, 0) = 0 [pid 5839] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5839] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5839] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5839] write(3, "1000", 4) = 4 [pid 5839] close(3) = 0 [pid 5839] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5839] write(1, "executing program\n", 18executing program ) = 18 [pid 5839] memfd_create("syzkaller", 0) = 3 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5839] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5839] munmap(0x7fda1a200000, 138412032) = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5839] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5839] close(3) = 0 [pid 5839] close(4) = 0 [pid 5839] mkdir("./file1", 0777) = 0 [ 89.199496][ T5839] loop0: detected capacity change from 0 to 32768 [ 89.221007][ T5839] ======================================================= [ 89.221007][ T5839] WARNING: The mand mount option has been deprecated and [ 89.221007][ T5839] and is ignored by this kernel. Remove the mand [ 89.221007][ T5839] option from the mount to silence this warning. [ 89.221007][ T5839] ======================================================= [ 89.276738][ T5839] JBD2: Ignoring recovery information on journal [pid 5839] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5839] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5839] chdir("./file1") = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5839] symlink(NULL, NULL) = -1 EFAULT (Bad address) [ 89.315013][ T5839] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5839] close(3) = 0 [pid 5839] close(4) = -1 EBADF (Bad file descriptor) [pid 5839] close(5) = -1 EBADF (Bad file descriptor) [pid 5839] close(6) = -1 EBADF (Bad file descriptor) [pid 5839] close(7) = -1 EBADF (Bad file descriptor) [pid 5839] close(8) = -1 EBADF (Bad file descriptor) [pid 5839] close(9) = -1 EBADF (Bad file descriptor) [pid 5839] close(10) = -1 EBADF (Bad file descriptor) [pid 5839] close(11) = -1 EBADF (Bad file descriptor) [pid 5839] close(12) = -1 EBADF (Bad file descriptor) [pid 5839] close(13) = -1 EBADF (Bad file descriptor) [pid 5839] close(14) = -1 EBADF (Bad file descriptor) [pid 5839] close(15) = -1 EBADF (Bad file descriptor) [pid 5839] close(16) = -1 EBADF (Bad file descriptor) [pid 5839] close(17) = -1 EBADF (Bad file descriptor) [pid 5839] close(18) = -1 EBADF (Bad file descriptor) [pid 5839] close(19) = -1 EBADF (Bad file descriptor) [pid 5839] close(20) = -1 EBADF (Bad file descriptor) [pid 5839] close(21) = -1 EBADF (Bad file descriptor) [pid 5839] close(22) = -1 EBADF (Bad file descriptor) [pid 5839] close(23) = -1 EBADF (Bad file descriptor) [pid 5839] close(24) = -1 EBADF (Bad file descriptor) [pid 5839] close(25) = -1 EBADF (Bad file descriptor) [pid 5839] close(26) = -1 EBADF (Bad file descriptor) [pid 5839] close(27) = -1 EBADF (Bad file descriptor) [pid 5839] close(28) = -1 EBADF (Bad file descriptor) [pid 5839] close(29) = -1 EBADF (Bad file descriptor) [pid 5839] exit_group(0) = ? [pid 5839] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=23 /* 0.23 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [ 89.459212][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./0/file1") = 0 [pid 5835] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./0/binderfs") = 0 [pid 5835] umount2("./0/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./0/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./0/cgroup.net") = 0 [pid 5835] umount2("./0/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./0/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./0/cgroup.cpu") = 0 [pid 5835] umount2("./0/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./0/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./0/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./0") = 0 [pid 5835] mkdir("./1", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5842 attached , child_tidptr=0x555561f8f750) = 3 [pid 5842] set_robust_list(0x555561f8f760, 24) = 0 [pid 5842] chdir("./1") = 0 [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5842] setpgid(0, 0) = 0 [pid 5842] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5842] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5842] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5842] write(3, "1000", 4) = 4 [pid 5842] close(3) = 0 [pid 5842] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5842] write(1, "executing program\n", 18executing program ) = 18 [pid 5842] memfd_create("syzkaller", 0) = 3 [pid 5842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5842] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5842] munmap(0x7fda1a200000, 138412032) = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5842] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5842] close(3) = 0 [pid 5842] close(4) = 0 [pid 5842] mkdir("./file1", 0777) = 0 [ 90.103101][ T5842] loop0: detected capacity change from 0 to 32768 [pid 5842] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5842] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5842] chdir("./file1") = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5842] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5842] close(3) = 0 [pid 5842] close(4) = -1 EBADF (Bad file descriptor) [pid 5842] close(5) = -1 EBADF (Bad file descriptor) [pid 5842] close(6) = -1 EBADF (Bad file descriptor) [pid 5842] close(7) = -1 EBADF (Bad file descriptor) [pid 5842] close(8) = -1 EBADF (Bad file descriptor) [pid 5842] close(9) = -1 EBADF (Bad file descriptor) [pid 5842] close(10) = -1 EBADF (Bad file descriptor) [pid 5842] close(11) = -1 EBADF (Bad file descriptor) [pid 5842] close(12) = -1 EBADF (Bad file descriptor) [pid 5842] close(13) = -1 EBADF (Bad file descriptor) [pid 5842] close(14) = -1 EBADF (Bad file descriptor) [pid 5842] close(15) = -1 EBADF (Bad file descriptor) [pid 5842] close(16) = -1 EBADF (Bad file descriptor) [pid 5842] close(17) = -1 EBADF (Bad file descriptor) [pid 5842] close(18) = -1 EBADF (Bad file descriptor) [pid 5842] close(19) = -1 EBADF (Bad file descriptor) [pid 5842] close(20) = -1 EBADF (Bad file descriptor) [pid 5842] close(21) = -1 EBADF (Bad file descriptor) [pid 5842] close(22) = -1 EBADF (Bad file descriptor) [pid 5842] close(23) = -1 EBADF (Bad file descriptor) [pid 5842] close(24) = -1 EBADF (Bad file descriptor) [pid 5842] close(25) = -1 EBADF (Bad file descriptor) [pid 5842] close(26) = -1 EBADF (Bad file descriptor) [pid 5842] close(27) = -1 EBADF (Bad file descriptor) [pid 5842] close(28) = -1 EBADF (Bad file descriptor) [pid 5842] close(29) = -1 EBADF (Bad file descriptor) [pid 5842] exit_group(0) = ? [ 90.159401][ T5842] JBD2: Ignoring recovery information on journal [ 90.193733][ T5842] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5842] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 90.307030][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./1/file1") = 0 [pid 5835] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./1/binderfs") = 0 [pid 5835] umount2("./1/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./1/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./1/cgroup.net") = 0 [pid 5835] umount2("./1/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./1/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./1/cgroup.cpu") = 0 [pid 5835] umount2("./1/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./1/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./1/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./1") = 0 [pid 5835] mkdir("./2", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5845 attached , child_tidptr=0x555561f8f750) = 4 [pid 5845] set_robust_list(0x555561f8f760, 24) = 0 [pid 5845] chdir("./2") = 0 [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5845] setpgid(0, 0) = 0 [pid 5845] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5845] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5845] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5845] write(3, "1000", 4) = 4 [pid 5845] close(3) = 0 [pid 5845] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5845] write(1, "executing program\n", 18) = 18 [pid 5845] memfd_create("syzkaller", 0) = 3 [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5845] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5845] munmap(0x7fda1a200000, 138412032) = 0 [pid 5845] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5845] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5845] close(3) = 0 [pid 5845] close(4) = 0 [pid 5845] mkdir("./file1", 0777) = 0 [ 90.874444][ T5845] loop0: detected capacity change from 0 to 32768 [ 90.911374][ T5845] JBD2: Ignoring recovery information on journal [pid 5845] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5845] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5845] chdir("./file1") = 0 [pid 5845] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5845] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5845] close(3) = 0 [pid 5845] close(4) = -1 EBADF (Bad file descriptor) [pid 5845] close(5) = -1 EBADF (Bad file descriptor) [pid 5845] close(6) = -1 EBADF (Bad file descriptor) [pid 5845] close(7) = -1 EBADF (Bad file descriptor) [pid 5845] close(8) = -1 EBADF (Bad file descriptor) [pid 5845] close(9) = -1 EBADF (Bad file descriptor) [pid 5845] close(10) = -1 EBADF (Bad file descriptor) [pid 5845] close(11) = -1 EBADF (Bad file descriptor) [pid 5845] close(12) = -1 EBADF (Bad file descriptor) [pid 5845] close(13) = -1 EBADF (Bad file descriptor) [pid 5845] close(14) = -1 EBADF (Bad file descriptor) [pid 5845] close(15) = -1 EBADF (Bad file descriptor) [pid 5845] close(16) = -1 EBADF (Bad file descriptor) [pid 5845] close(17) = -1 EBADF (Bad file descriptor) [pid 5845] close(18) = -1 EBADF (Bad file descriptor) [pid 5845] close(19) = -1 EBADF (Bad file descriptor) [pid 5845] close(20) = -1 EBADF (Bad file descriptor) [pid 5845] close(21) = -1 EBADF (Bad file descriptor) [pid 5845] close(22) = -1 EBADF (Bad file descriptor) [pid 5845] close(23) = -1 EBADF (Bad file descriptor) [pid 5845] close(24) = -1 EBADF (Bad file descriptor) [pid 5845] close(25) = -1 EBADF (Bad file descriptor) [pid 5845] close(26) = -1 EBADF (Bad file descriptor) [pid 5845] close(27) = -1 EBADF (Bad file descriptor) [pid 5845] close(28) = -1 EBADF (Bad file descriptor) [pid 5845] close(29) = -1 EBADF (Bad file descriptor) [pid 5845] exit_group(0) = ? [pid 5845] +++ exited with 0 +++ [ 90.941222][ T5845] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=16 /* 0.16 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./2/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [ 91.077133][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./2/file1") = 0 [pid 5835] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./2/binderfs") = 0 [pid 5835] umount2("./2/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./2/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./2/cgroup.net") = 0 [pid 5835] umount2("./2/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./2/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./2/cgroup.cpu") = 0 [pid 5835] umount2("./2/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./2/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./2/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./2") = 0 [pid 5835] mkdir("./3", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5848 attached [pid 5848] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 5 [pid 5848] <... set_robust_list resumed>) = 0 [pid 5848] chdir("./3") = 0 [pid 5848] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5848] setpgid(0, 0) = 0 [pid 5848] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5848] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5848] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5848] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5848] write(3, "1000", 4) = 4 [pid 5848] close(3) = 0 [pid 5848] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5848] write(1, "executing program\n", 18) = 18 [pid 5848] memfd_create("syzkaller", 0) = 3 [pid 5848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5848] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5848] munmap(0x7fda1a200000, 138412032) = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5848] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5848] close(3) = 0 [pid 5848] close(4) = 0 [pid 5848] mkdir("./file1", 0777) = 0 [ 91.744630][ T5848] loop0: detected capacity change from 0 to 32768 [pid 5848] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5848] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5848] chdir("./file1") = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5848] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5848] close(3) = 0 [pid 5848] close(4) = -1 EBADF (Bad file descriptor) [ 91.818217][ T5848] JBD2: Ignoring recovery information on journal [ 91.852551][ T5848] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5848] close(5) = -1 EBADF (Bad file descriptor) [pid 5848] close(6) = -1 EBADF (Bad file descriptor) [pid 5848] close(7) = -1 EBADF (Bad file descriptor) [pid 5848] close(8) = -1 EBADF (Bad file descriptor) [pid 5848] close(9) = -1 EBADF (Bad file descriptor) [pid 5848] close(10) = -1 EBADF (Bad file descriptor) [pid 5848] close(11) = -1 EBADF (Bad file descriptor) [pid 5848] close(12) = -1 EBADF (Bad file descriptor) [pid 5848] close(13) = -1 EBADF (Bad file descriptor) [pid 5848] close(14) = -1 EBADF (Bad file descriptor) [pid 5848] close(15) = -1 EBADF (Bad file descriptor) [pid 5848] close(16) = -1 EBADF (Bad file descriptor) [pid 5848] close(17) = -1 EBADF (Bad file descriptor) [pid 5848] close(18) = -1 EBADF (Bad file descriptor) [pid 5848] close(19) = -1 EBADF (Bad file descriptor) [pid 5848] close(20) = -1 EBADF (Bad file descriptor) [pid 5848] close(21) = -1 EBADF (Bad file descriptor) [pid 5848] close(22) = -1 EBADF (Bad file descriptor) [pid 5848] close(23) = -1 EBADF (Bad file descriptor) [pid 5848] close(24) = -1 EBADF (Bad file descriptor) [pid 5848] close(25) = -1 EBADF (Bad file descriptor) [pid 5848] close(26) = -1 EBADF (Bad file descriptor) [pid 5848] close(27) = -1 EBADF (Bad file descriptor) [pid 5848] close(28) = -1 EBADF (Bad file descriptor) [pid 5848] close(29) = -1 EBADF (Bad file descriptor) [pid 5848] exit_group(0) = ? [pid 5848] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./3/file1") = 0 [ 92.008402][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./3/binderfs") = 0 [pid 5835] umount2("./3/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./3/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./3/cgroup.net") = 0 [pid 5835] umount2("./3/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./3/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./3/cgroup.cpu") = 0 [pid 5835] umount2("./3/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./3/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./3/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./3") = 0 [pid 5835] mkdir("./4", 0777) = 0 [ 92.137140][ T977] cfg80211: failed to load regulatory.db [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5851 attached , child_tidptr=0x555561f8f750) = 6 [pid 5851] set_robust_list(0x555561f8f760, 24) = 0 [pid 5851] chdir("./4") = 0 [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5851] setpgid(0, 0) = 0 [pid 5851] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5851] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5851] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5851] write(3, "1000", 4) = 4 [pid 5851] close(3) = 0 [pid 5851] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5851] write(1, "executing program\n", 18executing program ) = 18 [pid 5851] memfd_create("syzkaller", 0) = 3 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5851] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5851] munmap(0x7fda1a200000, 138412032) = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5851] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5851] close(3) = 0 [pid 5851] close(4) = 0 [pid 5851] mkdir("./file1", 0777) = 0 [ 92.568454][ T5851] loop0: detected capacity change from 0 to 32768 [pid 5851] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5851] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5851] chdir("./file1") = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5851] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5851] close(3) = 0 [pid 5851] close(4) = -1 EBADF (Bad file descriptor) [pid 5851] close(5) = -1 EBADF (Bad file descriptor) [pid 5851] close(6) = -1 EBADF (Bad file descriptor) [pid 5851] close(7) = -1 EBADF (Bad file descriptor) [pid 5851] close(8) = -1 EBADF (Bad file descriptor) [pid 5851] close(9) = -1 EBADF (Bad file descriptor) [pid 5851] close(10) = -1 EBADF (Bad file descriptor) [pid 5851] close(11) = -1 EBADF (Bad file descriptor) [pid 5851] close(12) = -1 EBADF (Bad file descriptor) [pid 5851] close(13) = -1 EBADF (Bad file descriptor) [pid 5851] close(14) = -1 EBADF (Bad file descriptor) [pid 5851] close(15) = -1 EBADF (Bad file descriptor) [pid 5851] close(16) = -1 EBADF (Bad file descriptor) [pid 5851] close(17) = -1 EBADF (Bad file descriptor) [pid 5851] close(18) = -1 EBADF (Bad file descriptor) [pid 5851] close(19) = -1 EBADF (Bad file descriptor) [pid 5851] close(20) = -1 EBADF (Bad file descriptor) [pid 5851] close(21) = -1 EBADF (Bad file descriptor) [pid 5851] close(22) = -1 EBADF (Bad file descriptor) [pid 5851] close(23) = -1 EBADF (Bad file descriptor) [pid 5851] close(24) = -1 EBADF (Bad file descriptor) [pid 5851] close(25) = -1 EBADF (Bad file descriptor) [pid 5851] close(26) = -1 EBADF (Bad file descriptor) [pid 5851] close(27) = -1 EBADF (Bad file descriptor) [pid 5851] close(28) = -1 EBADF (Bad file descriptor) [pid 5851] close(29) = -1 EBADF (Bad file descriptor) [pid 5851] exit_group(0) = ? [pid 5851] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [ 92.612317][ T5851] JBD2: Ignoring recovery information on journal [ 92.650103][ T5851] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./4/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./4/file1") = 0 [pid 5835] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./4/binderfs") = 0 [pid 5835] umount2("./4/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./4/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./4/cgroup.net") = 0 [pid 5835] umount2("./4/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./4/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./4/cgroup.cpu") = 0 [pid 5835] umount2("./4/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./4/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./4/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./4") = 0 [pid 5835] mkdir("./5", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 92.736383][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5854 attached , child_tidptr=0x555561f8f750) = 7 [pid 5854] set_robust_list(0x555561f8f760, 24) = 0 [pid 5854] chdir("./5") = 0 [pid 5854] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5854] setpgid(0, 0) = 0 [pid 5854] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5854] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5854] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "1000", 4) = 4 [pid 5854] close(3) = 0 [pid 5854] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5854] write(1, "executing program\n", 18executing program ) = 18 [pid 5854] memfd_create("syzkaller", 0) = 3 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5854] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5854] munmap(0x7fda1a200000, 138412032) = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5854] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5854] close(3) = 0 [pid 5854] close(4) = 0 [pid 5854] mkdir("./file1", 0777) = 0 [ 93.106565][ T5854] loop0: detected capacity change from 0 to 32768 [ 93.142785][ T5854] JBD2: Ignoring recovery information on journal [pid 5854] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5854] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5854] chdir("./file1") = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5854] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5854] close(3) = 0 [pid 5854] close(4) = -1 EBADF (Bad file descriptor) [pid 5854] close(5) = -1 EBADF (Bad file descriptor) [pid 5854] close(6) = -1 EBADF (Bad file descriptor) [pid 5854] close(7) = -1 EBADF (Bad file descriptor) [pid 5854] close(8) = -1 EBADF (Bad file descriptor) [pid 5854] close(9) = -1 EBADF (Bad file descriptor) [pid 5854] close(10) = -1 EBADF (Bad file descriptor) [pid 5854] close(11) = -1 EBADF (Bad file descriptor) [pid 5854] close(12) = -1 EBADF (Bad file descriptor) [pid 5854] close(13) = -1 EBADF (Bad file descriptor) [pid 5854] close(14) = -1 EBADF (Bad file descriptor) [pid 5854] close(15) = -1 EBADF (Bad file descriptor) [pid 5854] close(16) = -1 EBADF (Bad file descriptor) [pid 5854] close(17) = -1 EBADF (Bad file descriptor) [pid 5854] close(18) = -1 EBADF (Bad file descriptor) [pid 5854] close(19) = -1 EBADF (Bad file descriptor) [pid 5854] close(20) = -1 EBADF (Bad file descriptor) [ 93.177483][ T5854] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5854] close(21) = -1 EBADF (Bad file descriptor) [pid 5854] close(22) = -1 EBADF (Bad file descriptor) [pid 5854] close(23) = -1 EBADF (Bad file descriptor) [pid 5854] close(24) = -1 EBADF (Bad file descriptor) [pid 5854] close(25) = -1 EBADF (Bad file descriptor) [pid 5854] close(26) = -1 EBADF (Bad file descriptor) [pid 5854] close(27) = -1 EBADF (Bad file descriptor) [pid 5854] close(28) = -1 EBADF (Bad file descriptor) [pid 5854] close(29) = -1 EBADF (Bad file descriptor) [pid 5854] exit_group(0) = ? [pid 5854] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./5/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [ 93.316032][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./5/file1") = 0 [pid 5835] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./5/binderfs") = 0 [pid 5835] umount2("./5/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./5/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./5/cgroup.net") = 0 [pid 5835] umount2("./5/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./5/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./5/cgroup.cpu") = 0 [pid 5835] umount2("./5/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./5/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./5/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./5") = 0 [pid 5835] mkdir("./6", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5857 attached [pid 5857] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 8 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5857] chdir("./6") = 0 [pid 5857] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5857] setpgid(0, 0) = 0 [pid 5857] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5857] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5857] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5857] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5857] write(3, "1000", 4) = 4 [pid 5857] close(3) = 0 [pid 5857] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5857] write(1, "executing program\n", 18executing program ) = 18 [pid 5857] memfd_create("syzkaller", 0) = 3 [pid 5857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5857] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5857] munmap(0x7fda1a200000, 138412032) = 0 [pid 5857] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5857] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5857] close(3) = 0 [pid 5857] close(4) = 0 [pid 5857] mkdir("./file1", 0777) = 0 [ 93.979927][ T5857] loop0: detected capacity change from 0 to 32768 [ 94.013064][ T5857] JBD2: Ignoring recovery information on journal [pid 5857] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5857] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5857] chdir("./file1") = 0 [pid 5857] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5857] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5857] close(3) = 0 [pid 5857] close(4) = -1 EBADF (Bad file descriptor) [pid 5857] close(5) = -1 EBADF (Bad file descriptor) [pid 5857] close(6) = -1 EBADF (Bad file descriptor) [pid 5857] close(7) = -1 EBADF (Bad file descriptor) [pid 5857] close(8) = -1 EBADF (Bad file descriptor) [pid 5857] close(9) = -1 EBADF (Bad file descriptor) [pid 5857] close(10) = -1 EBADF (Bad file descriptor) [pid 5857] close(11) = -1 EBADF (Bad file descriptor) [pid 5857] close(12) = -1 EBADF (Bad file descriptor) [pid 5857] close(13) = -1 EBADF (Bad file descriptor) [pid 5857] close(14) = -1 EBADF (Bad file descriptor) [pid 5857] close(15) = -1 EBADF (Bad file descriptor) [pid 5857] close(16) = -1 EBADF (Bad file descriptor) [pid 5857] close(17) = -1 EBADF (Bad file descriptor) [pid 5857] close(18) = -1 EBADF (Bad file descriptor) [pid 5857] close(19) = -1 EBADF (Bad file descriptor) [pid 5857] close(20) = -1 EBADF (Bad file descriptor) [pid 5857] close(21) = -1 EBADF (Bad file descriptor) [pid 5857] close(22) = -1 EBADF (Bad file descriptor) [pid 5857] close(23) = -1 EBADF (Bad file descriptor) [pid 5857] close(24) = -1 EBADF (Bad file descriptor) [pid 5857] close(25) = -1 EBADF (Bad file descriptor) [pid 5857] close(26) = -1 EBADF (Bad file descriptor) [pid 5857] close(27) = -1 EBADF (Bad file descriptor) [pid 5857] close(28) = -1 EBADF (Bad file descriptor) [pid 5857] close(29) = -1 EBADF (Bad file descriptor) [pid 5857] exit_group(0) = ? [pid 5857] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [ 94.051348][ T5857] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./6/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 94.188934][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./6/file1") = 0 [pid 5835] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./6/binderfs") = 0 [pid 5835] umount2("./6/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./6/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./6/cgroup.net") = 0 [pid 5835] umount2("./6/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./6/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./6/cgroup.cpu") = 0 [pid 5835] umount2("./6/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./6/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./6/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./6") = 0 [pid 5835] mkdir("./7", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5860 attached , child_tidptr=0x555561f8f750) = 9 [pid 5860] set_robust_list(0x555561f8f760, 24) = 0 [pid 5860] chdir("./7") = 0 [pid 5860] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5860] setpgid(0, 0) = 0 [pid 5860] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5860] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5860] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5860] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5860] write(3, "1000", 4) = 4 [pid 5860] close(3) = 0 [pid 5860] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5860] write(1, "executing program\n", 18) = 18 executing program [pid 5860] memfd_create("syzkaller", 0) = 3 [pid 5860] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5860] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5860] munmap(0x7fda1a200000, 138412032) = 0 [pid 5860] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5860] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5860] close(3) = 0 [pid 5860] close(4) = 0 [pid 5860] mkdir("./file1", 0777) = 0 [ 94.926101][ T5860] loop0: detected capacity change from 0 to 32768 [pid 5860] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5860] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5860] chdir("./file1") = 0 [pid 5860] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 94.980380][ T5860] JBD2: Ignoring recovery information on journal [ 95.017023][ T5860] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5860] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5860] close(3) = 0 [pid 5860] close(4) = -1 EBADF (Bad file descriptor) [pid 5860] close(5) = -1 EBADF (Bad file descriptor) [pid 5860] close(6) = -1 EBADF (Bad file descriptor) [pid 5860] close(7) = -1 EBADF (Bad file descriptor) [pid 5860] close(8) = -1 EBADF (Bad file descriptor) [pid 5860] close(9) = -1 EBADF (Bad file descriptor) [pid 5860] close(10) = -1 EBADF (Bad file descriptor) [pid 5860] close(11) = -1 EBADF (Bad file descriptor) [pid 5860] close(12) = -1 EBADF (Bad file descriptor) [pid 5860] close(13) = -1 EBADF (Bad file descriptor) [pid 5860] close(14) = -1 EBADF (Bad file descriptor) [pid 5860] close(15) = -1 EBADF (Bad file descriptor) [pid 5860] close(16) = -1 EBADF (Bad file descriptor) [pid 5860] close(17) = -1 EBADF (Bad file descriptor) [pid 5860] close(18) = -1 EBADF (Bad file descriptor) [pid 5860] close(19) = -1 EBADF (Bad file descriptor) [pid 5860] close(20) = -1 EBADF (Bad file descriptor) [pid 5860] close(21) = -1 EBADF (Bad file descriptor) [pid 5860] close(22) = -1 EBADF (Bad file descriptor) [pid 5860] close(23) = -1 EBADF (Bad file descriptor) [pid 5860] close(24) = -1 EBADF (Bad file descriptor) [pid 5860] close(25) = -1 EBADF (Bad file descriptor) [pid 5860] close(26) = -1 EBADF (Bad file descriptor) [pid 5860] close(27) = -1 EBADF (Bad file descriptor) [pid 5860] close(28) = -1 EBADF (Bad file descriptor) [pid 5860] close(29) = -1 EBADF (Bad file descriptor) [pid 5860] exit_group(0) = ? [pid 5860] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=9, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5835] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./7/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 95.231514][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./7/file1") = 0 [pid 5835] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./7/binderfs") = 0 [pid 5835] umount2("./7/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./7/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./7/cgroup.net") = 0 [pid 5835] umount2("./7/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./7/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./7/cgroup.cpu") = 0 [pid 5835] umount2("./7/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./7/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./7/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./7") = 0 [pid 5835] mkdir("./8", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5863 attached , child_tidptr=0x555561f8f750) = 10 [pid 5863] set_robust_list(0x555561f8f760, 24) = 0 [pid 5863] chdir("./8") = 0 [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5863] setpgid(0, 0) = 0 [pid 5863] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5863] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5863] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "1000", 4) = 4 [pid 5863] close(3) = 0 [pid 5863] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5863] write(1, "executing program\n", 18executing program ) = 18 [pid 5863] memfd_create("syzkaller", 0) = 3 [pid 5863] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5863] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5863] munmap(0x7fda1a200000, 138412032) = 0 [pid 5863] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5863] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5863] close(3) = 0 [pid 5863] close(4) = 0 [pid 5863] mkdir("./file1", 0777) = 0 [ 95.880184][ T5863] loop0: detected capacity change from 0 to 32768 [pid 5863] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5863] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5863] chdir("./file1") = 0 [pid 5863] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 95.936136][ T5863] JBD2: Ignoring recovery information on journal [ 95.971387][ T5863] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5863] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5863] close(3) = 0 [pid 5863] close(4) = -1 EBADF (Bad file descriptor) [pid 5863] close(5) = -1 EBADF (Bad file descriptor) [pid 5863] close(6) = -1 EBADF (Bad file descriptor) [pid 5863] close(7) = -1 EBADF (Bad file descriptor) [pid 5863] close(8) = -1 EBADF (Bad file descriptor) [pid 5863] close(9) = -1 EBADF (Bad file descriptor) [pid 5863] close(10) = -1 EBADF (Bad file descriptor) [pid 5863] close(11) = -1 EBADF (Bad file descriptor) [pid 5863] close(12) = -1 EBADF (Bad file descriptor) [pid 5863] close(13) = -1 EBADF (Bad file descriptor) [pid 5863] close(14) = -1 EBADF (Bad file descriptor) [pid 5863] close(15) = -1 EBADF (Bad file descriptor) [pid 5863] close(16) = -1 EBADF (Bad file descriptor) [pid 5863] close(17) = -1 EBADF (Bad file descriptor) [pid 5863] close(18) = -1 EBADF (Bad file descriptor) [pid 5863] close(19) = -1 EBADF (Bad file descriptor) [pid 5863] close(20) = -1 EBADF (Bad file descriptor) [pid 5863] close(21) = -1 EBADF (Bad file descriptor) [pid 5863] close(22) = -1 EBADF (Bad file descriptor) [pid 5863] close(23) = -1 EBADF (Bad file descriptor) [pid 5863] close(24) = -1 EBADF (Bad file descriptor) [pid 5863] close(25) = -1 EBADF (Bad file descriptor) [pid 5863] close(26) = -1 EBADF (Bad file descriptor) [pid 5863] close(27) = -1 EBADF (Bad file descriptor) [pid 5863] close(28) = -1 EBADF (Bad file descriptor) [pid 5863] close(29) = -1 EBADF (Bad file descriptor) [pid 5863] exit_group(0) = ? [pid 5863] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./8/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 96.105812][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./8/file1") = 0 [pid 5835] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./8/binderfs") = 0 [pid 5835] umount2("./8/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./8/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./8/cgroup.net") = 0 [pid 5835] umount2("./8/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./8/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./8/cgroup.cpu") = 0 [pid 5835] umount2("./8/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./8/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./8/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./8") = 0 [pid 5835] mkdir("./9", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5866 attached , child_tidptr=0x555561f8f750) = 11 [pid 5866] set_robust_list(0x555561f8f760, 24) = 0 [pid 5866] chdir("./9") = 0 [pid 5866] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5866] setpgid(0, 0) = 0 [pid 5866] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5866] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5866] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5866] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5866] write(3, "1000", 4) = 4 [pid 5866] close(3) = 0 [pid 5866] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5866] write(1, "executing program\n", 18) = 18 [pid 5866] memfd_create("syzkaller", 0) = 3 [pid 5866] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5866] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5866] munmap(0x7fda1a200000, 138412032) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5866] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5866] close(3) = 0 [pid 5866] close(4) = 0 [pid 5866] mkdir("./file1", 0777) = 0 [ 96.675031][ T5866] loop0: detected capacity change from 0 to 32768 [pid 5866] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5866] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 96.735032][ T5866] JBD2: Ignoring recovery information on journal [ 96.771278][ T5866] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5866] chdir("./file1") = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5866] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5866] close(3) = 0 [pid 5866] close(4) = -1 EBADF (Bad file descriptor) [pid 5866] close(5) = -1 EBADF (Bad file descriptor) [pid 5866] close(6) = -1 EBADF (Bad file descriptor) [pid 5866] close(7) = -1 EBADF (Bad file descriptor) [pid 5866] close(8) = -1 EBADF (Bad file descriptor) [pid 5866] close(9) = -1 EBADF (Bad file descriptor) [pid 5866] close(10) = -1 EBADF (Bad file descriptor) [pid 5866] close(11) = -1 EBADF (Bad file descriptor) [pid 5866] close(12) = -1 EBADF (Bad file descriptor) [pid 5866] close(13) = -1 EBADF (Bad file descriptor) [pid 5866] close(14) = -1 EBADF (Bad file descriptor) [pid 5866] close(15) = -1 EBADF (Bad file descriptor) [pid 5866] close(16) = -1 EBADF (Bad file descriptor) [pid 5866] close(17) = -1 EBADF (Bad file descriptor) [pid 5866] close(18) = -1 EBADF (Bad file descriptor) [pid 5866] close(19) = -1 EBADF (Bad file descriptor) [pid 5866] close(20) = -1 EBADF (Bad file descriptor) [pid 5866] close(21) = -1 EBADF (Bad file descriptor) [pid 5866] close(22) = -1 EBADF (Bad file descriptor) [pid 5866] close(23) = -1 EBADF (Bad file descriptor) [pid 5866] close(24) = -1 EBADF (Bad file descriptor) [pid 5866] close(25) = -1 EBADF (Bad file descriptor) [pid 5866] close(26) = -1 EBADF (Bad file descriptor) [pid 5866] close(27) = -1 EBADF (Bad file descriptor) [pid 5866] close(28) = -1 EBADF (Bad file descriptor) [pid 5866] close(29) = -1 EBADF (Bad file descriptor) [pid 5866] exit_group(0) = ? [pid 5866] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=11, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./9/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 96.869811][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./9/file1") = 0 [pid 5835] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./9/binderfs") = 0 [pid 5835] umount2("./9/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./9/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./9/cgroup.net") = 0 [pid 5835] umount2("./9/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./9/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./9/cgroup.cpu") = 0 [pid 5835] umount2("./9/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./9/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./9/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./9") = 0 [pid 5835] mkdir("./10", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5869 attached , child_tidptr=0x555561f8f750) = 12 [pid 5869] set_robust_list(0x555561f8f760, 24) = 0 [pid 5869] chdir("./10") = 0 [pid 5869] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5869] setpgid(0, 0) = 0 [pid 5869] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5869] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5869] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5869] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5869] write(3, "1000", 4) = 4 [pid 5869] close(3) = 0 [pid 5869] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5869] write(1, "executing program\n", 18) = 18 [pid 5869] memfd_create("syzkaller", 0) = 3 [pid 5869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5869] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5869] munmap(0x7fda1a200000, 138412032) = 0 [pid 5869] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5869] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5869] close(3) = 0 [pid 5869] close(4) = 0 [pid 5869] mkdir("./file1", 0777) = 0 [ 97.515389][ T5869] loop0: detected capacity change from 0 to 32768 [ 97.556856][ T5869] JBD2: Ignoring recovery information on journal [pid 5869] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5869] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5869] chdir("./file1") = 0 [pid 5869] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5869] symlink(NULL, NULL) = -1 EFAULT (Bad address) [ 97.600170][ T5869] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5869] close(3) = 0 [pid 5869] close(4) = -1 EBADF (Bad file descriptor) [pid 5869] close(5) = -1 EBADF (Bad file descriptor) [pid 5869] close(6) = -1 EBADF (Bad file descriptor) [pid 5869] close(7) = -1 EBADF (Bad file descriptor) [pid 5869] close(8) = -1 EBADF (Bad file descriptor) [pid 5869] close(9) = -1 EBADF (Bad file descriptor) [pid 5869] close(10) = -1 EBADF (Bad file descriptor) [pid 5869] close(11) = -1 EBADF (Bad file descriptor) [pid 5869] close(12) = -1 EBADF (Bad file descriptor) [pid 5869] close(13) = -1 EBADF (Bad file descriptor) [pid 5869] close(14) = -1 EBADF (Bad file descriptor) [pid 5869] close(15) = -1 EBADF (Bad file descriptor) [pid 5869] close(16) = -1 EBADF (Bad file descriptor) [pid 5869] close(17) = -1 EBADF (Bad file descriptor) [pid 5869] close(18) = -1 EBADF (Bad file descriptor) [pid 5869] close(19) = -1 EBADF (Bad file descriptor) [pid 5869] close(20) = -1 EBADF (Bad file descriptor) [pid 5869] close(21) = -1 EBADF (Bad file descriptor) [pid 5869] close(22) = -1 EBADF (Bad file descriptor) [pid 5869] close(23) = -1 EBADF (Bad file descriptor) [pid 5869] close(24) = -1 EBADF (Bad file descriptor) [pid 5869] close(25) = -1 EBADF (Bad file descriptor) [pid 5869] close(26) = -1 EBADF (Bad file descriptor) [pid 5869] close(27) = -1 EBADF (Bad file descriptor) [pid 5869] close(28) = -1 EBADF (Bad file descriptor) [pid 5869] close(29) = -1 EBADF (Bad file descriptor) [pid 5869] exit_group(0) = ? [pid 5869] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=16 /* 0.16 s */} --- [pid 5835] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./10/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./10/file1") = 0 [pid 5835] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./10/binderfs") = 0 [pid 5835] umount2("./10/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./10/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./10/cgroup.net") = 0 [pid 5835] umount2("./10/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./10/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./10/cgroup.cpu") = 0 [pid 5835] umount2("./10/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./10/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./10/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./10") = 0 [pid 5835] mkdir("./11", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 97.698258][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5872 attached , child_tidptr=0x555561f8f750) = 13 [pid 5872] set_robust_list(0x555561f8f760, 24) = 0 [pid 5872] chdir("./11") = 0 [pid 5872] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5872] setpgid(0, 0) = 0 [pid 5872] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5872] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5872] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5872] write(3, "1000", 4) = 4 [pid 5872] close(3) = 0 [pid 5872] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5872] write(1, "executing program\n", 18executing program ) = 18 [pid 5872] memfd_create("syzkaller", 0) = 3 [pid 5872] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5872] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5872] munmap(0x7fda1a200000, 138412032) = 0 [pid 5872] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5872] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5872] close(3) = 0 [pid 5872] close(4) = 0 [pid 5872] mkdir("./file1", 0777) = 0 [ 98.123617][ T5872] loop0: detected capacity change from 0 to 32768 [ 98.161855][ T5872] JBD2: Ignoring recovery information on journal [pid 5872] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5872] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5872] chdir("./file1") = 0 [pid 5872] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5872] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5872] close(3) = 0 [pid 5872] close(4) = -1 EBADF (Bad file descriptor) [pid 5872] close(5) = -1 EBADF (Bad file descriptor) [pid 5872] close(6) = -1 EBADF (Bad file descriptor) [pid 5872] close(7) = -1 EBADF (Bad file descriptor) [pid 5872] close(8) = -1 EBADF (Bad file descriptor) [pid 5872] close(9) = -1 EBADF (Bad file descriptor) [pid 5872] close(10) = -1 EBADF (Bad file descriptor) [pid 5872] close(11) = -1 EBADF (Bad file descriptor) [pid 5872] close(12) = -1 EBADF (Bad file descriptor) [pid 5872] close(13) = -1 EBADF (Bad file descriptor) [pid 5872] close(14) = -1 EBADF (Bad file descriptor) [pid 5872] close(15) = -1 EBADF (Bad file descriptor) [pid 5872] close(16) = -1 EBADF (Bad file descriptor) [pid 5872] close(17) = -1 EBADF (Bad file descriptor) [pid 5872] close(18) = -1 EBADF (Bad file descriptor) [pid 5872] close(19) = -1 EBADF (Bad file descriptor) [pid 5872] close(20) = -1 EBADF (Bad file descriptor) [pid 5872] close(21) = -1 EBADF (Bad file descriptor) [pid 5872] close(22) = -1 EBADF (Bad file descriptor) [pid 5872] close(23) = -1 EBADF (Bad file descriptor) [pid 5872] close(24) = -1 EBADF (Bad file descriptor) [pid 5872] close(25) = -1 EBADF (Bad file descriptor) [pid 5872] close(26) = -1 EBADF (Bad file descriptor) [pid 5872] close(27) = -1 EBADF (Bad file descriptor) [pid 5872] close(28) = -1 EBADF (Bad file descriptor) [pid 5872] close(29) = -1 EBADF (Bad file descriptor) [pid 5872] exit_group(0) = ? [pid 5872] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5835] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 98.198234][ T5872] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./11/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 98.310050][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./11/file1") = 0 [pid 5835] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./11/binderfs") = 0 [pid 5835] umount2("./11/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./11/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./11/cgroup.net") = 0 [pid 5835] umount2("./11/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./11/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./11/cgroup.cpu") = 0 [pid 5835] umount2("./11/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./11/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./11/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./11") = 0 [pid 5835] mkdir("./12", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5875 attached [pid 5875] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 14 [pid 5875] <... set_robust_list resumed>) = 0 [pid 5875] chdir("./12") = 0 [pid 5875] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5875] setpgid(0, 0) = 0 [pid 5875] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5875] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5875] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5875] write(3, "1000", 4) = 4 [pid 5875] close(3) = 0 [pid 5875] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5875] write(1, "executing program\n", 18executing program ) = 18 [pid 5875] memfd_create("syzkaller", 0) = 3 [pid 5875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5875] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5875] munmap(0x7fda1a200000, 138412032) = 0 [pid 5875] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5875] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5875] close(3) = 0 [pid 5875] close(4) = 0 [pid 5875] mkdir("./file1", 0777) = 0 [ 98.974918][ T5875] loop0: detected capacity change from 0 to 32768 [pid 5875] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5875] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5875] chdir("./file1") = 0 [pid 5875] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5875] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5875] close(3) = 0 [ 99.017138][ T5875] JBD2: Ignoring recovery information on journal [ 99.051434][ T5875] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5875] close(4) = -1 EBADF (Bad file descriptor) [pid 5875] close(5) = -1 EBADF (Bad file descriptor) [pid 5875] close(6) = -1 EBADF (Bad file descriptor) [pid 5875] close(7) = -1 EBADF (Bad file descriptor) [pid 5875] close(8) = -1 EBADF (Bad file descriptor) [pid 5875] close(9) = -1 EBADF (Bad file descriptor) [pid 5875] close(10) = -1 EBADF (Bad file descriptor) [pid 5875] close(11) = -1 EBADF (Bad file descriptor) [pid 5875] close(12) = -1 EBADF (Bad file descriptor) [pid 5875] close(13) = -1 EBADF (Bad file descriptor) [pid 5875] close(14) = -1 EBADF (Bad file descriptor) [pid 5875] close(15) = -1 EBADF (Bad file descriptor) [pid 5875] close(16) = -1 EBADF (Bad file descriptor) [pid 5875] close(17) = -1 EBADF (Bad file descriptor) [pid 5875] close(18) = -1 EBADF (Bad file descriptor) [pid 5875] close(19) = -1 EBADF (Bad file descriptor) [pid 5875] close(20) = -1 EBADF (Bad file descriptor) [pid 5875] close(21) = -1 EBADF (Bad file descriptor) [pid 5875] close(22) = -1 EBADF (Bad file descriptor) [pid 5875] close(23) = -1 EBADF (Bad file descriptor) [pid 5875] close(24) = -1 EBADF (Bad file descriptor) [pid 5875] close(25) = -1 EBADF (Bad file descriptor) [pid 5875] close(26) = -1 EBADF (Bad file descriptor) [pid 5875] close(27) = -1 EBADF (Bad file descriptor) [pid 5875] close(28) = -1 EBADF (Bad file descriptor) [pid 5875] close(29) = -1 EBADF (Bad file descriptor) [pid 5875] exit_group(0) = ? [pid 5875] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=17 /* 0.17 s */} --- [pid 5835] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./12/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 99.202679][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./12/file1") = 0 [pid 5835] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./12/binderfs") = 0 [pid 5835] umount2("./12/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./12/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./12/cgroup.net") = 0 [pid 5835] umount2("./12/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./12/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./12/cgroup.cpu") = 0 [pid 5835] umount2("./12/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./12/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./12/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./12") = 0 [pid 5835] mkdir("./13", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5878 attached [pid 5878] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 15 [pid 5878] <... set_robust_list resumed>) = 0 [pid 5878] chdir("./13") = 0 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5878] setpgid(0, 0) = 0 [pid 5878] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5878] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5878] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "1000", 4) = 4 [pid 5878] close(3) = 0 [pid 5878] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5878] write(1, "executing program\n", 18) = 18 [pid 5878] memfd_create("syzkaller", 0) = 3 [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5878] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5878] munmap(0x7fda1a200000, 138412032) = 0 [pid 5878] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5878] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5878] close(3) = 0 [pid 5878] close(4) = 0 [pid 5878] mkdir("./file1", 0777) = 0 [ 100.033642][ T5878] loop0: detected capacity change from 0 to 32768 [ 100.071766][ T5878] JBD2: Ignoring recovery information on journal [pid 5878] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5878] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5878] chdir("./file1") = 0 [pid 5878] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5878] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5878] close(3) = 0 [pid 5878] close(4) = -1 EBADF (Bad file descriptor) [pid 5878] close(5) = -1 EBADF (Bad file descriptor) [pid 5878] close(6) = -1 EBADF (Bad file descriptor) [pid 5878] close(7) = -1 EBADF (Bad file descriptor) [pid 5878] close(8) = -1 EBADF (Bad file descriptor) [pid 5878] close(9) = -1 EBADF (Bad file descriptor) [pid 5878] close(10) = -1 EBADF (Bad file descriptor) [pid 5878] close(11) = -1 EBADF (Bad file descriptor) [pid 5878] close(12) = -1 EBADF (Bad file descriptor) [pid 5878] close(13) = -1 EBADF (Bad file descriptor) [pid 5878] close(14) = -1 EBADF (Bad file descriptor) [pid 5878] close(15) = -1 EBADF (Bad file descriptor) [pid 5878] close(16) = -1 EBADF (Bad file descriptor) [pid 5878] close(17) = -1 EBADF (Bad file descriptor) [pid 5878] close(18) = -1 EBADF (Bad file descriptor) [pid 5878] close(19) = -1 EBADF (Bad file descriptor) [pid 5878] close(20) = -1 EBADF (Bad file descriptor) [pid 5878] close(21) = -1 EBADF (Bad file descriptor) [pid 5878] close(22) = -1 EBADF (Bad file descriptor) [pid 5878] close(23) = -1 EBADF (Bad file descriptor) [pid 5878] close(24) = -1 EBADF (Bad file descriptor) [pid 5878] close(25) = -1 EBADF (Bad file descriptor) [pid 5878] close(26) = -1 EBADF (Bad file descriptor) [pid 5878] close(27) = -1 EBADF (Bad file descriptor) [pid 5878] close(28) = -1 EBADF (Bad file descriptor) [pid 5878] close(29) = -1 EBADF (Bad file descriptor) [pid 5878] exit_group(0) = ? [ 100.109593][ T5878] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5878] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=15, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=22 /* 0.22 s */} --- [pid 5835] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./13/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 100.260096][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./13/file1") = 0 [pid 5835] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./13/binderfs") = 0 [pid 5835] umount2("./13/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./13/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./13/cgroup.net") = 0 [pid 5835] umount2("./13/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./13/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./13/cgroup.cpu") = 0 [pid 5835] umount2("./13/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./13/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./13/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./13") = 0 [pid 5835] mkdir("./14", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5881 attached [pid 5881] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 16 [pid 5881] <... set_robust_list resumed>) = 0 [pid 5881] chdir("./14") = 0 [pid 5881] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5881] setpgid(0, 0) = 0 [pid 5881] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5881] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5881] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5881] write(3, "1000", 4) = 4 [pid 5881] close(3) = 0 [pid 5881] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5881] write(1, "executing program\n", 18) = 18 [pid 5881] memfd_create("syzkaller", 0) = 3 [pid 5881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5881] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5881] munmap(0x7fda1a200000, 138412032) = 0 [pid 5881] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5881] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5881] close(3) = 0 [pid 5881] close(4) = 0 [pid 5881] mkdir("./file1", 0777) = 0 [ 100.935315][ T5881] loop0: detected capacity change from 0 to 32768 [pid 5881] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5881] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5881] chdir("./file1") = 0 [pid 5881] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5881] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5881] close(3) = 0 [pid 5881] close(4) = -1 EBADF (Bad file descriptor) [pid 5881] close(5) = -1 EBADF (Bad file descriptor) [pid 5881] close(6) = -1 EBADF (Bad file descriptor) [pid 5881] close(7) = -1 EBADF (Bad file descriptor) [pid 5881] close(8) = -1 EBADF (Bad file descriptor) [pid 5881] close(9) = -1 EBADF (Bad file descriptor) [pid 5881] close(10) = -1 EBADF (Bad file descriptor) [pid 5881] close(11) = -1 EBADF (Bad file descriptor) [pid 5881] close(12) = -1 EBADF (Bad file descriptor) [pid 5881] close(13) = -1 EBADF (Bad file descriptor) [pid 5881] close(14) = -1 EBADF (Bad file descriptor) [pid 5881] close(15) = -1 EBADF (Bad file descriptor) [pid 5881] close(16) = -1 EBADF (Bad file descriptor) [pid 5881] close(17) = -1 EBADF (Bad file descriptor) [pid 5881] close(18) = -1 EBADF (Bad file descriptor) [pid 5881] close(19) = -1 EBADF (Bad file descriptor) [pid 5881] close(20) = -1 EBADF (Bad file descriptor) [pid 5881] close(21) = -1 EBADF (Bad file descriptor) [pid 5881] close(22) = -1 EBADF (Bad file descriptor) [pid 5881] close(23) = -1 EBADF (Bad file descriptor) [pid 5881] close(24) = -1 EBADF (Bad file descriptor) [pid 5881] close(25) = -1 EBADF (Bad file descriptor) [pid 5881] close(26) = -1 EBADF (Bad file descriptor) [pid 5881] close(27) = -1 EBADF (Bad file descriptor) [pid 5881] close(28) = -1 EBADF (Bad file descriptor) [pid 5881] close(29) = -1 EBADF (Bad file descriptor) [pid 5881] exit_group(0) = ? [ 100.982030][ T5881] JBD2: Ignoring recovery information on journal [ 101.018621][ T5881] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5881] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./14/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 101.137519][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./14/file1") = 0 [pid 5835] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./14/binderfs") = 0 [pid 5835] umount2("./14/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./14/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./14/cgroup.net") = 0 [pid 5835] umount2("./14/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./14/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./14/cgroup.cpu") = 0 [pid 5835] umount2("./14/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./14/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./14/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./14") = 0 [pid 5835] mkdir("./15", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5884 attached , child_tidptr=0x555561f8f750) = 17 [pid 5884] set_robust_list(0x555561f8f760, 24) = 0 [pid 5884] chdir("./15") = 0 [pid 5884] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5884] setpgid(0, 0) = 0 [pid 5884] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5884] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5884] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5884] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5884] write(3, "1000", 4) = 4 [pid 5884] close(3) = 0 [pid 5884] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5884] write(1, "executing program\n", 18) = 18 [pid 5884] memfd_create("syzkaller", 0) = 3 [pid 5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5884] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5884] munmap(0x7fda1a200000, 138412032) = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5884] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5884] close(3) = 0 [pid 5884] close(4) = 0 [pid 5884] mkdir("./file1", 0777) = 0 [ 101.797473][ T5884] loop0: detected capacity change from 0 to 32768 [pid 5884] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5884] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5884] chdir("./file1") = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5884] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5884] close(3) = 0 [pid 5884] close(4) = -1 EBADF (Bad file descriptor) [pid 5884] close(5) = -1 EBADF (Bad file descriptor) [pid 5884] close(6) = -1 EBADF (Bad file descriptor) [pid 5884] close(7) = -1 EBADF (Bad file descriptor) [pid 5884] close(8) = -1 EBADF (Bad file descriptor) [pid 5884] close(9) = -1 EBADF (Bad file descriptor) [pid 5884] close(10) = -1 EBADF (Bad file descriptor) [pid 5884] close(11) = -1 EBADF (Bad file descriptor) [pid 5884] close(12) = -1 EBADF (Bad file descriptor) [pid 5884] close(13) = -1 EBADF (Bad file descriptor) [pid 5884] close(14) = -1 EBADF (Bad file descriptor) [pid 5884] close(15) = -1 EBADF (Bad file descriptor) [pid 5884] close(16) = -1 EBADF (Bad file descriptor) [pid 5884] close(17) = -1 EBADF (Bad file descriptor) [pid 5884] close(18) = -1 EBADF (Bad file descriptor) [pid 5884] close(19) = -1 EBADF (Bad file descriptor) [pid 5884] close(20) = -1 EBADF (Bad file descriptor) [pid 5884] close(21) = -1 EBADF (Bad file descriptor) [pid 5884] close(22) = -1 EBADF (Bad file descriptor) [pid 5884] close(23) = -1 EBADF (Bad file descriptor) [pid 5884] close(24) = -1 EBADF (Bad file descriptor) [pid 5884] close(25) = -1 EBADF (Bad file descriptor) [pid 5884] close(26) = -1 EBADF (Bad file descriptor) [pid 5884] close(27) = -1 EBADF (Bad file descriptor) [pid 5884] close(28) = -1 EBADF (Bad file descriptor) [pid 5884] close(29) = -1 EBADF (Bad file descriptor) [pid 5884] exit_group(0) = ? [pid 5884] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=17, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 101.852156][ T5884] JBD2: Ignoring recovery information on journal [ 101.880039][ T5884] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./15/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 101.942760][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./15/file1") = 0 [pid 5835] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./15/binderfs") = 0 [pid 5835] umount2("./15/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./15/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./15/cgroup.net") = 0 [pid 5835] umount2("./15/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./15/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./15/cgroup.cpu") = 0 [pid 5835] umount2("./15/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./15/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./15/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./15") = 0 [pid 5835] mkdir("./16", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561f8f750) = 18 ./strace-static-x86_64: Process 5887 attached [pid 5887] set_robust_list(0x555561f8f760, 24) = 0 [pid 5887] chdir("./16") = 0 [pid 5887] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5887] setpgid(0, 0) = 0 [pid 5887] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5887] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5887] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5887] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5887] write(3, "1000", 4) = 4 [pid 5887] close(3) = 0 [pid 5887] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5887] write(1, "executing program\n", 18) = 18 [pid 5887] memfd_create("syzkaller", 0) = 3 [pid 5887] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5887] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5887] munmap(0x7fda1a200000, 138412032) = 0 [pid 5887] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5887] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5887] close(3) = 0 [pid 5887] close(4) = 0 [pid 5887] mkdir("./file1", 0777) = 0 [ 102.657869][ T5887] loop0: detected capacity change from 0 to 32768 [pid 5887] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5887] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5887] chdir("./file1") = 0 [pid 5887] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5887] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5887] close(3) = 0 [pid 5887] close(4) = -1 EBADF (Bad file descriptor) [pid 5887] close(5) = -1 EBADF (Bad file descriptor) [pid 5887] close(6) = -1 EBADF (Bad file descriptor) [pid 5887] close(7) = -1 EBADF (Bad file descriptor) [pid 5887] close(8) = -1 EBADF (Bad file descriptor) [pid 5887] close(9) = -1 EBADF (Bad file descriptor) [pid 5887] close(10) = -1 EBADF (Bad file descriptor) [pid 5887] close(11) = -1 EBADF (Bad file descriptor) [pid 5887] close(12) = -1 EBADF (Bad file descriptor) [pid 5887] close(13) = -1 EBADF (Bad file descriptor) [pid 5887] close(14) = -1 EBADF (Bad file descriptor) [pid 5887] close(15) = -1 EBADF (Bad file descriptor) [pid 5887] close(16) = -1 EBADF (Bad file descriptor) [pid 5887] close(17) = -1 EBADF (Bad file descriptor) [pid 5887] close(18) = -1 EBADF (Bad file descriptor) [pid 5887] close(19) = -1 EBADF (Bad file descriptor) [pid 5887] close(20) = -1 EBADF (Bad file descriptor) [pid 5887] close(21) = -1 EBADF (Bad file descriptor) [pid 5887] close(22) = -1 EBADF (Bad file descriptor) [pid 5887] close(23) = -1 EBADF (Bad file descriptor) [pid 5887] close(24) = -1 EBADF (Bad file descriptor) [pid 5887] close(25) = -1 EBADF (Bad file descriptor) [pid 5887] close(26) = -1 EBADF (Bad file descriptor) [pid 5887] close(27) = -1 EBADF (Bad file descriptor) [pid 5887] close(28) = -1 EBADF (Bad file descriptor) [ 102.709677][ T5887] JBD2: Ignoring recovery information on journal [ 102.744868][ T5887] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5887] close(29) = -1 EBADF (Bad file descriptor) [pid 5887] exit_group(0) = ? [pid 5887] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=17 /* 0.17 s */} --- [pid 5835] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./16/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 102.833128][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./16/file1") = 0 [pid 5835] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./16/binderfs") = 0 [pid 5835] umount2("./16/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./16/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./16/cgroup.net") = 0 [pid 5835] umount2("./16/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./16/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./16/cgroup.cpu") = 0 [pid 5835] umount2("./16/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./16/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./16/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./16") = 0 [pid 5835] mkdir("./17", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5890 attached , child_tidptr=0x555561f8f750) = 19 [pid 5890] set_robust_list(0x555561f8f760, 24) = 0 [pid 5890] chdir("./17") = 0 [pid 5890] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5890] setpgid(0, 0) = 0 [pid 5890] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5890] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5890] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5890] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5890] write(3, "1000", 4) = 4 [pid 5890] close(3) = 0 [pid 5890] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5890] write(1, "executing program\n", 18) = 18 [pid 5890] memfd_create("syzkaller", 0) = 3 [pid 5890] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5890] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5890] munmap(0x7fda1a200000, 138412032) = 0 [pid 5890] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5890] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5890] close(3) = 0 [pid 5890] close(4) = 0 [pid 5890] mkdir("./file1", 0777) = 0 [ 103.435419][ T5890] loop0: detected capacity change from 0 to 32768 [ 103.465846][ T5890] JBD2: Ignoring recovery information on journal [pid 5890] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5890] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5890] chdir("./file1") = 0 [pid 5890] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5890] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5890] close(3) = 0 [pid 5890] close(4) = -1 EBADF (Bad file descriptor) [pid 5890] close(5) = -1 EBADF (Bad file descriptor) [pid 5890] close(6) = -1 EBADF (Bad file descriptor) [pid 5890] close(7) = -1 EBADF (Bad file descriptor) [pid 5890] close(8) = -1 EBADF (Bad file descriptor) [pid 5890] close(9) = -1 EBADF (Bad file descriptor) [pid 5890] close(10) = -1 EBADF (Bad file descriptor) [pid 5890] close(11) = -1 EBADF (Bad file descriptor) [pid 5890] close(12) = -1 EBADF (Bad file descriptor) [pid 5890] close(13) = -1 EBADF (Bad file descriptor) [pid 5890] close(14) = -1 EBADF (Bad file descriptor) [pid 5890] close(15) = -1 EBADF (Bad file descriptor) [pid 5890] close(16) = -1 EBADF (Bad file descriptor) [pid 5890] close(17) = -1 EBADF (Bad file descriptor) [pid 5890] close(18) = -1 EBADF (Bad file descriptor) [pid 5890] close(19) = -1 EBADF (Bad file descriptor) [pid 5890] close(20) = -1 EBADF (Bad file descriptor) [pid 5890] close(21) = -1 EBADF (Bad file descriptor) [pid 5890] close(22) = -1 EBADF (Bad file descriptor) [pid 5890] close(23) = -1 EBADF (Bad file descriptor) [pid 5890] close(24) = -1 EBADF (Bad file descriptor) [pid 5890] close(25) = -1 EBADF (Bad file descriptor) [pid 5890] close(26) = -1 EBADF (Bad file descriptor) [pid 5890] close(27) = -1 EBADF (Bad file descriptor) [pid 5890] close(28) = -1 EBADF (Bad file descriptor) [pid 5890] close(29) = -1 EBADF (Bad file descriptor) [pid 5890] exit_group(0) = ? [ 103.498028][ T5890] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5890] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=18 /* 0.18 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./17/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [ 103.638177][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] rmdir("./17/file1") = 0 [pid 5835] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./17/binderfs") = 0 [pid 5835] umount2("./17/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./17/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./17/cgroup.net") = 0 [pid 5835] umount2("./17/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./17/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./17/cgroup.cpu") = 0 [pid 5835] umount2("./17/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./17/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./17/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./17") = 0 [pid 5835] mkdir("./18", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5893 attached [pid 5893] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 20 [pid 5893] <... set_robust_list resumed>) = 0 [pid 5893] chdir("./18") = 0 [pid 5893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5893] setpgid(0, 0) = 0 [pid 5893] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5893] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5893] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5893] write(3, "1000", 4) = 4 [pid 5893] close(3) = 0 [pid 5893] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5893] write(1, "executing program\n", 18executing program ) = 18 [pid 5893] memfd_create("syzkaller", 0) = 3 [pid 5893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5893] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5893] munmap(0x7fda1a200000, 138412032) = 0 [pid 5893] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5893] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5893] close(3) = 0 [pid 5893] close(4) = 0 [pid 5893] mkdir("./file1", 0777) = 0 [ 104.249852][ T5893] loop0: detected capacity change from 0 to 32768 [pid 5893] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5893] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5893] chdir("./file1") = 0 [pid 5893] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5893] symlink(NULL, NULL) = -1 EFAULT (Bad address) [ 104.300912][ T5893] JBD2: Ignoring recovery information on journal [ 104.336783][ T5893] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5893] close(3) = 0 [pid 5893] close(4) = -1 EBADF (Bad file descriptor) [pid 5893] close(5) = -1 EBADF (Bad file descriptor) [pid 5893] close(6) = -1 EBADF (Bad file descriptor) [pid 5893] close(7) = -1 EBADF (Bad file descriptor) [pid 5893] close(8) = -1 EBADF (Bad file descriptor) [pid 5893] close(9) = -1 EBADF (Bad file descriptor) [pid 5893] close(10) = -1 EBADF (Bad file descriptor) [pid 5893] close(11) = -1 EBADF (Bad file descriptor) [pid 5893] close(12) = -1 EBADF (Bad file descriptor) [pid 5893] close(13) = -1 EBADF (Bad file descriptor) [pid 5893] close(14) = -1 EBADF (Bad file descriptor) [pid 5893] close(15) = -1 EBADF (Bad file descriptor) [pid 5893] close(16) = -1 EBADF (Bad file descriptor) [pid 5893] close(17) = -1 EBADF (Bad file descriptor) [pid 5893] close(18) = -1 EBADF (Bad file descriptor) [pid 5893] close(19) = -1 EBADF (Bad file descriptor) [pid 5893] close(20) = -1 EBADF (Bad file descriptor) [pid 5893] close(21) = -1 EBADF (Bad file descriptor) [pid 5893] close(22) = -1 EBADF (Bad file descriptor) [pid 5893] close(23) = -1 EBADF (Bad file descriptor) [pid 5893] close(24) = -1 EBADF (Bad file descriptor) [pid 5893] close(25) = -1 EBADF (Bad file descriptor) [pid 5893] close(26) = -1 EBADF (Bad file descriptor) [pid 5893] close(27) = -1 EBADF (Bad file descriptor) [pid 5893] close(28) = -1 EBADF (Bad file descriptor) [pid 5893] close(29) = -1 EBADF (Bad file descriptor) [pid 5893] exit_group(0) = ? [pid 5893] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./18/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 104.472119][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./18/file1") = 0 [pid 5835] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./18/binderfs") = 0 [pid 5835] umount2("./18/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./18/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./18/cgroup.net") = 0 [pid 5835] umount2("./18/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./18/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./18/cgroup.cpu") = 0 [pid 5835] umount2("./18/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./18/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./18/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./18") = 0 [pid 5835] mkdir("./19", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561f8f750) = 21 ./strace-static-x86_64: Process 5896 attached [pid 5896] set_robust_list(0x555561f8f760, 24) = 0 [pid 5896] chdir("./19") = 0 [pid 5896] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5896] setpgid(0, 0) = 0 [pid 5896] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5896] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5896] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5896] write(3, "1000", 4) = 4 [pid 5896] close(3) = 0 [pid 5896] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5896] write(1, "executing program\n", 18executing program ) = 18 [pid 5896] memfd_create("syzkaller", 0) = 3 [pid 5896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5896] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5896] munmap(0x7fda1a200000, 138412032) = 0 [pid 5896] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5896] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5896] close(3) = 0 [pid 5896] close(4) = 0 [pid 5896] mkdir("./file1", 0777) = 0 [ 105.200854][ T5896] loop0: detected capacity change from 0 to 32768 [pid 5896] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5896] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5896] chdir("./file1") = 0 [pid 5896] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 105.250798][ T5896] JBD2: Ignoring recovery information on journal [ 105.285984][ T5896] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5896] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5896] close(3) = 0 [pid 5896] close(4) = -1 EBADF (Bad file descriptor) [pid 5896] close(5) = -1 EBADF (Bad file descriptor) [pid 5896] close(6) = -1 EBADF (Bad file descriptor) [pid 5896] close(7) = -1 EBADF (Bad file descriptor) [pid 5896] close(8) = -1 EBADF (Bad file descriptor) [pid 5896] close(9) = -1 EBADF (Bad file descriptor) [pid 5896] close(10) = -1 EBADF (Bad file descriptor) [pid 5896] close(11) = -1 EBADF (Bad file descriptor) [pid 5896] close(12) = -1 EBADF (Bad file descriptor) [pid 5896] close(13) = -1 EBADF (Bad file descriptor) [pid 5896] close(14) = -1 EBADF (Bad file descriptor) [pid 5896] close(15) = -1 EBADF (Bad file descriptor) [pid 5896] close(16) = -1 EBADF (Bad file descriptor) [pid 5896] close(17) = -1 EBADF (Bad file descriptor) [pid 5896] close(18) = -1 EBADF (Bad file descriptor) [pid 5896] close(19) = -1 EBADF (Bad file descriptor) [pid 5896] close(20) = -1 EBADF (Bad file descriptor) [pid 5896] close(21) = -1 EBADF (Bad file descriptor) [pid 5896] close(22) = -1 EBADF (Bad file descriptor) [pid 5896] close(23) = -1 EBADF (Bad file descriptor) [pid 5896] close(24) = -1 EBADF (Bad file descriptor) [pid 5896] close(25) = -1 EBADF (Bad file descriptor) [pid 5896] close(26) = -1 EBADF (Bad file descriptor) [pid 5896] close(27) = -1 EBADF (Bad file descriptor) [pid 5896] close(28) = -1 EBADF (Bad file descriptor) [pid 5896] close(29) = -1 EBADF (Bad file descriptor) [pid 5896] exit_group(0) = ? [pid 5896] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=21, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./19/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./19/file1") = 0 [pid 5835] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./19/binderfs") = 0 [pid 5835] umount2("./19/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./19/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./19/cgroup.net") = 0 [pid 5835] umount2("./19/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./19/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./19/cgroup.cpu") = 0 [pid 5835] umount2("./19/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./19/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./19/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./19") = 0 [pid 5835] mkdir("./20", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 105.440750][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5899 attached , child_tidptr=0x555561f8f750) = 22 [pid 5899] set_robust_list(0x555561f8f760, 24) = 0 [pid 5899] chdir("./20") = 0 [pid 5899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5899] setpgid(0, 0) = 0 [pid 5899] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5899] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5899] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5899] write(3, "1000", 4) = 4 [pid 5899] close(3) = 0 [pid 5899] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5899] write(1, "executing program\n", 18executing program ) = 18 [pid 5899] memfd_create("syzkaller", 0) = 3 [pid 5899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5899] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5899] munmap(0x7fda1a200000, 138412032) = 0 [pid 5899] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5899] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5899] close(3) = 0 [pid 5899] close(4) = 0 [pid 5899] mkdir("./file1", 0777) = 0 [ 105.859577][ T5899] loop0: detected capacity change from 0 to 32768 [ 105.880976][ T5899] JBD2: Ignoring recovery information on journal [pid 5899] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5899] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5899] chdir("./file1") = 0 [pid 5899] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5899] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5899] close(3) = 0 [pid 5899] close(4) = -1 EBADF (Bad file descriptor) [pid 5899] close(5) = -1 EBADF (Bad file descriptor) [pid 5899] close(6) = -1 EBADF (Bad file descriptor) [pid 5899] close(7) = -1 EBADF (Bad file descriptor) [pid 5899] close(8) = -1 EBADF (Bad file descriptor) [pid 5899] close(9) = -1 EBADF (Bad file descriptor) [pid 5899] close(10) = -1 EBADF (Bad file descriptor) [pid 5899] close(11) = -1 EBADF (Bad file descriptor) [pid 5899] close(12) = -1 EBADF (Bad file descriptor) [pid 5899] close(13) = -1 EBADF (Bad file descriptor) [pid 5899] close(14) = -1 EBADF (Bad file descriptor) [pid 5899] close(15) = -1 EBADF (Bad file descriptor) [pid 5899] close(16) = -1 EBADF (Bad file descriptor) [pid 5899] close(17) = -1 EBADF (Bad file descriptor) [pid 5899] close(18) = -1 EBADF (Bad file descriptor) [pid 5899] close(19) = -1 EBADF (Bad file descriptor) [pid 5899] close(20) = -1 EBADF (Bad file descriptor) [pid 5899] close(21) = -1 EBADF (Bad file descriptor) [pid 5899] close(22) = -1 EBADF (Bad file descriptor) [pid 5899] close(23) = -1 EBADF (Bad file descriptor) [pid 5899] close(24) = -1 EBADF (Bad file descriptor) [pid 5899] close(25) = -1 EBADF (Bad file descriptor) [pid 5899] close(26) = -1 EBADF (Bad file descriptor) [pid 5899] close(27) = -1 EBADF (Bad file descriptor) [pid 5899] close(28) = -1 EBADF (Bad file descriptor) [pid 5899] close(29) = -1 EBADF (Bad file descriptor) [pid 5899] exit_group(0) = ? [pid 5899] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=22 /* 0.22 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [ 105.929996][ T5899] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./20/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./20/file1") = 0 [ 105.975212][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./20/binderfs") = 0 [pid 5835] umount2("./20/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./20/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./20/cgroup.net") = 0 [pid 5835] umount2("./20/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./20/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./20/cgroup.cpu") = 0 [pid 5835] umount2("./20/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./20/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./20/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./20") = 0 [pid 5835] mkdir("./21", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5902 attached , child_tidptr=0x555561f8f750) = 23 [pid 5902] set_robust_list(0x555561f8f760, 24) = 0 [pid 5902] chdir("./21") = 0 [pid 5902] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5902] setpgid(0, 0) = 0 [pid 5902] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5902] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5902] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5902] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5902] write(3, "1000", 4) = 4 [pid 5902] close(3) = 0 [pid 5902] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5902] write(1, "executing program\n", 18) = 18 [pid 5902] memfd_create("syzkaller", 0) = 3 [pid 5902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5902] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5902] munmap(0x7fda1a200000, 138412032) = 0 [pid 5902] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5902] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5902] close(3) = 0 [pid 5902] close(4) = 0 [pid 5902] mkdir("./file1", 0777) = 0 [ 106.554492][ T5902] loop0: detected capacity change from 0 to 32768 [pid 5902] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5902] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5902] chdir("./file1") = 0 [pid 5902] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5902] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5902] close(3) = 0 [pid 5902] close(4) = -1 EBADF (Bad file descriptor) [pid 5902] close(5) = -1 EBADF (Bad file descriptor) [pid 5902] close(6) = -1 EBADF (Bad file descriptor) [pid 5902] close(7) = -1 EBADF (Bad file descriptor) [pid 5902] close(8) = -1 EBADF (Bad file descriptor) [pid 5902] close(9) = -1 EBADF (Bad file descriptor) [pid 5902] close(10) = -1 EBADF (Bad file descriptor) [pid 5902] close(11) = -1 EBADF (Bad file descriptor) [pid 5902] close(12) = -1 EBADF (Bad file descriptor) [pid 5902] close(13) = -1 EBADF (Bad file descriptor) [pid 5902] close(14) = -1 EBADF (Bad file descriptor) [pid 5902] close(15) = -1 EBADF (Bad file descriptor) [pid 5902] close(16) = -1 EBADF (Bad file descriptor) [pid 5902] close(17) = -1 EBADF (Bad file descriptor) [pid 5902] close(18) = -1 EBADF (Bad file descriptor) [pid 5902] close(19) = -1 EBADF (Bad file descriptor) [pid 5902] close(20) = -1 EBADF (Bad file descriptor) [pid 5902] close(21) = -1 EBADF (Bad file descriptor) [pid 5902] close(22) = -1 EBADF (Bad file descriptor) [pid 5902] close(23) = -1 EBADF (Bad file descriptor) [pid 5902] close(24) = -1 EBADF (Bad file descriptor) [pid 5902] close(25) = -1 EBADF (Bad file descriptor) [pid 5902] close(26) = -1 EBADF (Bad file descriptor) [pid 5902] close(27) = -1 EBADF (Bad file descriptor) [pid 5902] close(28) = -1 EBADF (Bad file descriptor) [pid 5902] close(29) = -1 EBADF (Bad file descriptor) [pid 5902] exit_group(0) = ? [ 106.617420][ T5902] JBD2: Ignoring recovery information on journal [ 106.652420][ T5902] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5902] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=23, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=16 /* 0.16 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./21/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [ 106.786223][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./21/file1") = 0 [pid 5835] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./21/binderfs") = 0 [pid 5835] umount2("./21/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./21/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./21/cgroup.net") = 0 [pid 5835] umount2("./21/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./21/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./21/cgroup.cpu") = 0 [pid 5835] umount2("./21/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./21/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./21/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./21") = 0 [pid 5835] mkdir("./22", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561f8f750) = 24 ./strace-static-x86_64: Process 5905 attached [pid 5905] set_robust_list(0x555561f8f760, 24) = 0 [pid 5905] chdir("./22") = 0 [pid 5905] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5905] setpgid(0, 0) = 0 [pid 5905] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5905] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5905] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5905] write(3, "1000", 4) = 4 [pid 5905] close(3) = 0 [pid 5905] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5905] write(1, "executing program\n", 18executing program ) = 18 [pid 5905] memfd_create("syzkaller", 0) = 3 [pid 5905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5905] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5905] munmap(0x7fda1a200000, 138412032) = 0 [pid 5905] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5905] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5905] close(3) = 0 [pid 5905] close(4) = 0 [pid 5905] mkdir("./file1", 0777) = 0 [ 107.423378][ T5905] loop0: detected capacity change from 0 to 32768 [pid 5905] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5905] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5905] chdir("./file1") = 0 [pid 5905] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5905] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5905] close(3) = 0 [pid 5905] close(4) = -1 EBADF (Bad file descriptor) [pid 5905] close(5) = -1 EBADF (Bad file descriptor) [ 107.466365][ T5905] JBD2: Ignoring recovery information on journal [ 107.500322][ T5905] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5905] close(6) = -1 EBADF (Bad file descriptor) [pid 5905] close(7) = -1 EBADF (Bad file descriptor) [pid 5905] close(8) = -1 EBADF (Bad file descriptor) [pid 5905] close(9) = -1 EBADF (Bad file descriptor) [pid 5905] close(10) = -1 EBADF (Bad file descriptor) [pid 5905] close(11) = -1 EBADF (Bad file descriptor) [pid 5905] close(12) = -1 EBADF (Bad file descriptor) [pid 5905] close(13) = -1 EBADF (Bad file descriptor) [pid 5905] close(14) = -1 EBADF (Bad file descriptor) [pid 5905] close(15) = -1 EBADF (Bad file descriptor) [pid 5905] close(16) = -1 EBADF (Bad file descriptor) [pid 5905] close(17) = -1 EBADF (Bad file descriptor) [pid 5905] close(18) = -1 EBADF (Bad file descriptor) [pid 5905] close(19) = -1 EBADF (Bad file descriptor) [pid 5905] close(20) = -1 EBADF (Bad file descriptor) [pid 5905] close(21) = -1 EBADF (Bad file descriptor) [pid 5905] close(22) = -1 EBADF (Bad file descriptor) [pid 5905] close(23) = -1 EBADF (Bad file descriptor) [pid 5905] close(24) = -1 EBADF (Bad file descriptor) [pid 5905] close(25) = -1 EBADF (Bad file descriptor) [pid 5905] close(26) = -1 EBADF (Bad file descriptor) [pid 5905] close(27) = -1 EBADF (Bad file descriptor) [pid 5905] close(28) = -1 EBADF (Bad file descriptor) [pid 5905] close(29) = -1 EBADF (Bad file descriptor) [pid 5905] exit_group(0) = ? [pid 5905] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./22/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [ 107.658082][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(4) = 0 [pid 5835] rmdir("./22/file1") = 0 [pid 5835] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./22/binderfs") = 0 [pid 5835] umount2("./22/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./22/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./22/cgroup.net") = 0 [pid 5835] umount2("./22/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./22/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./22/cgroup.cpu") = 0 [pid 5835] umount2("./22/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./22/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./22/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./22") = 0 [pid 5835] mkdir("./23", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5908 attached , child_tidptr=0x555561f8f750) = 25 [pid 5908] set_robust_list(0x555561f8f760, 24) = 0 [pid 5908] chdir("./23") = 0 [pid 5908] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5908] setpgid(0, 0) = 0 [pid 5908] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5908] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5908] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5908] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5908] write(3, "1000", 4) = 4 [pid 5908] close(3) = 0 [pid 5908] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5908] write(1, "executing program\n", 18executing program ) = 18 [pid 5908] memfd_create("syzkaller", 0) = 3 [pid 5908] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5908] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5908] munmap(0x7fda1a200000, 138412032) = 0 [pid 5908] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5908] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5908] close(3) = 0 [pid 5908] close(4) = 0 [pid 5908] mkdir("./file1", 0777) = 0 [ 108.303388][ T5908] loop0: detected capacity change from 0 to 32768 [pid 5908] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5908] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5908] chdir("./file1") = 0 [pid 5908] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5908] symlink(NULL, NULL) = -1 EFAULT (Bad address) [ 108.367571][ T5908] JBD2: Ignoring recovery information on journal [ 108.403725][ T5908] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5908] close(3) = 0 [pid 5908] close(4) = -1 EBADF (Bad file descriptor) [pid 5908] close(5) = -1 EBADF (Bad file descriptor) [pid 5908] close(6) = -1 EBADF (Bad file descriptor) [pid 5908] close(7) = -1 EBADF (Bad file descriptor) [pid 5908] close(8) = -1 EBADF (Bad file descriptor) [pid 5908] close(9) = -1 EBADF (Bad file descriptor) [pid 5908] close(10) = -1 EBADF (Bad file descriptor) [pid 5908] close(11) = -1 EBADF (Bad file descriptor) [pid 5908] close(12) = -1 EBADF (Bad file descriptor) [pid 5908] close(13) = -1 EBADF (Bad file descriptor) [pid 5908] close(14) = -1 EBADF (Bad file descriptor) [pid 5908] close(15) = -1 EBADF (Bad file descriptor) [pid 5908] close(16) = -1 EBADF (Bad file descriptor) [pid 5908] close(17) = -1 EBADF (Bad file descriptor) [pid 5908] close(18) = -1 EBADF (Bad file descriptor) [pid 5908] close(19) = -1 EBADF (Bad file descriptor) [pid 5908] close(20) = -1 EBADF (Bad file descriptor) [pid 5908] close(21) = -1 EBADF (Bad file descriptor) [pid 5908] close(22) = -1 EBADF (Bad file descriptor) [pid 5908] close(23) = -1 EBADF (Bad file descriptor) [pid 5908] close(24) = -1 EBADF (Bad file descriptor) [pid 5908] close(25) = -1 EBADF (Bad file descriptor) [pid 5908] close(26) = -1 EBADF (Bad file descriptor) [pid 5908] close(27) = -1 EBADF (Bad file descriptor) [pid 5908] close(28) = -1 EBADF (Bad file descriptor) [pid 5908] close(29) = -1 EBADF (Bad file descriptor) [pid 5908] exit_group(0) = ? [pid 5908] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=25, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5835] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./23/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [ 108.518343][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./23/file1") = 0 [pid 5835] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./23/binderfs") = 0 [pid 5835] umount2("./23/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./23/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./23/cgroup.net") = 0 [pid 5835] umount2("./23/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./23/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./23/cgroup.cpu") = 0 [pid 5835] umount2("./23/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./23/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./23/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./23") = 0 [pid 5835] mkdir("./24", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5911 attached [pid 5911] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 26 [pid 5911] <... set_robust_list resumed>) = 0 [pid 5911] chdir("./24") = 0 [pid 5911] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5911] setpgid(0, 0) = 0 [pid 5911] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5911] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5911] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5911] write(3, "1000", 4) = 4 [pid 5911] close(3) = 0 [pid 5911] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5911] write(1, "executing program\n", 18) = 18 [pid 5911] memfd_create("syzkaller", 0) = 3 [pid 5911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5911] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5911] munmap(0x7fda1a200000, 138412032) = 0 [pid 5911] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5911] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5911] close(3) = 0 [pid 5911] close(4) = 0 [pid 5911] mkdir("./file1", 0777) = 0 [ 109.213753][ T5911] loop0: detected capacity change from 0 to 32768 [ 109.237796][ T5911] JBD2: Ignoring recovery information on journal [pid 5911] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5911] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5911] chdir("./file1") = 0 [pid 5911] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5911] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5911] close(3) = 0 [pid 5911] close(4) = -1 EBADF (Bad file descriptor) [pid 5911] close(5) = -1 EBADF (Bad file descriptor) [pid 5911] close(6) = -1 EBADF (Bad file descriptor) [pid 5911] close(7) = -1 EBADF (Bad file descriptor) [pid 5911] close(8) = -1 EBADF (Bad file descriptor) [pid 5911] close(9) = -1 EBADF (Bad file descriptor) [pid 5911] close(10) = -1 EBADF (Bad file descriptor) [pid 5911] close(11) = -1 EBADF (Bad file descriptor) [pid 5911] close(12) = -1 EBADF (Bad file descriptor) [pid 5911] close(13) = -1 EBADF (Bad file descriptor) [pid 5911] close(14) = -1 EBADF (Bad file descriptor) [pid 5911] close(15) = -1 EBADF (Bad file descriptor) [pid 5911] close(16) = -1 EBADF (Bad file descriptor) [pid 5911] close(17) = -1 EBADF (Bad file descriptor) [pid 5911] close(18) = -1 EBADF (Bad file descriptor) [pid 5911] close(19) = -1 EBADF (Bad file descriptor) [pid 5911] close(20) = -1 EBADF (Bad file descriptor) [pid 5911] close(21) = -1 EBADF (Bad file descriptor) [pid 5911] close(22) = -1 EBADF (Bad file descriptor) [pid 5911] close(23) = -1 EBADF (Bad file descriptor) [pid 5911] close(24) = -1 EBADF (Bad file descriptor) [pid 5911] close(25) = -1 EBADF (Bad file descriptor) [pid 5911] close(26) = -1 EBADF (Bad file descriptor) [pid 5911] close(27) = -1 EBADF (Bad file descriptor) [pid 5911] close(28) = -1 EBADF (Bad file descriptor) [pid 5911] close(29) = -1 EBADF (Bad file descriptor) [pid 5911] exit_group(0) = ? [pid 5911] +++ exited with 0 +++ [ 109.277404][ T5911] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./24/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 109.389537][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./24/file1") = 0 [pid 5835] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./24/binderfs") = 0 [pid 5835] umount2("./24/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./24/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./24/cgroup.net") = 0 [pid 5835] umount2("./24/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./24/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./24/cgroup.cpu") = 0 [pid 5835] umount2("./24/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./24/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./24/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./24") = 0 [pid 5835] mkdir("./25", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5914 attached , child_tidptr=0x555561f8f750) = 27 [pid 5914] set_robust_list(0x555561f8f760, 24) = 0 [pid 5914] chdir("./25") = 0 [pid 5914] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5914] setpgid(0, 0) = 0 [pid 5914] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5914] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5914] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5914] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5914] write(3, "1000", 4) = 4 [pid 5914] close(3) = 0 [pid 5914] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5914] write(1, "executing program\n", 18executing program ) = 18 [pid 5914] memfd_create("syzkaller", 0) = 3 [pid 5914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5914] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5914] munmap(0x7fda1a200000, 138412032) = 0 [pid 5914] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5914] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5914] close(3) = 0 [pid 5914] close(4) = 0 [pid 5914] mkdir("./file1", 0777) = 0 [ 110.116617][ T5914] loop0: detected capacity change from 0 to 32768 [pid 5914] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5914] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5914] chdir("./file1") = 0 [pid 5914] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 110.183235][ T5914] JBD2: Ignoring recovery information on journal [ 110.222293][ T5914] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5914] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5914] close(3) = 0 [pid 5914] close(4) = -1 EBADF (Bad file descriptor) [pid 5914] close(5) = -1 EBADF (Bad file descriptor) [pid 5914] close(6) = -1 EBADF (Bad file descriptor) [pid 5914] close(7) = -1 EBADF (Bad file descriptor) [pid 5914] close(8) = -1 EBADF (Bad file descriptor) [pid 5914] close(9) = -1 EBADF (Bad file descriptor) [pid 5914] close(10) = -1 EBADF (Bad file descriptor) [pid 5914] close(11) = -1 EBADF (Bad file descriptor) [pid 5914] close(12) = -1 EBADF (Bad file descriptor) [pid 5914] close(13) = -1 EBADF (Bad file descriptor) [pid 5914] close(14) = -1 EBADF (Bad file descriptor) [pid 5914] close(15) = -1 EBADF (Bad file descriptor) [pid 5914] close(16) = -1 EBADF (Bad file descriptor) [pid 5914] close(17) = -1 EBADF (Bad file descriptor) [pid 5914] close(18) = -1 EBADF (Bad file descriptor) [pid 5914] close(19) = -1 EBADF (Bad file descriptor) [pid 5914] close(20) = -1 EBADF (Bad file descriptor) [pid 5914] close(21) = -1 EBADF (Bad file descriptor) [pid 5914] close(22) = -1 EBADF (Bad file descriptor) [pid 5914] close(23) = -1 EBADF (Bad file descriptor) [pid 5914] close(24) = -1 EBADF (Bad file descriptor) [pid 5914] close(25) = -1 EBADF (Bad file descriptor) [pid 5914] close(26) = -1 EBADF (Bad file descriptor) [pid 5914] close(27) = -1 EBADF (Bad file descriptor) [pid 5914] close(28) = -1 EBADF (Bad file descriptor) [pid 5914] close(29) = -1 EBADF (Bad file descriptor) [pid 5914] exit_group(0) = ? [pid 5914] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=27, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./25/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./25/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./25/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./25/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./25/file1") = 0 [ 110.326299][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./25/binderfs") = 0 [pid 5835] umount2("./25/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./25/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./25/cgroup.net") = 0 [pid 5835] umount2("./25/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./25/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./25/cgroup.cpu") = 0 [pid 5835] umount2("./25/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./25/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./25/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./25") = 0 [pid 5835] mkdir("./26", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5917 attached , child_tidptr=0x555561f8f750) = 28 [pid 5917] set_robust_list(0x555561f8f760, 24) = 0 [pid 5917] chdir("./26") = 0 [pid 5917] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5917] setpgid(0, 0) = 0 [pid 5917] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5917] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5917] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5917] write(3, "1000", 4) = 4 [pid 5917] close(3) = 0 [pid 5917] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5917] write(1, "executing program\n", 18executing program ) = 18 [pid 5917] memfd_create("syzkaller", 0) = 3 [pid 5917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5917] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5917] munmap(0x7fda1a200000, 138412032) = 0 [pid 5917] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5917] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5917] close(3) = 0 [pid 5917] close(4) = 0 [pid 5917] mkdir("./file1", 0777) = 0 [ 110.933340][ T5917] loop0: detected capacity change from 0 to 32768 [ 110.965363][ T5917] JBD2: Ignoring recovery information on journal [pid 5917] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5917] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5917] chdir("./file1") = 0 [pid 5917] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5917] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5917] close(3) = 0 [pid 5917] close(4) = -1 EBADF (Bad file descriptor) [pid 5917] close(5) = -1 EBADF (Bad file descriptor) [pid 5917] close(6) = -1 EBADF (Bad file descriptor) [pid 5917] close(7) = -1 EBADF (Bad file descriptor) [pid 5917] close(8) = -1 EBADF (Bad file descriptor) [pid 5917] close(9) = -1 EBADF (Bad file descriptor) [pid 5917] close(10) = -1 EBADF (Bad file descriptor) [pid 5917] close(11) = -1 EBADF (Bad file descriptor) [pid 5917] close(12) = -1 EBADF (Bad file descriptor) [pid 5917] close(13) = -1 EBADF (Bad file descriptor) [pid 5917] close(14) = -1 EBADF (Bad file descriptor) [pid 5917] close(15) = -1 EBADF (Bad file descriptor) [pid 5917] close(16) = -1 EBADF (Bad file descriptor) [pid 5917] close(17) = -1 EBADF (Bad file descriptor) [pid 5917] close(18) = -1 EBADF (Bad file descriptor) [pid 5917] close(19) = -1 EBADF (Bad file descriptor) [pid 5917] close(20) = -1 EBADF (Bad file descriptor) [pid 5917] close(21) = -1 EBADF (Bad file descriptor) [pid 5917] close(22) = -1 EBADF (Bad file descriptor) [pid 5917] close(23) = -1 EBADF (Bad file descriptor) [pid 5917] close(24) = -1 EBADF (Bad file descriptor) [pid 5917] close(25) = -1 EBADF (Bad file descriptor) [pid 5917] close(26) = -1 EBADF (Bad file descriptor) [pid 5917] close(27) = -1 EBADF (Bad file descriptor) [pid 5917] close(28) = -1 EBADF (Bad file descriptor) [pid 5917] close(29) = -1 EBADF (Bad file descriptor) [pid 5917] exit_group(0) = ? [ 111.002204][ T5917] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5917] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=28, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./26/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./26/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./26/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./26/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 111.154138][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./26/file1") = 0 [pid 5835] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./26/binderfs") = 0 [pid 5835] umount2("./26/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./26/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./26/cgroup.net") = 0 [pid 5835] umount2("./26/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./26/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./26/cgroup.cpu") = 0 [pid 5835] umount2("./26/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./26/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./26/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./26") = 0 [pid 5835] mkdir("./27", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5920 attached , child_tidptr=0x555561f8f750) = 29 [pid 5920] set_robust_list(0x555561f8f760, 24) = 0 [pid 5920] chdir("./27") = 0 [pid 5920] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5920] setpgid(0, 0) = 0 [pid 5920] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5920] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5920] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5920] write(3, "1000", 4) = 4 [pid 5920] close(3) = 0 [pid 5920] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5920] write(1, "executing program\n", 18) = 18 [pid 5920] memfd_create("syzkaller", 0) = 3 [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5920] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5920] munmap(0x7fda1a200000, 138412032) = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5920] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5920] close(3) = 0 [pid 5920] close(4) = 0 [pid 5920] mkdir("./file1", 0777) = 0 [ 111.828236][ T5920] loop0: detected capacity change from 0 to 32768 [pid 5920] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5920] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 111.885716][ T5920] JBD2: Ignoring recovery information on journal [ 111.921445][ T5920] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5920] chdir("./file1") = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5920] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5920] close(3) = 0 [pid 5920] close(4) = -1 EBADF (Bad file descriptor) [pid 5920] close(5) = -1 EBADF (Bad file descriptor) [pid 5920] close(6) = -1 EBADF (Bad file descriptor) [pid 5920] close(7) = -1 EBADF (Bad file descriptor) [pid 5920] close(8) = -1 EBADF (Bad file descriptor) [pid 5920] close(9) = -1 EBADF (Bad file descriptor) [pid 5920] close(10) = -1 EBADF (Bad file descriptor) [pid 5920] close(11) = -1 EBADF (Bad file descriptor) [pid 5920] close(12) = -1 EBADF (Bad file descriptor) [pid 5920] close(13) = -1 EBADF (Bad file descriptor) [pid 5920] close(14) = -1 EBADF (Bad file descriptor) [pid 5920] close(15) = -1 EBADF (Bad file descriptor) [pid 5920] close(16) = -1 EBADF (Bad file descriptor) [pid 5920] close(17) = -1 EBADF (Bad file descriptor) [pid 5920] close(18) = -1 EBADF (Bad file descriptor) [pid 5920] close(19) = -1 EBADF (Bad file descriptor) [pid 5920] close(20) = -1 EBADF (Bad file descriptor) [pid 5920] close(21) = -1 EBADF (Bad file descriptor) [pid 5920] close(22) = -1 EBADF (Bad file descriptor) [pid 5920] close(23) = -1 EBADF (Bad file descriptor) [pid 5920] close(24) = -1 EBADF (Bad file descriptor) [pid 5920] close(25) = -1 EBADF (Bad file descriptor) [pid 5920] close(26) = -1 EBADF (Bad file descriptor) [pid 5920] close(27) = -1 EBADF (Bad file descriptor) [pid 5920] close(28) = -1 EBADF (Bad file descriptor) [pid 5920] close(29) = -1 EBADF (Bad file descriptor) [pid 5920] exit_group(0) = ? [pid 5920] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=29, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./27/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./27/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./27/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./27/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [ 112.115621][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./27/file1") = 0 [pid 5835] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./27/binderfs") = 0 [pid 5835] umount2("./27/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./27/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./27/cgroup.net") = 0 [pid 5835] umount2("./27/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./27/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./27/cgroup.cpu") = 0 [pid 5835] umount2("./27/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./27/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./27/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./27") = 0 [pid 5835] mkdir("./28", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5923 attached , child_tidptr=0x555561f8f750) = 30 [pid 5923] set_robust_list(0x555561f8f760, 24) = 0 [pid 5923] chdir("./28") = 0 [pid 5923] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5923] setpgid(0, 0) = 0 [pid 5923] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5923] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5923] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5923] write(3, "1000", 4) = 4 [pid 5923] close(3) = 0 [pid 5923] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5923] write(1, "executing program\n", 18) = 18 [pid 5923] memfd_create("syzkaller", 0) = 3 [pid 5923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5923] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5923] munmap(0x7fda1a200000, 138412032) = 0 [pid 5923] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5923] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5923] close(3) = 0 [pid 5923] close(4) = 0 [pid 5923] mkdir("./file1", 0777) = 0 [ 112.680897][ T5923] loop0: detected capacity change from 0 to 32768 [pid 5923] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5923] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5923] chdir("./file1") = 0 [pid 5923] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 112.736985][ T5923] JBD2: Ignoring recovery information on journal [ 112.771117][ T5923] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5923] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5923] close(3) = 0 [pid 5923] close(4) = -1 EBADF (Bad file descriptor) [pid 5923] close(5) = -1 EBADF (Bad file descriptor) [pid 5923] close(6) = -1 EBADF (Bad file descriptor) [pid 5923] close(7) = -1 EBADF (Bad file descriptor) [pid 5923] close(8) = -1 EBADF (Bad file descriptor) [pid 5923] close(9) = -1 EBADF (Bad file descriptor) [pid 5923] close(10) = -1 EBADF (Bad file descriptor) [pid 5923] close(11) = -1 EBADF (Bad file descriptor) [pid 5923] close(12) = -1 EBADF (Bad file descriptor) [pid 5923] close(13) = -1 EBADF (Bad file descriptor) [pid 5923] close(14) = -1 EBADF (Bad file descriptor) [pid 5923] close(15) = -1 EBADF (Bad file descriptor) [pid 5923] close(16) = -1 EBADF (Bad file descriptor) [pid 5923] close(17) = -1 EBADF (Bad file descriptor) [pid 5923] close(18) = -1 EBADF (Bad file descriptor) [pid 5923] close(19) = -1 EBADF (Bad file descriptor) [pid 5923] close(20) = -1 EBADF (Bad file descriptor) [pid 5923] close(21) = -1 EBADF (Bad file descriptor) [pid 5923] close(22) = -1 EBADF (Bad file descriptor) [pid 5923] close(23) = -1 EBADF (Bad file descriptor) [pid 5923] close(24) = -1 EBADF (Bad file descriptor) [pid 5923] close(25) = -1 EBADF (Bad file descriptor) [pid 5923] close(26) = -1 EBADF (Bad file descriptor) [pid 5923] close(27) = -1 EBADF (Bad file descriptor) [pid 5923] close(28) = -1 EBADF (Bad file descriptor) [pid 5923] close(29) = -1 EBADF (Bad file descriptor) [pid 5923] exit_group(0) = ? [pid 5923] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=30, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5835] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./28/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./28/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./28/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./28/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 112.900131][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./28/file1") = 0 [pid 5835] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./28/binderfs") = 0 [pid 5835] umount2("./28/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./28/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./28/cgroup.net") = 0 [pid 5835] umount2("./28/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./28/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./28/cgroup.cpu") = 0 [pid 5835] umount2("./28/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./28/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./28/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./28") = 0 [pid 5835] mkdir("./29", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561f8f750) = 31 ./strace-static-x86_64: Process 5926 attached [pid 5926] set_robust_list(0x555561f8f760, 24) = 0 [pid 5926] chdir("./29") = 0 [pid 5926] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5926] setpgid(0, 0) = 0 [pid 5926] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5926] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5926] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5926] write(3, "1000", 4) = 4 [pid 5926] close(3) = 0 [pid 5926] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5926] write(1, "executing program\n", 18) = 18 [pid 5926] memfd_create("syzkaller", 0) = 3 [pid 5926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5926] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5926] munmap(0x7fda1a200000, 138412032) = 0 [pid 5926] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5926] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5926] close(3) = 0 [pid 5926] close(4) = 0 [pid 5926] mkdir("./file1", 0777) = 0 [ 113.666155][ T5926] loop0: detected capacity change from 0 to 32768 [pid 5926] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5926] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5926] chdir("./file1") = 0 [pid 5926] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5926] symlink(NULL, NULL) = -1 EFAULT (Bad address) [ 113.708603][ T5926] JBD2: Ignoring recovery information on journal [ 113.745585][ T5926] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5926] close(3) = 0 [pid 5926] close(4) = -1 EBADF (Bad file descriptor) [pid 5926] close(5) = -1 EBADF (Bad file descriptor) [pid 5926] close(6) = -1 EBADF (Bad file descriptor) [pid 5926] close(7) = -1 EBADF (Bad file descriptor) [pid 5926] close(8) = -1 EBADF (Bad file descriptor) [pid 5926] close(9) = -1 EBADF (Bad file descriptor) [pid 5926] close(10) = -1 EBADF (Bad file descriptor) [pid 5926] close(11) = -1 EBADF (Bad file descriptor) [pid 5926] close(12) = -1 EBADF (Bad file descriptor) [pid 5926] close(13) = -1 EBADF (Bad file descriptor) [pid 5926] close(14) = -1 EBADF (Bad file descriptor) [pid 5926] close(15) = -1 EBADF (Bad file descriptor) [pid 5926] close(16) = -1 EBADF (Bad file descriptor) [pid 5926] close(17) = -1 EBADF (Bad file descriptor) [pid 5926] close(18) = -1 EBADF (Bad file descriptor) [pid 5926] close(19) = -1 EBADF (Bad file descriptor) [pid 5926] close(20) = -1 EBADF (Bad file descriptor) [pid 5926] close(21) = -1 EBADF (Bad file descriptor) [pid 5926] close(22) = -1 EBADF (Bad file descriptor) [pid 5926] close(23) = -1 EBADF (Bad file descriptor) [pid 5926] close(24) = -1 EBADF (Bad file descriptor) [pid 5926] close(25) = -1 EBADF (Bad file descriptor) [pid 5926] close(26) = -1 EBADF (Bad file descriptor) [pid 5926] close(27) = -1 EBADF (Bad file descriptor) [pid 5926] close(28) = -1 EBADF (Bad file descriptor) [pid 5926] close(29) = -1 EBADF (Bad file descriptor) [pid 5926] exit_group(0) = ? [pid 5926] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=31, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./29/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./29/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./29/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./29/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [ 113.844703][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] rmdir("./29/file1") = 0 [pid 5835] umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./29/binderfs") = 0 [pid 5835] umount2("./29/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./29/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./29/cgroup.net") = 0 [pid 5835] umount2("./29/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./29/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./29/cgroup.cpu") = 0 [pid 5835] umount2("./29/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./29/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./29/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./29") = 0 [pid 5835] mkdir("./30", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5929 attached [pid 5929] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 32 [pid 5929] <... set_robust_list resumed>) = 0 [pid 5929] chdir("./30") = 0 [pid 5929] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5929] setpgid(0, 0) = 0 [pid 5929] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5929] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5929] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5929] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5929] write(3, "1000", 4) = 4 [pid 5929] close(3) = 0 [pid 5929] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5929] write(1, "executing program\n", 18) = 18 [pid 5929] memfd_create("syzkaller", 0) = 3 [pid 5929] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5929] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5929] munmap(0x7fda1a200000, 138412032) = 0 [pid 5929] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5929] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5929] close(3) = 0 [pid 5929] close(4) = 0 [pid 5929] mkdir("./file1", 0777) = 0 [ 114.500422][ T5929] loop0: detected capacity change from 0 to 32768 [pid 5929] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5929] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 114.567221][ T5929] JBD2: Ignoring recovery information on journal [ 114.603063][ T5929] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5929] chdir("./file1") = 0 [pid 5929] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5929] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5929] close(3) = 0 [pid 5929] close(4) = -1 EBADF (Bad file descriptor) [pid 5929] close(5) = -1 EBADF (Bad file descriptor) [pid 5929] close(6) = -1 EBADF (Bad file descriptor) [pid 5929] close(7) = -1 EBADF (Bad file descriptor) [pid 5929] close(8) = -1 EBADF (Bad file descriptor) [pid 5929] close(9) = -1 EBADF (Bad file descriptor) [pid 5929] close(10) = -1 EBADF (Bad file descriptor) [pid 5929] close(11) = -1 EBADF (Bad file descriptor) [pid 5929] close(12) = -1 EBADF (Bad file descriptor) [pid 5929] close(13) = -1 EBADF (Bad file descriptor) [pid 5929] close(14) = -1 EBADF (Bad file descriptor) [pid 5929] close(15) = -1 EBADF (Bad file descriptor) [pid 5929] close(16) = -1 EBADF (Bad file descriptor) [pid 5929] close(17) = -1 EBADF (Bad file descriptor) [pid 5929] close(18) = -1 EBADF (Bad file descriptor) [pid 5929] close(19) = -1 EBADF (Bad file descriptor) [pid 5929] close(20) = -1 EBADF (Bad file descriptor) [pid 5929] close(21) = -1 EBADF (Bad file descriptor) [pid 5929] close(22) = -1 EBADF (Bad file descriptor) [pid 5929] close(23) = -1 EBADF (Bad file descriptor) [pid 5929] close(24) = -1 EBADF (Bad file descriptor) [pid 5929] close(25) = -1 EBADF (Bad file descriptor) [pid 5929] close(26) = -1 EBADF (Bad file descriptor) [pid 5929] close(27) = -1 EBADF (Bad file descriptor) [pid 5929] close(28) = -1 EBADF (Bad file descriptor) [pid 5929] close(29) = -1 EBADF (Bad file descriptor) [pid 5929] exit_group(0) = ? [pid 5929] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=32, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./30/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./30/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./30/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./30/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./30/file1") = 0 [pid 5835] umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./30/binderfs") = 0 [pid 5835] umount2("./30/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./30/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./30/cgroup.net") = 0 [pid 5835] umount2("./30/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./30/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./30/cgroup.cpu") = 0 [ 114.779720][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] umount2("./30/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./30/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./30/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./30") = 0 [pid 5835] mkdir("./31", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561f8f750) = 33 ./strace-static-x86_64: Process 5933 attached [pid 5933] set_robust_list(0x555561f8f760, 24) = 0 [pid 5933] chdir("./31") = 0 [pid 5933] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5933] setpgid(0, 0) = 0 [pid 5933] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5933] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5933] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5933] write(3, "1000", 4) = 4 [pid 5933] close(3) = 0 [pid 5933] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5933] write(1, "executing program\n", 18executing program ) = 18 [pid 5933] memfd_create("syzkaller", 0) = 3 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5933] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5933] munmap(0x7fda1a200000, 138412032) = 0 [pid 5933] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5933] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5933] close(3) = 0 [pid 5933] close(4) = 0 [pid 5933] mkdir("./file1", 0777) = 0 [ 115.357937][ T5933] loop0: detected capacity change from 0 to 32768 [ 115.395845][ T5933] JBD2: Ignoring recovery information on journal [pid 5933] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5933] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5933] chdir("./file1") = 0 [pid 5933] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5933] symlink(NULL, NULL) = -1 EFAULT (Bad address) [ 115.430206][ T5933] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5933] close(3) = 0 [pid 5933] close(4) = -1 EBADF (Bad file descriptor) [pid 5933] close(5) = -1 EBADF (Bad file descriptor) [pid 5933] close(6) = -1 EBADF (Bad file descriptor) [pid 5933] close(7) = -1 EBADF (Bad file descriptor) [pid 5933] close(8) = -1 EBADF (Bad file descriptor) [pid 5933] close(9) = -1 EBADF (Bad file descriptor) [pid 5933] close(10) = -1 EBADF (Bad file descriptor) [pid 5933] close(11) = -1 EBADF (Bad file descriptor) [pid 5933] close(12) = -1 EBADF (Bad file descriptor) [pid 5933] close(13) = -1 EBADF (Bad file descriptor) [pid 5933] close(14) = -1 EBADF (Bad file descriptor) [pid 5933] close(15) = -1 EBADF (Bad file descriptor) [pid 5933] close(16) = -1 EBADF (Bad file descriptor) [pid 5933] close(17) = -1 EBADF (Bad file descriptor) [pid 5933] close(18) = -1 EBADF (Bad file descriptor) [pid 5933] close(19) = -1 EBADF (Bad file descriptor) [pid 5933] close(20) = -1 EBADF (Bad file descriptor) [pid 5933] close(21) = -1 EBADF (Bad file descriptor) [pid 5933] close(22) = -1 EBADF (Bad file descriptor) [pid 5933] close(23) = -1 EBADF (Bad file descriptor) [pid 5933] close(24) = -1 EBADF (Bad file descriptor) [pid 5933] close(25) = -1 EBADF (Bad file descriptor) [pid 5933] close(26) = -1 EBADF (Bad file descriptor) [pid 5933] close(27) = -1 EBADF (Bad file descriptor) [pid 5933] close(28) = -1 EBADF (Bad file descriptor) [pid 5933] close(29) = -1 EBADF (Bad file descriptor) [pid 5933] exit_group(0) = ? [pid 5933] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=33, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./31/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./31/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./31/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./31/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./31/file1") = 0 [pid 5835] umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./31/binderfs") = 0 [ 115.579414][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] umount2("./31/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./31/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./31/cgroup.net") = 0 [pid 5835] umount2("./31/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./31/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./31/cgroup.cpu") = 0 [pid 5835] umount2("./31/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./31/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./31/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./31") = 0 [pid 5835] mkdir("./32", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5936 attached , child_tidptr=0x555561f8f750) = 34 [pid 5936] set_robust_list(0x555561f8f760, 24) = 0 [pid 5936] chdir("./32") = 0 [pid 5936] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5936] setpgid(0, 0) = 0 [pid 5936] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5936] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5936] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5936] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5936] write(3, "1000", 4) = 4 [pid 5936] close(3) = 0 [pid 5936] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5936] write(1, "executing program\n", 18executing program ) = 18 [pid 5936] memfd_create("syzkaller", 0) = 3 [pid 5936] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5936] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5936] munmap(0x7fda1a200000, 138412032) = 0 [pid 5936] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5936] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5936] close(3) = 0 [pid 5936] close(4) = 0 [pid 5936] mkdir("./file1", 0777) = 0 [ 116.188164][ T5936] loop0: detected capacity change from 0 to 32768 [ 116.208663][ T5936] JBD2: Ignoring recovery information on journal [pid 5936] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5936] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5936] chdir("./file1") = 0 [pid 5936] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5936] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5936] close(3) = 0 [pid 5936] close(4) = -1 EBADF (Bad file descriptor) [pid 5936] close(5) = -1 EBADF (Bad file descriptor) [pid 5936] close(6) = -1 EBADF (Bad file descriptor) [pid 5936] close(7) = -1 EBADF (Bad file descriptor) [pid 5936] close(8) = -1 EBADF (Bad file descriptor) [pid 5936] close(9) = -1 EBADF (Bad file descriptor) [pid 5936] close(10) = -1 EBADF (Bad file descriptor) [pid 5936] close(11) = -1 EBADF (Bad file descriptor) [pid 5936] close(12) = -1 EBADF (Bad file descriptor) [pid 5936] close(13) = -1 EBADF (Bad file descriptor) [pid 5936] close(14) = -1 EBADF (Bad file descriptor) [pid 5936] close(15) = -1 EBADF (Bad file descriptor) [pid 5936] close(16) = -1 EBADF (Bad file descriptor) [pid 5936] close(17) = -1 EBADF (Bad file descriptor) [pid 5936] close(18) = -1 EBADF (Bad file descriptor) [pid 5936] close(19) = -1 EBADF (Bad file descriptor) [pid 5936] close(20) = -1 EBADF (Bad file descriptor) [pid 5936] close(21) = -1 EBADF (Bad file descriptor) [pid 5936] close(22) = -1 EBADF (Bad file descriptor) [pid 5936] close(23) = -1 EBADF (Bad file descriptor) [pid 5936] close(24) = -1 EBADF (Bad file descriptor) [pid 5936] close(25) = -1 EBADF (Bad file descriptor) [pid 5936] close(26) = -1 EBADF (Bad file descriptor) [pid 5936] close(27) = -1 EBADF (Bad file descriptor) [pid 5936] close(28) = -1 EBADF (Bad file descriptor) [pid 5936] close(29) = -1 EBADF (Bad file descriptor) [pid 5936] exit_group(0) = ? [ 116.240454][ T5936] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5936] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=34, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./32/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./32/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./32/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./32/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 116.368590][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./32/file1") = 0 [pid 5835] umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./32/binderfs") = 0 [pid 5835] umount2("./32/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./32/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./32/cgroup.net") = 0 [pid 5835] umount2("./32/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./32/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./32/cgroup.cpu") = 0 [pid 5835] umount2("./32/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./32/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./32/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./32") = 0 [pid 5835] mkdir("./33", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561f8f750) = 35 ./strace-static-x86_64: Process 5939 attached [pid 5939] set_robust_list(0x555561f8f760, 24) = 0 [pid 5939] chdir("./33") = 0 [pid 5939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5939] setpgid(0, 0) = 0 [pid 5939] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5939] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5939] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5939] write(3, "1000", 4) = 4 [pid 5939] close(3) = 0 [pid 5939] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5939] write(1, "executing program\n", 18) = 18 [pid 5939] memfd_create("syzkaller", 0) = 3 [pid 5939] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5939] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5939] munmap(0x7fda1a200000, 138412032) = 0 [pid 5939] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5939] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5939] close(3) = 0 [pid 5939] close(4) = 0 [pid 5939] mkdir("./file1", 0777) = 0 [ 117.034530][ T5939] loop0: detected capacity change from 0 to 32768 [ 117.073602][ T5939] JBD2: Ignoring recovery information on journal [pid 5939] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5939] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5939] chdir("./file1") = 0 [pid 5939] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5939] symlink(NULL, NULL) = -1 EFAULT (Bad address) [ 117.109745][ T5939] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5939] close(3) = 0 [pid 5939] close(4) = -1 EBADF (Bad file descriptor) [pid 5939] close(5) = -1 EBADF (Bad file descriptor) [pid 5939] close(6) = -1 EBADF (Bad file descriptor) [pid 5939] close(7) = -1 EBADF (Bad file descriptor) [pid 5939] close(8) = -1 EBADF (Bad file descriptor) [pid 5939] close(9) = -1 EBADF (Bad file descriptor) [pid 5939] close(10) = -1 EBADF (Bad file descriptor) [pid 5939] close(11) = -1 EBADF (Bad file descriptor) [pid 5939] close(12) = -1 EBADF (Bad file descriptor) [pid 5939] close(13) = -1 EBADF (Bad file descriptor) [pid 5939] close(14) = -1 EBADF (Bad file descriptor) [pid 5939] close(15) = -1 EBADF (Bad file descriptor) [pid 5939] close(16) = -1 EBADF (Bad file descriptor) [pid 5939] close(17) = -1 EBADF (Bad file descriptor) [pid 5939] close(18) = -1 EBADF (Bad file descriptor) [pid 5939] close(19) = -1 EBADF (Bad file descriptor) [pid 5939] close(20) = -1 EBADF (Bad file descriptor) [pid 5939] close(21) = -1 EBADF (Bad file descriptor) [pid 5939] close(22) = -1 EBADF (Bad file descriptor) [pid 5939] close(23) = -1 EBADF (Bad file descriptor) [pid 5939] close(24) = -1 EBADF (Bad file descriptor) [pid 5939] close(25) = -1 EBADF (Bad file descriptor) [pid 5939] close(26) = -1 EBADF (Bad file descriptor) [pid 5939] close(27) = -1 EBADF (Bad file descriptor) [pid 5939] close(28) = -1 EBADF (Bad file descriptor) [pid 5939] close(29) = -1 EBADF (Bad file descriptor) [pid 5939] exit_group(0) = ? [pid 5939] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=35, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./33/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./33/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./33/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./33/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 117.268561][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./33/file1") = 0 [pid 5835] umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./33/binderfs") = 0 [pid 5835] umount2("./33/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./33/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./33/cgroup.net") = 0 [pid 5835] umount2("./33/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./33/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./33/cgroup.cpu") = 0 [pid 5835] umount2("./33/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./33/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./33/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./33") = 0 [pid 5835] mkdir("./34", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5942 attached , child_tidptr=0x555561f8f750) = 36 [pid 5942] set_robust_list(0x555561f8f760, 24) = 0 [pid 5942] chdir("./34") = 0 [pid 5942] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5942] setpgid(0, 0) = 0 [pid 5942] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5942] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5942] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5942] write(3, "1000", 4) = 4 [pid 5942] close(3) = 0 [pid 5942] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5942] write(1, "executing program\n", 18) = 18 [pid 5942] memfd_create("syzkaller", 0) = 3 [pid 5942] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5942] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5942] munmap(0x7fda1a200000, 138412032) = 0 [pid 5942] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5942] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5942] close(3) = 0 [pid 5942] close(4) = 0 [pid 5942] mkdir("./file1", 0777) = 0 [ 118.003431][ T5942] loop0: detected capacity change from 0 to 32768 [pid 5942] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5942] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5942] chdir("./file1") = 0 [pid 5942] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 118.060643][ T5942] JBD2: Ignoring recovery information on journal [ 118.097930][ T5942] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5942] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5942] close(3) = 0 [pid 5942] close(4) = -1 EBADF (Bad file descriptor) [pid 5942] close(5) = -1 EBADF (Bad file descriptor) [pid 5942] close(6) = -1 EBADF (Bad file descriptor) [pid 5942] close(7) = -1 EBADF (Bad file descriptor) [pid 5942] close(8) = -1 EBADF (Bad file descriptor) [pid 5942] close(9) = -1 EBADF (Bad file descriptor) [pid 5942] close(10) = -1 EBADF (Bad file descriptor) [pid 5942] close(11) = -1 EBADF (Bad file descriptor) [pid 5942] close(12) = -1 EBADF (Bad file descriptor) [pid 5942] close(13) = -1 EBADF (Bad file descriptor) [pid 5942] close(14) = -1 EBADF (Bad file descriptor) [pid 5942] close(15) = -1 EBADF (Bad file descriptor) [pid 5942] close(16) = -1 EBADF (Bad file descriptor) [pid 5942] close(17) = -1 EBADF (Bad file descriptor) [pid 5942] close(18) = -1 EBADF (Bad file descriptor) [pid 5942] close(19) = -1 EBADF (Bad file descriptor) [pid 5942] close(20) = -1 EBADF (Bad file descriptor) [pid 5942] close(21) = -1 EBADF (Bad file descriptor) [pid 5942] close(22) = -1 EBADF (Bad file descriptor) [pid 5942] close(23) = -1 EBADF (Bad file descriptor) [pid 5942] close(24) = -1 EBADF (Bad file descriptor) [pid 5942] close(25) = -1 EBADF (Bad file descriptor) [pid 5942] close(26) = -1 EBADF (Bad file descriptor) [pid 5942] close(27) = -1 EBADF (Bad file descriptor) [pid 5942] close(28) = -1 EBADF (Bad file descriptor) [pid 5942] close(29) = -1 EBADF (Bad file descriptor) [pid 5942] exit_group(0) = ? [pid 5942] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=36, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./34/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./34/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./34/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./34/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [ 118.296713][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./34/file1") = 0 [pid 5835] umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./34/binderfs") = 0 [pid 5835] umount2("./34/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./34/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./34/cgroup.net") = 0 [pid 5835] umount2("./34/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./34/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./34/cgroup.cpu") = 0 [pid 5835] umount2("./34/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./34/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./34/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./34") = 0 [pid 5835] mkdir("./35", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561f8f750) = 37 ./strace-static-x86_64: Process 5946 attached [pid 5946] set_robust_list(0x555561f8f760, 24) = 0 [pid 5946] chdir("./35") = 0 [pid 5946] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5946] setpgid(0, 0) = 0 [pid 5946] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5946] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5946] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5946] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5946] write(3, "1000", 4) = 4 [pid 5946] close(3) = 0 [pid 5946] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5946] write(1, "executing program\n", 18executing program ) = 18 [pid 5946] memfd_create("syzkaller", 0) = 3 [pid 5946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5946] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5946] munmap(0x7fda1a200000, 138412032) = 0 [pid 5946] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5946] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5946] close(3) = 0 [pid 5946] close(4) = 0 [pid 5946] mkdir("./file1", 0777) = 0 [ 119.010672][ T5946] loop0: detected capacity change from 0 to 32768 [pid 5946] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5946] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5946] chdir("./file1") = 0 [pid 5946] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5946] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5946] close(3) = 0 [ 119.055493][ T5946] JBD2: Ignoring recovery information on journal [ 119.089340][ T5946] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5946] close(4) = -1 EBADF (Bad file descriptor) [pid 5946] close(5) = -1 EBADF (Bad file descriptor) [pid 5946] close(6) = -1 EBADF (Bad file descriptor) [pid 5946] close(7) = -1 EBADF (Bad file descriptor) [pid 5946] close(8) = -1 EBADF (Bad file descriptor) [pid 5946] close(9) = -1 EBADF (Bad file descriptor) [pid 5946] close(10) = -1 EBADF (Bad file descriptor) [pid 5946] close(11) = -1 EBADF (Bad file descriptor) [pid 5946] close(12) = -1 EBADF (Bad file descriptor) [pid 5946] close(13) = -1 EBADF (Bad file descriptor) [pid 5946] close(14) = -1 EBADF (Bad file descriptor) [pid 5946] close(15) = -1 EBADF (Bad file descriptor) [pid 5946] close(16) = -1 EBADF (Bad file descriptor) [pid 5946] close(17) = -1 EBADF (Bad file descriptor) [pid 5946] close(18) = -1 EBADF (Bad file descriptor) [pid 5946] close(19) = -1 EBADF (Bad file descriptor) [pid 5946] close(20) = -1 EBADF (Bad file descriptor) [pid 5946] close(21) = -1 EBADF (Bad file descriptor) [pid 5946] close(22) = -1 EBADF (Bad file descriptor) [pid 5946] close(23) = -1 EBADF (Bad file descriptor) [pid 5946] close(24) = -1 EBADF (Bad file descriptor) [pid 5946] close(25) = -1 EBADF (Bad file descriptor) [pid 5946] close(26) = -1 EBADF (Bad file descriptor) [pid 5946] close(27) = -1 EBADF (Bad file descriptor) [pid 5946] close(28) = -1 EBADF (Bad file descriptor) [pid 5946] close(29) = -1 EBADF (Bad file descriptor) [pid 5946] exit_group(0) = ? [pid 5946] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=37, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./35/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./35/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./35/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./35/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [ 119.240061][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./35/file1") = 0 [pid 5835] umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./35/binderfs") = 0 [pid 5835] umount2("./35/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./35/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./35/cgroup.net") = 0 [pid 5835] umount2("./35/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./35/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./35/cgroup.cpu") = 0 [pid 5835] umount2("./35/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./35/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./35/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./35") = 0 [pid 5835] mkdir("./36", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5952 attached , child_tidptr=0x555561f8f750) = 38 [pid 5952] set_robust_list(0x555561f8f760, 24) = 0 [pid 5952] chdir("./36") = 0 [pid 5952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5952] setpgid(0, 0) = 0 [pid 5952] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5952] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5952] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5952] write(3, "1000", 4) = 4 [pid 5952] close(3) = 0 [pid 5952] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5952] write(1, "executing program\n", 18executing program ) = 18 [pid 5952] memfd_create("syzkaller", 0) = 3 [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5952] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5952] munmap(0x7fda1a200000, 138412032) = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5952] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5952] close(3) = 0 [pid 5952] close(4) = 0 [pid 5952] mkdir("./file1", 0777) = 0 [ 119.953940][ T5952] loop0: detected capacity change from 0 to 32768 [pid 5952] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5952] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5952] chdir("./file1") = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5952] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5952] close(3) = 0 [pid 5952] close(4) = -1 EBADF (Bad file descriptor) [pid 5952] close(5) = -1 EBADF (Bad file descriptor) [pid 5952] close(6) = -1 EBADF (Bad file descriptor) [pid 5952] close(7) = -1 EBADF (Bad file descriptor) [pid 5952] close(8) = -1 EBADF (Bad file descriptor) [pid 5952] close(9) = -1 EBADF (Bad file descriptor) [pid 5952] close(10) = -1 EBADF (Bad file descriptor) [pid 5952] close(11) = -1 EBADF (Bad file descriptor) [pid 5952] close(12) = -1 EBADF (Bad file descriptor) [pid 5952] close(13) = -1 EBADF (Bad file descriptor) [pid 5952] close(14) = -1 EBADF (Bad file descriptor) [pid 5952] close(15) = -1 EBADF (Bad file descriptor) [pid 5952] close(16) = -1 EBADF (Bad file descriptor) [pid 5952] close(17) = -1 EBADF (Bad file descriptor) [pid 5952] close(18) = -1 EBADF (Bad file descriptor) [pid 5952] close(19) = -1 EBADF (Bad file descriptor) [pid 5952] close(20) = -1 EBADF (Bad file descriptor) [pid 5952] close(21) = -1 EBADF (Bad file descriptor) [pid 5952] close(22) = -1 EBADF (Bad file descriptor) [pid 5952] close(23) = -1 EBADF (Bad file descriptor) [pid 5952] close(24) = -1 EBADF (Bad file descriptor) [pid 5952] close(25) = -1 EBADF (Bad file descriptor) [pid 5952] close(26) = -1 EBADF (Bad file descriptor) [pid 5952] close(27) = -1 EBADF (Bad file descriptor) [pid 5952] close(28) = -1 EBADF (Bad file descriptor) [pid 5952] close(29) = -1 EBADF (Bad file descriptor) [pid 5952] exit_group(0) = ? [pid 5952] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [ 120.027022][ T5952] JBD2: Ignoring recovery information on journal [ 120.060083][ T5952] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./36/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./36/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./36/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./36/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [ 120.116416][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] rmdir("./36/file1") = 0 [pid 5835] umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./36/binderfs") = 0 [pid 5835] umount2("./36/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./36/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./36/cgroup.net") = 0 [pid 5835] umount2("./36/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./36/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./36/cgroup.cpu") = 0 [pid 5835] umount2("./36/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./36/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./36/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./36") = 0 [pid 5835] mkdir("./37", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5956 attached [pid 5956] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 39 [pid 5956] <... set_robust_list resumed>) = 0 [pid 5956] chdir("./37") = 0 [pid 5956] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5956] setpgid(0, 0) = 0 [pid 5956] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5956] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5956] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5956] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5956] write(3, "1000", 4) = 4 [pid 5956] close(3) = 0 [pid 5956] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5956] write(1, "executing program\n", 18executing program ) = 18 [pid 5956] memfd_create("syzkaller", 0) = 3 [pid 5956] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5956] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5956] munmap(0x7fda1a200000, 138412032) = 0 [pid 5956] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5956] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5956] close(3) = 0 [pid 5956] close(4) = 0 [pid 5956] mkdir("./file1", 0777) = 0 [ 120.755373][ T5956] loop0: detected capacity change from 0 to 32768 [pid 5956] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5956] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5956] chdir("./file1") = 0 [pid 5956] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 120.806516][ T5956] JBD2: Ignoring recovery information on journal [ 120.840981][ T5956] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5956] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5956] close(3) = 0 [pid 5956] close(4) = -1 EBADF (Bad file descriptor) [pid 5956] close(5) = -1 EBADF (Bad file descriptor) [pid 5956] close(6) = -1 EBADF (Bad file descriptor) [pid 5956] close(7) = -1 EBADF (Bad file descriptor) [pid 5956] close(8) = -1 EBADF (Bad file descriptor) [pid 5956] close(9) = -1 EBADF (Bad file descriptor) [pid 5956] close(10) = -1 EBADF (Bad file descriptor) [pid 5956] close(11) = -1 EBADF (Bad file descriptor) [pid 5956] close(12) = -1 EBADF (Bad file descriptor) [pid 5956] close(13) = -1 EBADF (Bad file descriptor) [pid 5956] close(14) = -1 EBADF (Bad file descriptor) [pid 5956] close(15) = -1 EBADF (Bad file descriptor) [pid 5956] close(16) = -1 EBADF (Bad file descriptor) [pid 5956] close(17) = -1 EBADF (Bad file descriptor) [pid 5956] close(18) = -1 EBADF (Bad file descriptor) [pid 5956] close(19) = -1 EBADF (Bad file descriptor) [pid 5956] close(20) = -1 EBADF (Bad file descriptor) [pid 5956] close(21) = -1 EBADF (Bad file descriptor) [pid 5956] close(22) = -1 EBADF (Bad file descriptor) [pid 5956] close(23) = -1 EBADF (Bad file descriptor) [pid 5956] close(24) = -1 EBADF (Bad file descriptor) [pid 5956] close(25) = -1 EBADF (Bad file descriptor) [pid 5956] close(26) = -1 EBADF (Bad file descriptor) [pid 5956] close(27) = -1 EBADF (Bad file descriptor) [pid 5956] close(28) = -1 EBADF (Bad file descriptor) [pid 5956] close(29) = -1 EBADF (Bad file descriptor) [pid 5956] exit_group(0) = ? [pid 5956] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=39, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=17 /* 0.17 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./37/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./37/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./37/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./37/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./37/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 121.023428][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./37/file1") = 0 [pid 5835] umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./37/binderfs") = 0 [pid 5835] umount2("./37/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./37/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./37/cgroup.net") = 0 [pid 5835] umount2("./37/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./37/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./37/cgroup.cpu") = 0 [pid 5835] umount2("./37/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./37/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./37/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./37") = 0 [pid 5835] mkdir("./38", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5959 attached [pid 5959] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 40 [pid 5959] <... set_robust_list resumed>) = 0 [pid 5959] chdir("./38") = 0 [pid 5959] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5959] setpgid(0, 0) = 0 [pid 5959] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5959] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5959] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5959] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5959] write(3, "1000", 4) = 4 [pid 5959] close(3) = 0 [pid 5959] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5959] write(1, "executing program\n", 18) = 18 [pid 5959] memfd_create("syzkaller", 0) = 3 [pid 5959] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5959] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5959] munmap(0x7fda1a200000, 138412032) = 0 [pid 5959] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5959] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5959] close(3) = 0 [pid 5959] close(4) = 0 [pid 5959] mkdir("./file1", 0777) = 0 [ 121.704548][ T5959] loop0: detected capacity change from 0 to 32768 [ 121.725839][ T5959] JBD2: Ignoring recovery information on journal [pid 5959] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5959] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5959] chdir("./file1") = 0 [pid 5959] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5959] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5959] close(3) = 0 [pid 5959] close(4) = -1 EBADF (Bad file descriptor) [pid 5959] close(5) = -1 EBADF (Bad file descriptor) [pid 5959] close(6) = -1 EBADF (Bad file descriptor) [pid 5959] close(7) = -1 EBADF (Bad file descriptor) [pid 5959] close(8) = -1 EBADF (Bad file descriptor) [pid 5959] close(9) = -1 EBADF (Bad file descriptor) [pid 5959] close(10) = -1 EBADF (Bad file descriptor) [pid 5959] close(11) = -1 EBADF (Bad file descriptor) [pid 5959] close(12) = -1 EBADF (Bad file descriptor) [pid 5959] close(13) = -1 EBADF (Bad file descriptor) [pid 5959] close(14) = -1 EBADF (Bad file descriptor) [pid 5959] close(15) = -1 EBADF (Bad file descriptor) [pid 5959] close(16) = -1 EBADF (Bad file descriptor) [pid 5959] close(17) = -1 EBADF (Bad file descriptor) [pid 5959] close(18) = -1 EBADF (Bad file descriptor) [pid 5959] close(19) = -1 EBADF (Bad file descriptor) [pid 5959] close(20) = -1 EBADF (Bad file descriptor) [pid 5959] close(21) = -1 EBADF (Bad file descriptor) [pid 5959] close(22) = -1 EBADF (Bad file descriptor) [pid 5959] close(23) = -1 EBADF (Bad file descriptor) [pid 5959] close(24) = -1 EBADF (Bad file descriptor) [pid 5959] close(25) = -1 EBADF (Bad file descriptor) [pid 5959] close(26) = -1 EBADF (Bad file descriptor) [pid 5959] close(27) = -1 EBADF (Bad file descriptor) [ 121.761230][ T5959] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5959] close(28) = -1 EBADF (Bad file descriptor) [pid 5959] close(29) = -1 EBADF (Bad file descriptor) [pid 5959] exit_group(0) = ? [pid 5959] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=40, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./38/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./38/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./38/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./38/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./38/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [ 121.913339][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./38/file1") = 0 [pid 5835] umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./38/binderfs") = 0 [pid 5835] umount2("./38/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./38/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./38/cgroup.net") = 0 [pid 5835] umount2("./38/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./38/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./38/cgroup.cpu") = 0 [pid 5835] umount2("./38/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./38/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./38/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./38") = 0 [pid 5835] mkdir("./39", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5962 attached , child_tidptr=0x555561f8f750) = 41 [pid 5962] set_robust_list(0x555561f8f760, 24) = 0 [pid 5962] chdir("./39") = 0 [pid 5962] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5962] setpgid(0, 0) = 0 [pid 5962] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5962] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5962] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5962] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5962] write(3, "1000", 4) = 4 [pid 5962] close(3) = 0 [pid 5962] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5962] write(1, "executing program\n", 18executing program ) = 18 [pid 5962] memfd_create("syzkaller", 0) = 3 [pid 5962] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5962] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5962] munmap(0x7fda1a200000, 138412032) = 0 [pid 5962] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5962] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5962] close(3) = 0 [pid 5962] close(4) = 0 [pid 5962] mkdir("./file1", 0777) = 0 [ 122.563467][ T5962] loop0: detected capacity change from 0 to 32768 [pid 5962] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5962] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5962] chdir("./file1") = 0 [pid 5962] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5962] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5962] close(3) = 0 [pid 5962] close(4) = -1 EBADF (Bad file descriptor) [pid 5962] close(5) = -1 EBADF (Bad file descriptor) [pid 5962] close(6) = -1 EBADF (Bad file descriptor) [pid 5962] close(7) = -1 EBADF (Bad file descriptor) [pid 5962] close(8) = -1 EBADF (Bad file descriptor) [pid 5962] close(9) = -1 EBADF (Bad file descriptor) [pid 5962] close(10) = -1 EBADF (Bad file descriptor) [pid 5962] close(11) = -1 EBADF (Bad file descriptor) [pid 5962] close(12) = -1 EBADF (Bad file descriptor) [pid 5962] close(13) = -1 EBADF (Bad file descriptor) [pid 5962] close(14) = -1 EBADF (Bad file descriptor) [pid 5962] close(15) = -1 EBADF (Bad file descriptor) [pid 5962] close(16) = -1 EBADF (Bad file descriptor) [pid 5962] close(17) = -1 EBADF (Bad file descriptor) [pid 5962] close(18) = -1 EBADF (Bad file descriptor) [pid 5962] close(19) = -1 EBADF (Bad file descriptor) [pid 5962] close(20) = -1 EBADF (Bad file descriptor) [pid 5962] close(21) = -1 EBADF (Bad file descriptor) [pid 5962] close(22) = -1 EBADF (Bad file descriptor) [pid 5962] close(23) = -1 EBADF (Bad file descriptor) [pid 5962] close(24) = -1 EBADF (Bad file descriptor) [pid 5962] close(25) = -1 EBADF (Bad file descriptor) [pid 5962] close(26) = -1 EBADF (Bad file descriptor) [pid 5962] close(27) = -1 EBADF (Bad file descriptor) [pid 5962] close(28) = -1 EBADF (Bad file descriptor) [pid 5962] close(29) = -1 EBADF (Bad file descriptor) [pid 5962] exit_group(0) = ? [ 122.620184][ T5962] JBD2: Ignoring recovery information on journal [ 122.656469][ T5962] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5962] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=41, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5835] umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./39/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./39/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./39/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./39/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./39/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./39/file1") = 0 [pid 5835] umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./39/binderfs") = 0 [pid 5835] umount2("./39/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./39/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./39/cgroup.net") = 0 [pid 5835] umount2("./39/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./39/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./39/cgroup.cpu") = 0 [pid 5835] umount2("./39/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./39/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./39/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./39") = 0 [pid 5835] mkdir("./40", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 122.787810][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5965 attached , child_tidptr=0x555561f8f750) = 42 [pid 5965] set_robust_list(0x555561f8f760, 24) = 0 [pid 5965] chdir("./40") = 0 [pid 5965] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5965] setpgid(0, 0) = 0 [pid 5965] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5965] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5965] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5965] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5965] write(3, "1000", 4) = 4 [pid 5965] close(3) = 0 [pid 5965] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5965] write(1, "executing program\n", 18) = 18 [pid 5965] memfd_create("syzkaller", 0) = 3 [pid 5965] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5965] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5965] munmap(0x7fda1a200000, 138412032) = 0 [pid 5965] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5965] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5965] close(3) = 0 [pid 5965] close(4) = 0 [pid 5965] mkdir("./file1", 0777) = 0 [ 123.152968][ T5965] loop0: detected capacity change from 0 to 32768 [ 123.183907][ T5965] JBD2: Ignoring recovery information on journal [pid 5965] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5965] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5965] chdir("./file1") = 0 [pid 5965] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5965] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5965] close(3) = 0 [pid 5965] close(4) = -1 EBADF (Bad file descriptor) [pid 5965] close(5) = -1 EBADF (Bad file descriptor) [pid 5965] close(6) = -1 EBADF (Bad file descriptor) [pid 5965] close(7) = -1 EBADF (Bad file descriptor) [pid 5965] close(8) = -1 EBADF (Bad file descriptor) [pid 5965] close(9) = -1 EBADF (Bad file descriptor) [pid 5965] close(10) = -1 EBADF (Bad file descriptor) [pid 5965] close(11) = -1 EBADF (Bad file descriptor) [pid 5965] close(12) = -1 EBADF (Bad file descriptor) [pid 5965] close(13) = -1 EBADF (Bad file descriptor) [pid 5965] close(14) = -1 EBADF (Bad file descriptor) [pid 5965] close(15) = -1 EBADF (Bad file descriptor) [pid 5965] close(16) = -1 EBADF (Bad file descriptor) [pid 5965] close(17) = -1 EBADF (Bad file descriptor) [pid 5965] close(18) = -1 EBADF (Bad file descriptor) [pid 5965] close(19) = -1 EBADF (Bad file descriptor) [pid 5965] close(20) = -1 EBADF (Bad file descriptor) [pid 5965] close(21) = -1 EBADF (Bad file descriptor) [pid 5965] close(22) = -1 EBADF (Bad file descriptor) [pid 5965] close(23) = -1 EBADF (Bad file descriptor) [pid 5965] close(24) = -1 EBADF (Bad file descriptor) [pid 5965] close(25) = -1 EBADF (Bad file descriptor) [pid 5965] close(26) = -1 EBADF (Bad file descriptor) [pid 5965] close(27) = -1 EBADF (Bad file descriptor) [pid 5965] close(28) = -1 EBADF (Bad file descriptor) [pid 5965] close(29) = -1 EBADF (Bad file descriptor) [pid 5965] exit_group(0) = ? [pid 5965] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=42, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [ 123.225647][ T5965] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] umount2("./40/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./40/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./40/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./40/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./40/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./40/file1") = 0 [pid 5835] umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./40/binderfs") = 0 [pid 5835] umount2("./40/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./40/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./40/cgroup.net") = 0 [pid 5835] umount2("./40/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./40/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./40/cgroup.cpu") = 0 [pid 5835] umount2("./40/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./40/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./40/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./40") = 0 [pid 5835] mkdir("./41", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 123.266376][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5968 attached [pid 5968] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 43 [pid 5968] <... set_robust_list resumed>) = 0 [pid 5968] chdir("./41") = 0 [pid 5968] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5968] setpgid(0, 0) = 0 [pid 5968] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5968] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5968] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5968] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5968] write(3, "1000", 4) = 4 [pid 5968] close(3) = 0 [pid 5968] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5968] write(1, "executing program\n", 18) = 18 [pid 5968] memfd_create("syzkaller", 0) = 3 [pid 5968] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5968] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5968] munmap(0x7fda1a200000, 138412032) = 0 [pid 5968] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5968] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5968] close(3) = 0 [pid 5968] close(4) = 0 [pid 5968] mkdir("./file1", 0777) = 0 [ 123.634620][ T5968] loop0: detected capacity change from 0 to 32768 [pid 5968] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5968] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5968] chdir("./file1") = 0 [pid 5968] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5968] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5968] close(3) = 0 [pid 5968] close(4) = -1 EBADF (Bad file descriptor) [pid 5968] close(5) = -1 EBADF (Bad file descriptor) [pid 5968] close(6) = -1 EBADF (Bad file descriptor) [pid 5968] close(7) = -1 EBADF (Bad file descriptor) [pid 5968] close(8) = -1 EBADF (Bad file descriptor) [pid 5968] close(9) = -1 EBADF (Bad file descriptor) [pid 5968] close(10) = -1 EBADF (Bad file descriptor) [pid 5968] close(11) = -1 EBADF (Bad file descriptor) [pid 5968] close(12) = -1 EBADF (Bad file descriptor) [pid 5968] close(13) = -1 EBADF (Bad file descriptor) [pid 5968] close(14) = -1 EBADF (Bad file descriptor) [pid 5968] close(15) = -1 EBADF (Bad file descriptor) [pid 5968] close(16) = -1 EBADF (Bad file descriptor) [pid 5968] close(17) = -1 EBADF (Bad file descriptor) [pid 5968] close(18) = -1 EBADF (Bad file descriptor) [pid 5968] close(19) = -1 EBADF (Bad file descriptor) [pid 5968] close(20) = -1 EBADF (Bad file descriptor) [pid 5968] close(21) = -1 EBADF (Bad file descriptor) [pid 5968] close(22) = -1 EBADF (Bad file descriptor) [pid 5968] close(23) = -1 EBADF (Bad file descriptor) [pid 5968] close(24) = -1 EBADF (Bad file descriptor) [pid 5968] close(25) = -1 EBADF (Bad file descriptor) [pid 5968] close(26) = -1 EBADF (Bad file descriptor) [pid 5968] close(27) = -1 EBADF (Bad file descriptor) [pid 5968] close(28) = -1 EBADF (Bad file descriptor) [pid 5968] close(29) = -1 EBADF (Bad file descriptor) [pid 5968] exit_group(0) = ? [pid 5968] +++ exited with 0 +++ [ 123.689655][ T5968] JBD2: Ignoring recovery information on journal [ 123.725127][ T5968] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=43, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=18 /* 0.18 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./41/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./41/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./41/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./41/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./41/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./41/file1") = 0 [pid 5835] umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./41/binderfs") = 0 [pid 5835] umount2("./41/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./41/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./41/cgroup.net") = 0 [pid 5835] umount2("./41/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./41/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./41/cgroup.cpu") = 0 [pid 5835] umount2("./41/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./41/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./41/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./41") = 0 [ 123.823431][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] mkdir("./42", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5971 attached [pid 5971] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 44 [pid 5971] <... set_robust_list resumed>) = 0 [pid 5971] chdir("./42") = 0 [pid 5971] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5971] setpgid(0, 0) = 0 [pid 5971] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5971] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5971] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5971] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5971] write(3, "1000", 4) = 4 [pid 5971] close(3) = 0 [pid 5971] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5971] write(1, "executing program\n", 18executing program ) = 18 [pid 5971] memfd_create("syzkaller", 0) = 3 [pid 5971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5971] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5971] munmap(0x7fda1a200000, 138412032) = 0 [pid 5971] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5971] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5971] close(3) = 0 [pid 5971] close(4) = 0 [pid 5971] mkdir("./file1", 0777) = 0 [ 124.222048][ T5971] loop0: detected capacity change from 0 to 32768 [ 124.253425][ T5971] JBD2: Ignoring recovery information on journal [pid 5971] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5971] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5971] chdir("./file1") = 0 [pid 5971] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5971] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5971] close(3) = 0 [pid 5971] close(4) = -1 EBADF (Bad file descriptor) [pid 5971] close(5) = -1 EBADF (Bad file descriptor) [pid 5971] close(6) = -1 EBADF (Bad file descriptor) [pid 5971] close(7) = -1 EBADF (Bad file descriptor) [pid 5971] close(8) = -1 EBADF (Bad file descriptor) [pid 5971] close(9) = -1 EBADF (Bad file descriptor) [pid 5971] close(10) = -1 EBADF (Bad file descriptor) [ 124.289185][ T5971] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5971] close(11) = -1 EBADF (Bad file descriptor) [pid 5971] close(12) = -1 EBADF (Bad file descriptor) [pid 5971] close(13) = -1 EBADF (Bad file descriptor) [pid 5971] close(14) = -1 EBADF (Bad file descriptor) [pid 5971] close(15) = -1 EBADF (Bad file descriptor) [pid 5971] close(16) = -1 EBADF (Bad file descriptor) [pid 5971] close(17) = -1 EBADF (Bad file descriptor) [pid 5971] close(18) = -1 EBADF (Bad file descriptor) [pid 5971] close(19) = -1 EBADF (Bad file descriptor) [pid 5971] close(20) = -1 EBADF (Bad file descriptor) [pid 5971] close(21) = -1 EBADF (Bad file descriptor) [pid 5971] close(22) = -1 EBADF (Bad file descriptor) [pid 5971] close(23) = -1 EBADF (Bad file descriptor) [pid 5971] close(24) = -1 EBADF (Bad file descriptor) [pid 5971] close(25) = -1 EBADF (Bad file descriptor) [pid 5971] close(26) = -1 EBADF (Bad file descriptor) [pid 5971] close(27) = -1 EBADF (Bad file descriptor) [pid 5971] close(28) = -1 EBADF (Bad file descriptor) [pid 5971] close(29) = -1 EBADF (Bad file descriptor) [pid 5971] exit_group(0) = ? [pid 5971] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=44, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- [pid 5835] umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./42/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./42/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./42/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./42/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./42/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [ 124.417071][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./42/file1") = 0 [pid 5835] umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./42/binderfs") = 0 [pid 5835] umount2("./42/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./42/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./42/cgroup.net") = 0 [pid 5835] umount2("./42/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./42/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./42/cgroup.cpu") = 0 [pid 5835] umount2("./42/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./42/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./42/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./42") = 0 [pid 5835] mkdir("./43", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5974 attached [pid 5974] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 45 [pid 5974] <... set_robust_list resumed>) = 0 [pid 5974] chdir("./43") = 0 [pid 5974] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5974] setpgid(0, 0) = 0 [pid 5974] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5974] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5974] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5974] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5974] write(3, "1000", 4) = 4 [pid 5974] close(3) = 0 [pid 5974] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5974] write(1, "executing program\n", 18executing program ) = 18 [pid 5974] memfd_create("syzkaller", 0) = 3 [pid 5974] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5974] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5974] munmap(0x7fda1a200000, 138412032) = 0 [pid 5974] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5974] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5974] close(3) = 0 [pid 5974] close(4) = 0 [pid 5974] mkdir("./file1", 0777) = 0 [ 125.055879][ T5974] loop0: detected capacity change from 0 to 32768 [pid 5974] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5974] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 125.127433][ T5974] JBD2: Ignoring recovery information on journal [ 125.160768][ T5974] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5974] chdir("./file1") = 0 [pid 5974] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5974] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5974] close(3) = 0 [pid 5974] close(4) = -1 EBADF (Bad file descriptor) [pid 5974] close(5) = -1 EBADF (Bad file descriptor) [pid 5974] close(6) = -1 EBADF (Bad file descriptor) [pid 5974] close(7) = -1 EBADF (Bad file descriptor) [pid 5974] close(8) = -1 EBADF (Bad file descriptor) [pid 5974] close(9) = -1 EBADF (Bad file descriptor) [pid 5974] close(10) = -1 EBADF (Bad file descriptor) [pid 5974] close(11) = -1 EBADF (Bad file descriptor) [pid 5974] close(12) = -1 EBADF (Bad file descriptor) [pid 5974] close(13) = -1 EBADF (Bad file descriptor) [pid 5974] close(14) = -1 EBADF (Bad file descriptor) [pid 5974] close(15) = -1 EBADF (Bad file descriptor) [pid 5974] close(16) = -1 EBADF (Bad file descriptor) [pid 5974] close(17) = -1 EBADF (Bad file descriptor) [pid 5974] close(18) = -1 EBADF (Bad file descriptor) [pid 5974] close(19) = -1 EBADF (Bad file descriptor) [pid 5974] close(20) = -1 EBADF (Bad file descriptor) [pid 5974] close(21) = -1 EBADF (Bad file descriptor) [pid 5974] close(22) = -1 EBADF (Bad file descriptor) [pid 5974] close(23) = -1 EBADF (Bad file descriptor) [pid 5974] close(24) = -1 EBADF (Bad file descriptor) [pid 5974] close(25) = -1 EBADF (Bad file descriptor) [pid 5974] close(26) = -1 EBADF (Bad file descriptor) [pid 5974] close(27) = -1 EBADF (Bad file descriptor) [pid 5974] close(28) = -1 EBADF (Bad file descriptor) [pid 5974] close(29) = -1 EBADF (Bad file descriptor) [pid 5974] exit_group(0) = ? [pid 5974] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=45, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5835] umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./43/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./43/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./43/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./43/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./43/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./43/file1") = 0 [pid 5835] umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./43/binderfs") = 0 [pid 5835] umount2("./43/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./43/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./43/cgroup.net") = 0 [pid 5835] umount2("./43/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 125.328346][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(AT_FDCWD, "./43/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./43/cgroup.cpu") = 0 [pid 5835] umount2("./43/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./43/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./43/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./43") = 0 [pid 5835] mkdir("./44", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5977 attached , child_tidptr=0x555561f8f750) = 46 [pid 5977] set_robust_list(0x555561f8f760, 24) = 0 [pid 5977] chdir("./44") = 0 [pid 5977] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5977] setpgid(0, 0) = 0 [pid 5977] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5977] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5977] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5977] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5977] write(3, "1000", 4) = 4 [pid 5977] close(3) = 0 [pid 5977] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5977] write(1, "executing program\n", 18) = 18 [pid 5977] memfd_create("syzkaller", 0) = 3 [pid 5977] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5977] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5977] munmap(0x7fda1a200000, 138412032) = 0 [pid 5977] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5977] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5977] close(3) = 0 [pid 5977] close(4) = 0 [pid 5977] mkdir("./file1", 0777) = 0 [ 125.884840][ T5977] loop0: detected capacity change from 0 to 32768 [ 125.919476][ T5977] JBD2: Ignoring recovery information on journal [pid 5977] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5977] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5977] chdir("./file1") = 0 [pid 5977] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5977] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5977] close(3) = 0 [pid 5977] close(4) = -1 EBADF (Bad file descriptor) [pid 5977] close(5) = -1 EBADF (Bad file descriptor) [pid 5977] close(6) = -1 EBADF (Bad file descriptor) [pid 5977] close(7) = -1 EBADF (Bad file descriptor) [pid 5977] close(8) = -1 EBADF (Bad file descriptor) [pid 5977] close(9) = -1 EBADF (Bad file descriptor) [pid 5977] close(10) = -1 EBADF (Bad file descriptor) [pid 5977] close(11) = -1 EBADF (Bad file descriptor) [pid 5977] close(12) = -1 EBADF (Bad file descriptor) [pid 5977] close(13) = -1 EBADF (Bad file descriptor) [pid 5977] close(14) = -1 EBADF (Bad file descriptor) [pid 5977] close(15) = -1 EBADF (Bad file descriptor) [pid 5977] close(16) = -1 EBADF (Bad file descriptor) [pid 5977] close(17) = -1 EBADF (Bad file descriptor) [pid 5977] close(18) = -1 EBADF (Bad file descriptor) [pid 5977] close(19) = -1 EBADF (Bad file descriptor) [pid 5977] close(20) = -1 EBADF (Bad file descriptor) [pid 5977] close(21) = -1 EBADF (Bad file descriptor) [pid 5977] close(22) = -1 EBADF (Bad file descriptor) [pid 5977] close(23) = -1 EBADF (Bad file descriptor) [pid 5977] close(24) = -1 EBADF (Bad file descriptor) [pid 5977] close(25) = -1 EBADF (Bad file descriptor) [pid 5977] close(26) = -1 EBADF (Bad file descriptor) [pid 5977] close(27) = -1 EBADF (Bad file descriptor) [pid 5977] close(28) = -1 EBADF (Bad file descriptor) [pid 5977] close(29) = -1 EBADF (Bad file descriptor) [pid 5977] exit_group(0) = ? [pid 5977] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=46, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [ 125.956202][ T5977] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] umount2("./44/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./44/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./44/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./44/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./44/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./44/file1") = 0 [pid 5835] umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./44/binderfs") = 0 [pid 5835] umount2("./44/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./44/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./44/cgroup.net") = 0 [pid 5835] umount2("./44/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./44/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./44/cgroup.cpu") = 0 [pid 5835] umount2("./44/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./44/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./44/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./44") = 0 [pid 5835] mkdir("./45", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 126.008612][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5980 attached , child_tidptr=0x555561f8f750) = 47 [pid 5980] set_robust_list(0x555561f8f760, 24) = 0 [pid 5980] chdir("./45") = 0 [pid 5980] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5980] setpgid(0, 0) = 0 [pid 5980] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5980] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5980] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5980] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5980] write(3, "1000", 4) = 4 [pid 5980] close(3) = 0 [pid 5980] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5980] write(1, "executing program\n", 18executing program ) = 18 [pid 5980] memfd_create("syzkaller", 0) = 3 [pid 5980] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5980] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5980] munmap(0x7fda1a200000, 138412032) = 0 [pid 5980] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5980] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5980] close(3) = 0 [pid 5980] close(4) = 0 [pid 5980] mkdir("./file1", 0777) = 0 [ 126.408169][ T5980] loop0: detected capacity change from 0 to 32768 [ 126.439175][ T5980] JBD2: Ignoring recovery information on journal [pid 5980] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5980] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5980] chdir("./file1") = 0 [pid 5980] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5980] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5980] close(3) = 0 [pid 5980] close(4) = -1 EBADF (Bad file descriptor) [pid 5980] close(5) = -1 EBADF (Bad file descriptor) [pid 5980] close(6) = -1 EBADF (Bad file descriptor) [pid 5980] close(7) = -1 EBADF (Bad file descriptor) [pid 5980] close(8) = -1 EBADF (Bad file descriptor) [pid 5980] close(9) = -1 EBADF (Bad file descriptor) [pid 5980] close(10) = -1 EBADF (Bad file descriptor) [pid 5980] close(11) = -1 EBADF (Bad file descriptor) [pid 5980] close(12) = -1 EBADF (Bad file descriptor) [pid 5980] close(13) = -1 EBADF (Bad file descriptor) [pid 5980] close(14) = -1 EBADF (Bad file descriptor) [pid 5980] close(15) = -1 EBADF (Bad file descriptor) [pid 5980] close(16) = -1 EBADF (Bad file descriptor) [pid 5980] close(17) = -1 EBADF (Bad file descriptor) [pid 5980] close(18) = -1 EBADF (Bad file descriptor) [pid 5980] close(19) = -1 EBADF (Bad file descriptor) [pid 5980] close(20) = -1 EBADF (Bad file descriptor) [pid 5980] close(21) = -1 EBADF (Bad file descriptor) [pid 5980] close(22) = -1 EBADF (Bad file descriptor) [pid 5980] close(23) = -1 EBADF (Bad file descriptor) [pid 5980] close(24) = -1 EBADF (Bad file descriptor) [pid 5980] close(25) = -1 EBADF (Bad file descriptor) [pid 5980] close(26) = -1 EBADF (Bad file descriptor) [pid 5980] close(27) = -1 EBADF (Bad file descriptor) [pid 5980] close(28) = -1 EBADF (Bad file descriptor) [ 126.471859][ T5980] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5980] close(29) = -1 EBADF (Bad file descriptor) [pid 5980] exit_group(0) = ? [pid 5980] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=47, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5835] umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./45/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./45/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./45/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./45/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./45/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./45/file1") = 0 [pid 5835] umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./45/binderfs") = 0 [pid 5835] umount2("./45/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./45/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./45/cgroup.net") = 0 [pid 5835] umount2("./45/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./45/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./45/cgroup.cpu") = 0 [pid 5835] umount2("./45/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./45/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./45/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./45") = 0 [pid 5835] mkdir("./46", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 126.601814][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5983 attached , child_tidptr=0x555561f8f750) = 48 [pid 5983] set_robust_list(0x555561f8f760, 24) = 0 [pid 5983] chdir("./46") = 0 [pid 5983] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5983] setpgid(0, 0) = 0 [pid 5983] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5983] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5983] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5983] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5983] write(3, "1000", 4) = 4 [pid 5983] close(3) = 0 [pid 5983] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5983] write(1, "executing program\n", 18executing program ) = 18 [pid 5983] memfd_create("syzkaller", 0) = 3 [pid 5983] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5983] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5983] munmap(0x7fda1a200000, 138412032) = 0 [pid 5983] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5983] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5983] close(3) = 0 [pid 5983] close(4) = 0 [pid 5983] mkdir("./file1", 0777) = 0 [ 126.951217][ T5983] loop0: detected capacity change from 0 to 32768 [pid 5983] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5983] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5983] chdir("./file1") = 0 [pid 5983] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5983] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5983] close(3) = 0 [ 126.995002][ T5983] JBD2: Ignoring recovery information on journal [ 127.033239][ T5983] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5983] close(4) = -1 EBADF (Bad file descriptor) [pid 5983] close(5) = -1 EBADF (Bad file descriptor) [pid 5983] close(6) = -1 EBADF (Bad file descriptor) [pid 5983] close(7) = -1 EBADF (Bad file descriptor) [pid 5983] close(8) = -1 EBADF (Bad file descriptor) [pid 5983] close(9) = -1 EBADF (Bad file descriptor) [pid 5983] close(10) = -1 EBADF (Bad file descriptor) [pid 5983] close(11) = -1 EBADF (Bad file descriptor) [pid 5983] close(12) = -1 EBADF (Bad file descriptor) [pid 5983] close(13) = -1 EBADF (Bad file descriptor) [pid 5983] close(14) = -1 EBADF (Bad file descriptor) [pid 5983] close(15) = -1 EBADF (Bad file descriptor) [pid 5983] close(16) = -1 EBADF (Bad file descriptor) [pid 5983] close(17) = -1 EBADF (Bad file descriptor) [pid 5983] close(18) = -1 EBADF (Bad file descriptor) [pid 5983] close(19) = -1 EBADF (Bad file descriptor) [pid 5983] close(20) = -1 EBADF (Bad file descriptor) [pid 5983] close(21) = -1 EBADF (Bad file descriptor) [pid 5983] close(22) = -1 EBADF (Bad file descriptor) [pid 5983] close(23) = -1 EBADF (Bad file descriptor) [pid 5983] close(24) = -1 EBADF (Bad file descriptor) [pid 5983] close(25) = -1 EBADF (Bad file descriptor) [pid 5983] close(26) = -1 EBADF (Bad file descriptor) [pid 5983] close(27) = -1 EBADF (Bad file descriptor) [pid 5983] close(28) = -1 EBADF (Bad file descriptor) [pid 5983] close(29) = -1 EBADF (Bad file descriptor) [pid 5983] exit_group(0) = ? [pid 5983] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=48, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./46/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./46/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./46/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./46/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./46/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 127.158270][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./46/file1") = 0 [pid 5835] umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./46/binderfs") = 0 [pid 5835] umount2("./46/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./46/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./46/cgroup.net") = 0 [pid 5835] umount2("./46/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./46/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./46/cgroup.cpu") = 0 [pid 5835] umount2("./46/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./46/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./46/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./46") = 0 [pid 5835] mkdir("./47", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5986 attached , child_tidptr=0x555561f8f750) = 49 [pid 5986] set_robust_list(0x555561f8f760, 24) = 0 [pid 5986] chdir("./47") = 0 [pid 5986] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5986] setpgid(0, 0) = 0 [pid 5986] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5986] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5986] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5986] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5986] write(3, "1000", 4) = 4 [pid 5986] close(3) = 0 [pid 5986] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5986] write(1, "executing program\n", 18executing program ) = 18 [pid 5986] memfd_create("syzkaller", 0) = 3 [pid 5986] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5986] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5986] munmap(0x7fda1a200000, 138412032) = 0 [pid 5986] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5986] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5986] close(3) = 0 [pid 5986] close(4) = 0 [pid 5986] mkdir("./file1", 0777) = 0 [ 127.850477][ T5986] loop0: detected capacity change from 0 to 32768 [ 127.904365][ T5986] JBD2: Ignoring recovery information on journal [pid 5986] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5986] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5986] chdir("./file1") = 0 [pid 5986] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5986] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5986] close(3) = 0 [pid 5986] close(4) = -1 EBADF (Bad file descriptor) [pid 5986] close(5) = -1 EBADF (Bad file descriptor) [pid 5986] close(6) = -1 EBADF (Bad file descriptor) [pid 5986] close(7) = -1 EBADF (Bad file descriptor) [pid 5986] close(8) = -1 EBADF (Bad file descriptor) [pid 5986] close(9) = -1 EBADF (Bad file descriptor) [pid 5986] close(10) = -1 EBADF (Bad file descriptor) [pid 5986] close(11) = -1 EBADF (Bad file descriptor) [pid 5986] close(12) = -1 EBADF (Bad file descriptor) [pid 5986] close(13) = -1 EBADF (Bad file descriptor) [pid 5986] close(14) = -1 EBADF (Bad file descriptor) [pid 5986] close(15) = -1 EBADF (Bad file descriptor) [pid 5986] close(16) = -1 EBADF (Bad file descriptor) [pid 5986] close(17) = -1 EBADF (Bad file descriptor) [pid 5986] close(18) = -1 EBADF (Bad file descriptor) [pid 5986] close(19) = -1 EBADF (Bad file descriptor) [pid 5986] close(20) = -1 EBADF (Bad file descriptor) [pid 5986] close(21) = -1 EBADF (Bad file descriptor) [pid 5986] close(22) = -1 EBADF (Bad file descriptor) [pid 5986] close(23) = -1 EBADF (Bad file descriptor) [pid 5986] close(24) = -1 EBADF (Bad file descriptor) [pid 5986] close(25) = -1 EBADF (Bad file descriptor) [pid 5986] close(26) = -1 EBADF (Bad file descriptor) [pid 5986] close(27) = -1 EBADF (Bad file descriptor) [pid 5986] close(28) = -1 EBADF (Bad file descriptor) [pid 5986] close(29) = -1 EBADF (Bad file descriptor) [pid 5986] exit_group(0) = ? [pid 5986] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} --- [ 127.946759][ T5986] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./47/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./47/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./47/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./47/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./47/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./47/file1") = 0 [pid 5835] umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./47/binderfs") = 0 [pid 5835] umount2("./47/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./47/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 128.081405][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] unlink("./47/cgroup.net") = 0 [pid 5835] umount2("./47/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./47/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./47/cgroup.cpu") = 0 [pid 5835] umount2("./47/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./47/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./47/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./47") = 0 [pid 5835] mkdir("./48", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5989 attached , child_tidptr=0x555561f8f750) = 50 [pid 5989] set_robust_list(0x555561f8f760, 24) = 0 [pid 5989] chdir("./48") = 0 [pid 5989] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5989] setpgid(0, 0) = 0 [pid 5989] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5989] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5989] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5989] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5989] write(3, "1000", 4) = 4 [pid 5989] close(3) = 0 [pid 5989] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5989] write(1, "executing program\n", 18executing program ) = 18 [pid 5989] memfd_create("syzkaller", 0) = 3 [pid 5989] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5989] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5989] munmap(0x7fda1a200000, 138412032) = 0 [pid 5989] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5989] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5989] close(3) = 0 [pid 5989] close(4) = 0 [pid 5989] mkdir("./file1", 0777) = 0 [ 128.700680][ T5989] loop0: detected capacity change from 0 to 32768 [ 128.738287][ T5989] JBD2: Ignoring recovery information on journal [pid 5989] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5989] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5989] chdir("./file1") = 0 [pid 5989] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5989] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5989] close(3) = 0 [pid 5989] close(4) = -1 EBADF (Bad file descriptor) [pid 5989] close(5) = -1 EBADF (Bad file descriptor) [pid 5989] close(6) = -1 EBADF (Bad file descriptor) [pid 5989] close(7) = -1 EBADF (Bad file descriptor) [pid 5989] close(8) = -1 EBADF (Bad file descriptor) [pid 5989] close(9) = -1 EBADF (Bad file descriptor) [pid 5989] close(10) = -1 EBADF (Bad file descriptor) [pid 5989] close(11) = -1 EBADF (Bad file descriptor) [pid 5989] close(12) = -1 EBADF (Bad file descriptor) [pid 5989] close(13) = -1 EBADF (Bad file descriptor) [pid 5989] close(14) = -1 EBADF (Bad file descriptor) [pid 5989] close(15) = -1 EBADF (Bad file descriptor) [pid 5989] close(16) = -1 EBADF (Bad file descriptor) [pid 5989] close(17) = -1 EBADF (Bad file descriptor) [pid 5989] close(18) = -1 EBADF (Bad file descriptor) [pid 5989] close(19) = -1 EBADF (Bad file descriptor) [pid 5989] close(20) = -1 EBADF (Bad file descriptor) [pid 5989] close(21) = -1 EBADF (Bad file descriptor) [pid 5989] close(22) = -1 EBADF (Bad file descriptor) [pid 5989] close(23) = -1 EBADF (Bad file descriptor) [pid 5989] close(24) = -1 EBADF (Bad file descriptor) [pid 5989] close(25) = -1 EBADF (Bad file descriptor) [pid 5989] close(26) = -1 EBADF (Bad file descriptor) [pid 5989] close(27) = -1 EBADF (Bad file descriptor) [pid 5989] close(28) = -1 EBADF (Bad file descriptor) [pid 5989] close(29) = -1 EBADF (Bad file descriptor) [pid 5989] exit_group(0) = ? [pid 5989] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=50, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./48", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [ 128.775077][ T5989] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] umount2("./48/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./48/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./48/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./48/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./48/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./48/file1") = 0 [pid 5835] umount2("./48/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./48/binderfs") = 0 [pid 5835] umount2("./48/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./48/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./48/cgroup.net") = 0 [pid 5835] umount2("./48/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./48/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./48/cgroup.cpu") = 0 [pid 5835] umount2("./48/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./48/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./48/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./48") = 0 [pid 5835] mkdir("./49", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 128.819140][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5992 attached [pid 5992] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 51 [pid 5992] <... set_robust_list resumed>) = 0 [pid 5992] chdir("./49") = 0 [pid 5992] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5992] setpgid(0, 0) = 0 [pid 5992] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5992] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5992] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5992] write(3, "1000", 4) = 4 [pid 5992] close(3) = 0 [pid 5992] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5992] write(1, "executing program\n", 18) = 18 [pid 5992] memfd_create("syzkaller", 0) = 3 [pid 5992] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5992] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5992] munmap(0x7fda1a200000, 138412032) = 0 [pid 5992] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5992] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5992] close(3) = 0 [pid 5992] close(4) = 0 [pid 5992] mkdir("./file1", 0777) = 0 [ 129.234686][ T5992] loop0: detected capacity change from 0 to 32768 [pid 5992] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5992] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5992] chdir("./file1") = 0 [pid 5992] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5992] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5992] close(3) = 0 [pid 5992] close(4) = -1 EBADF (Bad file descriptor) [pid 5992] close(5) = -1 EBADF (Bad file descriptor) [pid 5992] close(6) = -1 EBADF (Bad file descriptor) [pid 5992] close(7) = -1 EBADF (Bad file descriptor) [pid 5992] close(8) = -1 EBADF (Bad file descriptor) [pid 5992] close(9) = -1 EBADF (Bad file descriptor) [pid 5992] close(10) = -1 EBADF (Bad file descriptor) [pid 5992] close(11) = -1 EBADF (Bad file descriptor) [pid 5992] close(12) = -1 EBADF (Bad file descriptor) [pid 5992] close(13) = -1 EBADF (Bad file descriptor) [pid 5992] close(14) = -1 EBADF (Bad file descriptor) [pid 5992] close(15) = -1 EBADF (Bad file descriptor) [pid 5992] close(16) = -1 EBADF (Bad file descriptor) [pid 5992] close(17) = -1 EBADF (Bad file descriptor) [pid 5992] close(18) = -1 EBADF (Bad file descriptor) [pid 5992] close(19) = -1 EBADF (Bad file descriptor) [pid 5992] close(20) = -1 EBADF (Bad file descriptor) [pid 5992] close(21) = -1 EBADF (Bad file descriptor) [pid 5992] close(22) = -1 EBADF (Bad file descriptor) [pid 5992] close(23) = -1 EBADF (Bad file descriptor) [pid 5992] close(24) = -1 EBADF (Bad file descriptor) [pid 5992] close(25) = -1 EBADF (Bad file descriptor) [pid 5992] close(26) = -1 EBADF (Bad file descriptor) [pid 5992] close(27) = -1 EBADF (Bad file descriptor) [pid 5992] close(28) = -1 EBADF (Bad file descriptor) [pid 5992] close(29) = -1 EBADF (Bad file descriptor) [pid 5992] exit_group(0) = ? [pid 5992] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=51, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5835] umount2("./49", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [ 129.281509][ T5992] JBD2: Ignoring recovery information on journal [ 129.317021][ T5992] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./49/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./49/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./49/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./49/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./49/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./49/file1") = 0 [pid 5835] umount2("./49/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./49/binderfs") = 0 [pid 5835] umount2("./49/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./49/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./49/cgroup.net") = 0 [pid 5835] umount2("./49/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./49/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./49/cgroup.cpu") = 0 [pid 5835] umount2("./49/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./49/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./49/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./49") = 0 [pid 5835] mkdir("./50", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 129.367495][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5995 attached , child_tidptr=0x555561f8f750) = 52 [pid 5995] set_robust_list(0x555561f8f760, 24) = 0 [pid 5995] chdir("./50") = 0 [pid 5995] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5995] setpgid(0, 0) = 0 [pid 5995] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5995] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5995] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5995] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5995] write(3, "1000", 4) = 4 [pid 5995] close(3) = 0 [pid 5995] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5995] write(1, "executing program\n", 18) = 18 [pid 5995] memfd_create("syzkaller", 0) = 3 [pid 5995] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5995] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5995] munmap(0x7fda1a200000, 138412032) = 0 [pid 5995] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5995] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5995] close(3) = 0 [pid 5995] close(4) = 0 [pid 5995] mkdir("./file1", 0777) = 0 [ 129.792362][ T5995] loop0: detected capacity change from 0 to 32768 [pid 5995] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5995] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5995] chdir("./file1") = 0 [pid 5995] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5995] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5995] close(3) = 0 [ 129.846677][ T5995] JBD2: Ignoring recovery information on journal [ 129.882279][ T5995] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5995] close(4) = -1 EBADF (Bad file descriptor) [pid 5995] close(5) = -1 EBADF (Bad file descriptor) [pid 5995] close(6) = -1 EBADF (Bad file descriptor) [pid 5995] close(7) = -1 EBADF (Bad file descriptor) [pid 5995] close(8) = -1 EBADF (Bad file descriptor) [pid 5995] close(9) = -1 EBADF (Bad file descriptor) [pid 5995] close(10) = -1 EBADF (Bad file descriptor) [pid 5995] close(11) = -1 EBADF (Bad file descriptor) [pid 5995] close(12) = -1 EBADF (Bad file descriptor) [pid 5995] close(13) = -1 EBADF (Bad file descriptor) [pid 5995] close(14) = -1 EBADF (Bad file descriptor) [pid 5995] close(15) = -1 EBADF (Bad file descriptor) [pid 5995] close(16) = -1 EBADF (Bad file descriptor) [pid 5995] close(17) = -1 EBADF (Bad file descriptor) [pid 5995] close(18) = -1 EBADF (Bad file descriptor) [pid 5995] close(19) = -1 EBADF (Bad file descriptor) [pid 5995] close(20) = -1 EBADF (Bad file descriptor) [pid 5995] close(21) = -1 EBADF (Bad file descriptor) [pid 5995] close(22) = -1 EBADF (Bad file descriptor) [pid 5995] close(23) = -1 EBADF (Bad file descriptor) [pid 5995] close(24) = -1 EBADF (Bad file descriptor) [pid 5995] close(25) = -1 EBADF (Bad file descriptor) [pid 5995] close(26) = -1 EBADF (Bad file descriptor) [pid 5995] close(27) = -1 EBADF (Bad file descriptor) [pid 5995] close(28) = -1 EBADF (Bad file descriptor) [pid 5995] close(29) = -1 EBADF (Bad file descriptor) [pid 5995] exit_group(0) = ? [pid 5995] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=52, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] umount2("./50", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./50/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./50/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./50/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./50/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./50/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 130.005169][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./50/file1") = 0 [pid 5835] umount2("./50/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./50/binderfs") = 0 [pid 5835] umount2("./50/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./50/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./50/cgroup.net") = 0 [pid 5835] umount2("./50/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./50/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./50/cgroup.cpu") = 0 [pid 5835] umount2("./50/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./50/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./50/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./50") = 0 [pid 5835] mkdir("./51", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5998 attached , child_tidptr=0x555561f8f750) = 53 [pid 5998] set_robust_list(0x555561f8f760, 24) = 0 [pid 5998] chdir("./51") = 0 [pid 5998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5998] setpgid(0, 0) = 0 [pid 5998] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5998] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5998] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5998] write(3, "1000", 4) = 4 [pid 5998] close(3) = 0 [pid 5998] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5998] write(1, "executing program\n", 18executing program ) = 18 [pid 5998] memfd_create("syzkaller", 0) = 3 [pid 5998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 5998] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5998] munmap(0x7fda1a200000, 138412032) = 0 [pid 5998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5998] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5998] close(3) = 0 [pid 5998] close(4) = 0 [pid 5998] mkdir("./file1", 0777) = 0 [ 130.588304][ T5998] loop0: detected capacity change from 0 to 32768 [ 130.638152][ T5998] JBD2: Ignoring recovery information on journal [pid 5998] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 5998] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5998] chdir("./file1") = 0 [pid 5998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5998] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 5998] close(3) = 0 [pid 5998] close(4) = -1 EBADF (Bad file descriptor) [pid 5998] close(5) = -1 EBADF (Bad file descriptor) [pid 5998] close(6) = -1 EBADF (Bad file descriptor) [pid 5998] close(7) = -1 EBADF (Bad file descriptor) [pid 5998] close(8) = -1 EBADF (Bad file descriptor) [pid 5998] close(9) = -1 EBADF (Bad file descriptor) [pid 5998] close(10) = -1 EBADF (Bad file descriptor) [pid 5998] close(11) = -1 EBADF (Bad file descriptor) [pid 5998] close(12) = -1 EBADF (Bad file descriptor) [pid 5998] close(13) = -1 EBADF (Bad file descriptor) [pid 5998] close(14) = -1 EBADF (Bad file descriptor) [pid 5998] close(15) = -1 EBADF (Bad file descriptor) [pid 5998] close(16) = -1 EBADF (Bad file descriptor) [pid 5998] close(17) = -1 EBADF (Bad file descriptor) [pid 5998] close(18) = -1 EBADF (Bad file descriptor) [pid 5998] close(19) = -1 EBADF (Bad file descriptor) [pid 5998] close(20) = -1 EBADF (Bad file descriptor) [pid 5998] close(21) = -1 EBADF (Bad file descriptor) [pid 5998] close(22) = -1 EBADF (Bad file descriptor) [pid 5998] close(23) = -1 EBADF (Bad file descriptor) [pid 5998] close(24) = -1 EBADF (Bad file descriptor) [pid 5998] close(25) = -1 EBADF (Bad file descriptor) [pid 5998] close(26) = -1 EBADF (Bad file descriptor) [pid 5998] close(27) = -1 EBADF (Bad file descriptor) [pid 5998] close(28) = -1 EBADF (Bad file descriptor) [pid 5998] close(29) = -1 EBADF (Bad file descriptor) [pid 5998] exit_group(0) = ? [pid 5998] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=53, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [ 130.678630][ T5998] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./51", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./51/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./51/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./51/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./51/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./51/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./51/file1") = 0 [pid 5835] umount2("./51/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./51/binderfs") = 0 [pid 5835] umount2("./51/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./51/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./51/cgroup.net") = 0 [pid 5835] umount2("./51/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./51/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./51/cgroup.cpu") = 0 [pid 5835] umount2("./51/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./51/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./51/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./51") = 0 [pid 5835] mkdir("./52", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 130.751124][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6001 attached , child_tidptr=0x555561f8f750) = 54 [pid 6001] set_robust_list(0x555561f8f760, 24) = 0 [pid 6001] chdir("./52") = 0 [pid 6001] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6001] setpgid(0, 0) = 0 [pid 6001] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6001] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6001] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6001] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6001] write(3, "1000", 4) = 4 [pid 6001] close(3) = 0 [pid 6001] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6001] write(1, "executing program\n", 18) = 18 [pid 6001] memfd_create("syzkaller", 0) = 3 [pid 6001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6001] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6001] munmap(0x7fda1a200000, 138412032) = 0 [pid 6001] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6001] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6001] close(3) = 0 [pid 6001] close(4) = 0 [pid 6001] mkdir("./file1", 0777) = 0 [ 131.162466][ T6001] loop0: detected capacity change from 0 to 32768 [pid 6001] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6001] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6001] chdir("./file1") = 0 [pid 6001] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6001] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6001] close(3) = 0 [pid 6001] close(4) = -1 EBADF (Bad file descriptor) [ 131.214487][ T6001] JBD2: Ignoring recovery information on journal [ 131.248419][ T6001] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6001] close(5) = -1 EBADF (Bad file descriptor) [pid 6001] close(6) = -1 EBADF (Bad file descriptor) [pid 6001] close(7) = -1 EBADF (Bad file descriptor) [pid 6001] close(8) = -1 EBADF (Bad file descriptor) [pid 6001] close(9) = -1 EBADF (Bad file descriptor) [pid 6001] close(10) = -1 EBADF (Bad file descriptor) [pid 6001] close(11) = -1 EBADF (Bad file descriptor) [pid 6001] close(12) = -1 EBADF (Bad file descriptor) [pid 6001] close(13) = -1 EBADF (Bad file descriptor) [pid 6001] close(14) = -1 EBADF (Bad file descriptor) [pid 6001] close(15) = -1 EBADF (Bad file descriptor) [pid 6001] close(16) = -1 EBADF (Bad file descriptor) [pid 6001] close(17) = -1 EBADF (Bad file descriptor) [pid 6001] close(18) = -1 EBADF (Bad file descriptor) [pid 6001] close(19) = -1 EBADF (Bad file descriptor) [pid 6001] close(20) = -1 EBADF (Bad file descriptor) [pid 6001] close(21) = -1 EBADF (Bad file descriptor) [pid 6001] close(22) = -1 EBADF (Bad file descriptor) [pid 6001] close(23) = -1 EBADF (Bad file descriptor) [pid 6001] close(24) = -1 EBADF (Bad file descriptor) [pid 6001] close(25) = -1 EBADF (Bad file descriptor) [pid 6001] close(26) = -1 EBADF (Bad file descriptor) [pid 6001] close(27) = -1 EBADF (Bad file descriptor) [pid 6001] close(28) = -1 EBADF (Bad file descriptor) [pid 6001] close(29) = -1 EBADF (Bad file descriptor) [pid 6001] exit_group(0) = ? [pid 6001] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=54, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./52/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./52/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./52/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./52/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./52/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 131.339280][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./52/file1") = 0 [pid 5835] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./52/binderfs") = 0 [pid 5835] umount2("./52/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./52/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./52/cgroup.net") = 0 [pid 5835] umount2("./52/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./52/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./52/cgroup.cpu") = 0 [pid 5835] umount2("./52/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./52/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./52/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./52") = 0 [pid 5835] mkdir("./53", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561f8f750) = 55 ./strace-static-x86_64: Process 6004 attached [pid 6004] set_robust_list(0x555561f8f760, 24) = 0 [pid 6004] chdir("./53") = 0 [pid 6004] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6004] setpgid(0, 0) = 0 [pid 6004] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6004] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6004] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6004] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6004] write(3, "1000", 4) = 4 [pid 6004] close(3) = 0 [pid 6004] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6004] write(1, "executing program\n", 18) = 18 [pid 6004] memfd_create("syzkaller", 0) = 3 [pid 6004] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6004] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6004] munmap(0x7fda1a200000, 138412032) = 0 [pid 6004] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6004] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6004] close(3) = 0 [pid 6004] close(4) = 0 [pid 6004] mkdir("./file1", 0777) = 0 [ 132.060748][ T6004] loop0: detected capacity change from 0 to 32768 [pid 6004] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6004] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6004] chdir("./file1") = 0 [pid 6004] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6004] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6004] close(3) = 0 [pid 6004] close(4) = -1 EBADF (Bad file descriptor) [pid 6004] close(5) = -1 EBADF (Bad file descriptor) [pid 6004] close(6) = -1 EBADF (Bad file descriptor) [pid 6004] close(7) = -1 EBADF (Bad file descriptor) [ 132.104837][ T6004] JBD2: Ignoring recovery information on journal [ 132.138846][ T6004] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6004] close(8) = -1 EBADF (Bad file descriptor) [pid 6004] close(9) = -1 EBADF (Bad file descriptor) [pid 6004] close(10) = -1 EBADF (Bad file descriptor) [pid 6004] close(11) = -1 EBADF (Bad file descriptor) [pid 6004] close(12) = -1 EBADF (Bad file descriptor) [pid 6004] close(13) = -1 EBADF (Bad file descriptor) [pid 6004] close(14) = -1 EBADF (Bad file descriptor) [pid 6004] close(15) = -1 EBADF (Bad file descriptor) [pid 6004] close(16) = -1 EBADF (Bad file descriptor) [pid 6004] close(17) = -1 EBADF (Bad file descriptor) [pid 6004] close(18) = -1 EBADF (Bad file descriptor) [pid 6004] close(19) = -1 EBADF (Bad file descriptor) [pid 6004] close(20) = -1 EBADF (Bad file descriptor) [pid 6004] close(21) = -1 EBADF (Bad file descriptor) [pid 6004] close(22) = -1 EBADF (Bad file descriptor) [pid 6004] close(23) = -1 EBADF (Bad file descriptor) [pid 6004] close(24) = -1 EBADF (Bad file descriptor) [pid 6004] close(25) = -1 EBADF (Bad file descriptor) [pid 6004] close(26) = -1 EBADF (Bad file descriptor) [pid 6004] close(27) = -1 EBADF (Bad file descriptor) [pid 6004] close(28) = -1 EBADF (Bad file descriptor) [pid 6004] close(29) = -1 EBADF (Bad file descriptor) [pid 6004] exit_group(0) = ? [pid 6004] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=55, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5835] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./53/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./53/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./53/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./53/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./53/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 132.308882][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./53/file1") = 0 [pid 5835] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./53/binderfs") = 0 [pid 5835] umount2("./53/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./53/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./53/cgroup.net") = 0 [pid 5835] umount2("./53/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./53/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./53/cgroup.cpu") = 0 [pid 5835] umount2("./53/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./53/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./53/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./53") = 0 [pid 5835] mkdir("./54", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6007 attached [pid 6007] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 56 [pid 6007] <... set_robust_list resumed>) = 0 [pid 6007] chdir("./54") = 0 [pid 6007] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6007] setpgid(0, 0) = 0 [pid 6007] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6007] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6007] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6007] write(3, "1000", 4) = 4 [pid 6007] close(3) = 0 [pid 6007] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6007] write(1, "executing program\n", 18executing program ) = 18 [pid 6007] memfd_create("syzkaller", 0) = 3 [pid 6007] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6007] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6007] munmap(0x7fda1a200000, 138412032) = 0 [pid 6007] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6007] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6007] close(3) = 0 [pid 6007] close(4) = 0 [pid 6007] mkdir("./file1", 0777) = 0 [ 132.984251][ T6007] loop0: detected capacity change from 0 to 32768 [ 133.036508][ T6007] JBD2: Ignoring recovery information on journal [pid 6007] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6007] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6007] chdir("./file1") = 0 [pid 6007] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6007] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6007] close(3) = 0 [pid 6007] close(4) = -1 EBADF (Bad file descriptor) [pid 6007] close(5) = -1 EBADF (Bad file descriptor) [pid 6007] close(6) = -1 EBADF (Bad file descriptor) [pid 6007] close(7) = -1 EBADF (Bad file descriptor) [pid 6007] close(8) = -1 EBADF (Bad file descriptor) [pid 6007] close(9) = -1 EBADF (Bad file descriptor) [pid 6007] close(10) = -1 EBADF (Bad file descriptor) [pid 6007] close(11) = -1 EBADF (Bad file descriptor) [pid 6007] close(12) = -1 EBADF (Bad file descriptor) [pid 6007] close(13) = -1 EBADF (Bad file descriptor) [pid 6007] close(14) = -1 EBADF (Bad file descriptor) [pid 6007] close(15) = -1 EBADF (Bad file descriptor) [pid 6007] close(16) = -1 EBADF (Bad file descriptor) [pid 6007] close(17) = -1 EBADF (Bad file descriptor) [pid 6007] close(18) = -1 EBADF (Bad file descriptor) [pid 6007] close(19) = -1 EBADF (Bad file descriptor) [pid 6007] close(20) = -1 EBADF (Bad file descriptor) [pid 6007] close(21) = -1 EBADF (Bad file descriptor) [pid 6007] close(22) = -1 EBADF (Bad file descriptor) [pid 6007] close(23) = -1 EBADF (Bad file descriptor) [ 133.079837][ T6007] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6007] close(24) = -1 EBADF (Bad file descriptor) [pid 6007] close(25) = -1 EBADF (Bad file descriptor) [pid 6007] close(26) = -1 EBADF (Bad file descriptor) [pid 6007] close(27) = -1 EBADF (Bad file descriptor) [pid 6007] close(28) = -1 EBADF (Bad file descriptor) [pid 6007] close(29) = -1 EBADF (Bad file descriptor) [pid 6007] exit_group(0) = ? [pid 6007] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=56, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5835] umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./54/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./54/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./54/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./54/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./54/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./54/file1") = 0 [pid 5835] umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./54/binderfs") = 0 [pid 5835] umount2("./54/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./54/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./54/cgroup.net") = 0 [pid 5835] umount2("./54/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./54/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./54/cgroup.cpu") = 0 [pid 5835] umount2("./54/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./54/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./54/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./54") = 0 [pid 5835] mkdir("./55", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 133.250687][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6010 attached , child_tidptr=0x555561f8f750) = 57 [pid 6010] set_robust_list(0x555561f8f760, 24) = 0 [pid 6010] chdir("./55") = 0 [pid 6010] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6010] setpgid(0, 0) = 0 [pid 6010] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6010] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6010] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6010] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6010] write(3, "1000", 4) = 4 [pid 6010] close(3) = 0 [pid 6010] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6010] write(1, "executing program\n", 18executing program ) = 18 [pid 6010] memfd_create("syzkaller", 0) = 3 [pid 6010] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6010] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6010] munmap(0x7fda1a200000, 138412032) = 0 [pid 6010] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6010] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6010] close(3) = 0 [pid 6010] close(4) = 0 [pid 6010] mkdir("./file1", 0777) = 0 [ 133.644022][ T6010] loop0: detected capacity change from 0 to 32768 [ 133.683496][ T6010] JBD2: Ignoring recovery information on journal [pid 6010] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6010] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6010] chdir("./file1") = 0 [pid 6010] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6010] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6010] close(3) = 0 [pid 6010] close(4) = -1 EBADF (Bad file descriptor) [pid 6010] close(5) = -1 EBADF (Bad file descriptor) [pid 6010] close(6) = -1 EBADF (Bad file descriptor) [pid 6010] close(7) = -1 EBADF (Bad file descriptor) [pid 6010] close(8) = -1 EBADF (Bad file descriptor) [pid 6010] close(9) = -1 EBADF (Bad file descriptor) [pid 6010] close(10) = -1 EBADF (Bad file descriptor) [pid 6010] close(11) = -1 EBADF (Bad file descriptor) [pid 6010] close(12) = -1 EBADF (Bad file descriptor) [pid 6010] close(13) = -1 EBADF (Bad file descriptor) [pid 6010] close(14) = -1 EBADF (Bad file descriptor) [pid 6010] close(15) = -1 EBADF (Bad file descriptor) [pid 6010] close(16) = -1 EBADF (Bad file descriptor) [ 133.723763][ T6010] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6010] close(17) = -1 EBADF (Bad file descriptor) [pid 6010] close(18) = -1 EBADF (Bad file descriptor) [pid 6010] close(19) = -1 EBADF (Bad file descriptor) [pid 6010] close(20) = -1 EBADF (Bad file descriptor) [pid 6010] close(21) = -1 EBADF (Bad file descriptor) [pid 6010] close(22) = -1 EBADF (Bad file descriptor) [pid 6010] close(23) = -1 EBADF (Bad file descriptor) [pid 6010] close(24) = -1 EBADF (Bad file descriptor) [pid 6010] close(25) = -1 EBADF (Bad file descriptor) [pid 6010] close(26) = -1 EBADF (Bad file descriptor) [pid 6010] close(27) = -1 EBADF (Bad file descriptor) [pid 6010] close(28) = -1 EBADF (Bad file descriptor) [pid 6010] close(29) = -1 EBADF (Bad file descriptor) [pid 6010] exit_group(0) = ? [pid 6010] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=57, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} --- [pid 5835] umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./55/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./55/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./55/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./55/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 133.867397][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] openat(AT_FDCWD, "./55/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./55/file1") = 0 [pid 5835] umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./55/binderfs") = 0 [pid 5835] umount2("./55/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./55/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./55/cgroup.net") = 0 [pid 5835] umount2("./55/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./55/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./55/cgroup.cpu") = 0 [pid 5835] umount2("./55/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./55/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./55/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./55") = 0 [pid 5835] mkdir("./56", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6013 attached [pid 6013] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 58 [pid 6013] <... set_robust_list resumed>) = 0 [pid 6013] chdir("./56") = 0 [pid 6013] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6013] setpgid(0, 0) = 0 [pid 6013] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6013] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6013] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6013] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6013] write(3, "1000", 4) = 4 [pid 6013] close(3) = 0 [pid 6013] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6013] write(1, "executing program\n", 18) = 18 [pid 6013] memfd_create("syzkaller", 0) = 3 [pid 6013] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6013] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6013] munmap(0x7fda1a200000, 138412032) = 0 [pid 6013] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6013] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6013] close(3) = 0 [pid 6013] close(4) = 0 [pid 6013] mkdir("./file1", 0777) = 0 [ 134.542655][ T6013] loop0: detected capacity change from 0 to 32768 [pid 6013] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6013] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6013] chdir("./file1") = 0 [pid 6013] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 134.590831][ T6013] JBD2: Ignoring recovery information on journal [ 134.622620][ T6013] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6013] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6013] close(3) = 0 [pid 6013] close(4) = -1 EBADF (Bad file descriptor) [pid 6013] close(5) = -1 EBADF (Bad file descriptor) [pid 6013] close(6) = -1 EBADF (Bad file descriptor) [pid 6013] close(7) = -1 EBADF (Bad file descriptor) [pid 6013] close(8) = -1 EBADF (Bad file descriptor) [pid 6013] close(9) = -1 EBADF (Bad file descriptor) [pid 6013] close(10) = -1 EBADF (Bad file descriptor) [pid 6013] close(11) = -1 EBADF (Bad file descriptor) [pid 6013] close(12) = -1 EBADF (Bad file descriptor) [pid 6013] close(13) = -1 EBADF (Bad file descriptor) [pid 6013] close(14) = -1 EBADF (Bad file descriptor) [pid 6013] close(15) = -1 EBADF (Bad file descriptor) [pid 6013] close(16) = -1 EBADF (Bad file descriptor) [pid 6013] close(17) = -1 EBADF (Bad file descriptor) [pid 6013] close(18) = -1 EBADF (Bad file descriptor) [pid 6013] close(19) = -1 EBADF (Bad file descriptor) [pid 6013] close(20) = -1 EBADF (Bad file descriptor) [pid 6013] close(21) = -1 EBADF (Bad file descriptor) [pid 6013] close(22) = -1 EBADF (Bad file descriptor) [pid 6013] close(23) = -1 EBADF (Bad file descriptor) [pid 6013] close(24) = -1 EBADF (Bad file descriptor) [pid 6013] close(25) = -1 EBADF (Bad file descriptor) [pid 6013] close(26) = -1 EBADF (Bad file descriptor) [pid 6013] close(27) = -1 EBADF (Bad file descriptor) [pid 6013] close(28) = -1 EBADF (Bad file descriptor) [pid 6013] close(29) = -1 EBADF (Bad file descriptor) [pid 6013] exit_group(0) = ? [pid 6013] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=58, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./56/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./56/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./56/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./56/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./56/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./56/file1") = 0 [pid 5835] umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 134.774595][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(AT_FDCWD, "./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./56/binderfs") = 0 [pid 5835] umount2("./56/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./56/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./56/cgroup.net") = 0 [pid 5835] umount2("./56/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./56/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./56/cgroup.cpu") = 0 [pid 5835] umount2("./56/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./56/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./56/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./56") = 0 [pid 5835] mkdir("./57", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6016 attached , child_tidptr=0x555561f8f750) = 59 [pid 6016] set_robust_list(0x555561f8f760, 24) = 0 [pid 6016] chdir("./57") = 0 [pid 6016] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6016] setpgid(0, 0) = 0 [pid 6016] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6016] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6016] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6016] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6016] write(3, "1000", 4) = 4 [pid 6016] close(3) = 0 [pid 6016] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6016] write(1, "executing program\n", 18) = 18 [pid 6016] memfd_create("syzkaller", 0) = 3 [pid 6016] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6016] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6016] munmap(0x7fda1a200000, 138412032) = 0 [pid 6016] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6016] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6016] close(3) = 0 [pid 6016] close(4) = 0 [pid 6016] mkdir("./file1", 0777) = 0 [ 135.346974][ T6016] loop0: detected capacity change from 0 to 32768 [pid 6016] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6016] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6016] chdir("./file1") = 0 [pid 6016] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6016] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6016] close(3) = 0 [ 135.407054][ T6016] JBD2: Ignoring recovery information on journal [ 135.443287][ T6016] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6016] close(4) = -1 EBADF (Bad file descriptor) [pid 6016] close(5) = -1 EBADF (Bad file descriptor) [pid 6016] close(6) = -1 EBADF (Bad file descriptor) [pid 6016] close(7) = -1 EBADF (Bad file descriptor) [pid 6016] close(8) = -1 EBADF (Bad file descriptor) [pid 6016] close(9) = -1 EBADF (Bad file descriptor) [pid 6016] close(10) = -1 EBADF (Bad file descriptor) [pid 6016] close(11) = -1 EBADF (Bad file descriptor) [pid 6016] close(12) = -1 EBADF (Bad file descriptor) [pid 6016] close(13) = -1 EBADF (Bad file descriptor) [pid 6016] close(14) = -1 EBADF (Bad file descriptor) [pid 6016] close(15) = -1 EBADF (Bad file descriptor) [pid 6016] close(16) = -1 EBADF (Bad file descriptor) [pid 6016] close(17) = -1 EBADF (Bad file descriptor) [pid 6016] close(18) = -1 EBADF (Bad file descriptor) [pid 6016] close(19) = -1 EBADF (Bad file descriptor) [pid 6016] close(20) = -1 EBADF (Bad file descriptor) [pid 6016] close(21) = -1 EBADF (Bad file descriptor) [pid 6016] close(22) = -1 EBADF (Bad file descriptor) [pid 6016] close(23) = -1 EBADF (Bad file descriptor) [pid 6016] close(24) = -1 EBADF (Bad file descriptor) [pid 6016] close(25) = -1 EBADF (Bad file descriptor) [pid 6016] close(26) = -1 EBADF (Bad file descriptor) [pid 6016] close(27) = -1 EBADF (Bad file descriptor) [pid 6016] close(28) = -1 EBADF (Bad file descriptor) [pid 6016] close(29) = -1 EBADF (Bad file descriptor) [pid 6016] exit_group(0) = ? [pid 6016] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=59, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=16 /* 0.16 s */} --- [pid 5835] umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./57/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./57/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./57/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./57/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./57/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./57/file1") = 0 [pid 5835] umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./57/binderfs") = 0 [pid 5835] umount2("./57/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./57/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./57/cgroup.net") = 0 [pid 5835] umount2("./57/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./57/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./57/cgroup.cpu") = 0 [pid 5835] umount2("./57/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./57/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./57/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./57") = 0 [pid 5835] mkdir("./58", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 135.621373][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6019 attached [pid 6019] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 60 [pid 6019] <... set_robust_list resumed>) = 0 [pid 6019] chdir("./58") = 0 [pid 6019] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6019] setpgid(0, 0) = 0 [pid 6019] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6019] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6019] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6019] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6019] write(3, "1000", 4) = 4 [pid 6019] close(3) = 0 [pid 6019] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6019] write(1, "executing program\n", 18executing program ) = 18 [pid 6019] memfd_create("syzkaller", 0) = 3 [pid 6019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6019] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6019] munmap(0x7fda1a200000, 138412032) = 0 [pid 6019] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6019] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6019] close(3) = 0 [pid 6019] close(4) = 0 [pid 6019] mkdir("./file1", 0777) = 0 [ 135.973337][ T6019] loop0: detected capacity change from 0 to 32768 [pid 6019] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6019] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6019] chdir("./file1") = 0 [pid 6019] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6019] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6019] close(3) = 0 [pid 6019] close(4) = -1 EBADF (Bad file descriptor) [pid 6019] close(5) = -1 EBADF (Bad file descriptor) [pid 6019] close(6) = -1 EBADF (Bad file descriptor) [ 136.036601][ T6019] JBD2: Ignoring recovery information on journal [ 136.071852][ T6019] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6019] close(7) = -1 EBADF (Bad file descriptor) [pid 6019] close(8) = -1 EBADF (Bad file descriptor) [pid 6019] close(9) = -1 EBADF (Bad file descriptor) [pid 6019] close(10) = -1 EBADF (Bad file descriptor) [pid 6019] close(11) = -1 EBADF (Bad file descriptor) [pid 6019] close(12) = -1 EBADF (Bad file descriptor) [pid 6019] close(13) = -1 EBADF (Bad file descriptor) [pid 6019] close(14) = -1 EBADF (Bad file descriptor) [pid 6019] close(15) = -1 EBADF (Bad file descriptor) [pid 6019] close(16) = -1 EBADF (Bad file descriptor) [pid 6019] close(17) = -1 EBADF (Bad file descriptor) [pid 6019] close(18) = -1 EBADF (Bad file descriptor) [pid 6019] close(19) = -1 EBADF (Bad file descriptor) [pid 6019] close(20) = -1 EBADF (Bad file descriptor) [pid 6019] close(21) = -1 EBADF (Bad file descriptor) [pid 6019] close(22) = -1 EBADF (Bad file descriptor) [pid 6019] close(23) = -1 EBADF (Bad file descriptor) [pid 6019] close(24) = -1 EBADF (Bad file descriptor) [pid 6019] close(25) = -1 EBADF (Bad file descriptor) [pid 6019] close(26) = -1 EBADF (Bad file descriptor) [pid 6019] close(27) = -1 EBADF (Bad file descriptor) [pid 6019] close(28) = -1 EBADF (Bad file descriptor) [pid 6019] close(29) = -1 EBADF (Bad file descriptor) [pid 6019] exit_group(0) = ? [pid 6019] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=60, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./58/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./58/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./58/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./58/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./58/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./58/file1") = 0 [pid 5835] umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./58/binderfs") = 0 [pid 5835] umount2("./58/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./58/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./58/cgroup.net") = 0 [pid 5835] umount2("./58/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./58/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./58/cgroup.cpu") = 0 [pid 5835] umount2("./58/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./58/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./58/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./58") = 0 [pid 5835] mkdir("./59", 0777) = 0 [ 136.254935][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6022 attached [pid 6022] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 61 [pid 6022] <... set_robust_list resumed>) = 0 [pid 6022] chdir("./59") = 0 [pid 6022] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6022] setpgid(0, 0) = 0 [pid 6022] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6022] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6022] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6022] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6022] write(3, "1000", 4) = 4 [pid 6022] close(3) = 0 [pid 6022] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6022] write(1, "executing program\n", 18) = 18 [pid 6022] memfd_create("syzkaller", 0) = 3 [pid 6022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6022] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6022] munmap(0x7fda1a200000, 138412032) = 0 [pid 6022] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6022] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6022] close(3) = 0 [pid 6022] close(4) = 0 [pid 6022] mkdir("./file1", 0777) = 0 [ 136.652903][ T6022] loop0: detected capacity change from 0 to 32768 [pid 6022] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6022] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6022] chdir("./file1") = 0 [pid 6022] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6022] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6022] close(3) = 0 [pid 6022] close(4) = -1 EBADF (Bad file descriptor) [pid 6022] close(5) = -1 EBADF (Bad file descriptor) [pid 6022] close(6) = -1 EBADF (Bad file descriptor) [pid 6022] close(7) = -1 EBADF (Bad file descriptor) [pid 6022] close(8) = -1 EBADF (Bad file descriptor) [pid 6022] close(9) = -1 EBADF (Bad file descriptor) [pid 6022] close(10) = -1 EBADF (Bad file descriptor) [pid 6022] close(11) = -1 EBADF (Bad file descriptor) [pid 6022] close(12) = -1 EBADF (Bad file descriptor) [pid 6022] close(13) = -1 EBADF (Bad file descriptor) [pid 6022] close(14) = -1 EBADF (Bad file descriptor) [pid 6022] close(15) = -1 EBADF (Bad file descriptor) [pid 6022] close(16) = -1 EBADF (Bad file descriptor) [pid 6022] close(17) = -1 EBADF (Bad file descriptor) [pid 6022] close(18) = -1 EBADF (Bad file descriptor) [pid 6022] close(19) = -1 EBADF (Bad file descriptor) [pid 6022] close(20) = -1 EBADF (Bad file descriptor) [pid 6022] close(21) = -1 EBADF (Bad file descriptor) [pid 6022] close(22) = -1 EBADF (Bad file descriptor) [pid 6022] close(23) = -1 EBADF (Bad file descriptor) [pid 6022] close(24) = -1 EBADF (Bad file descriptor) [pid 6022] close(25) = -1 EBADF (Bad file descriptor) [pid 6022] close(26) = -1 EBADF (Bad file descriptor) [pid 6022] close(27) = -1 EBADF (Bad file descriptor) [pid 6022] close(28) = -1 EBADF (Bad file descriptor) [pid 6022] close(29) = -1 EBADF (Bad file descriptor) [pid 6022] exit_group(0) = ? [pid 6022] +++ exited with 0 +++ [ 136.705899][ T6022] JBD2: Ignoring recovery information on journal [ 136.741825][ T6022] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=61, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 5835] umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./59/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./59/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./59/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./59/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./59/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./59/file1") = 0 [pid 5835] umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./59/binderfs") = 0 [pid 5835] umount2("./59/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./59/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./59/cgroup.net") = 0 [pid 5835] umount2("./59/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./59/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./59/cgroup.cpu") = 0 [pid 5835] umount2("./59/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./59/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./59/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./59") = 0 [pid 5835] mkdir("./60", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 136.822090][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6025 attached [pid 6025] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 62 [pid 6025] <... set_robust_list resumed>) = 0 [pid 6025] chdir("./60") = 0 [pid 6025] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6025] setpgid(0, 0) = 0 [pid 6025] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6025] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6025] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6025] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6025] write(3, "1000", 4) = 4 [pid 6025] close(3) = 0 [pid 6025] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6025] write(1, "executing program\n", 18) = 18 [pid 6025] memfd_create("syzkaller", 0) = 3 [pid 6025] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6025] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6025] munmap(0x7fda1a200000, 138412032) = 0 [pid 6025] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6025] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6025] close(3) = 0 [pid 6025] close(4) = 0 [pid 6025] mkdir("./file1", 0777) = 0 [ 137.205384][ T6025] loop0: detected capacity change from 0 to 32768 [pid 6025] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6025] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6025] chdir("./file1") = 0 [pid 6025] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6025] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6025] close(3) = 0 [pid 6025] close(4) = -1 EBADF (Bad file descriptor) [pid 6025] close(5) = -1 EBADF (Bad file descriptor) [pid 6025] close(6) = -1 EBADF (Bad file descriptor) [pid 6025] close(7) = -1 EBADF (Bad file descriptor) [pid 6025] close(8) = -1 EBADF (Bad file descriptor) [pid 6025] close(9) = -1 EBADF (Bad file descriptor) [pid 6025] close(10) = -1 EBADF (Bad file descriptor) [pid 6025] close(11) = -1 EBADF (Bad file descriptor) [pid 6025] close(12) = -1 EBADF (Bad file descriptor) [pid 6025] close(13) = -1 EBADF (Bad file descriptor) [pid 6025] close(14) = -1 EBADF (Bad file descriptor) [pid 6025] close(15) = -1 EBADF (Bad file descriptor) [pid 6025] close(16) = -1 EBADF (Bad file descriptor) [pid 6025] close(17) = -1 EBADF (Bad file descriptor) [pid 6025] close(18) = -1 EBADF (Bad file descriptor) [pid 6025] close(19) = -1 EBADF (Bad file descriptor) [pid 6025] close(20) = -1 EBADF (Bad file descriptor) [pid 6025] close(21) = -1 EBADF (Bad file descriptor) [pid 6025] close(22) = -1 EBADF (Bad file descriptor) [pid 6025] close(23) = -1 EBADF (Bad file descriptor) [pid 6025] close(24) = -1 EBADF (Bad file descriptor) [pid 6025] close(25) = -1 EBADF (Bad file descriptor) [pid 6025] close(26) = -1 EBADF (Bad file descriptor) [pid 6025] close(27) = -1 EBADF (Bad file descriptor) [pid 6025] close(28) = -1 EBADF (Bad file descriptor) [pid 6025] close(29) = -1 EBADF (Bad file descriptor) [ 137.257444][ T6025] JBD2: Ignoring recovery information on journal [ 137.291285][ T6025] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6025] exit_group(0) = ? [pid 6025] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=62, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./60", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./60/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./60/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./60/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./60/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./60/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./60/file1") = 0 [pid 5835] umount2("./60/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./60/binderfs") = 0 [pid 5835] umount2("./60/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./60/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./60/cgroup.net") = 0 [pid 5835] umount2("./60/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./60/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./60/cgroup.cpu") = 0 [pid 5835] umount2("./60/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./60/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./60/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./60") = 0 [pid 5835] mkdir("./61", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 137.354183][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6028 attached [pid 6028] set_robust_list(0x555561f8f760, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555561f8f750) = 63 [pid 6028] <... set_robust_list resumed>) = 0 [pid 6028] chdir("./61") = 0 [pid 6028] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6028] setpgid(0, 0) = 0 [pid 6028] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6028] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6028] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6028] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6028] write(3, "1000", 4) = 4 [pid 6028] close(3) = 0 [pid 6028] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6028] write(1, "executing program\n", 18) = 18 [pid 6028] memfd_create("syzkaller", 0) = 3 [pid 6028] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6028] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6028] munmap(0x7fda1a200000, 138412032) = 0 [pid 6028] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6028] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6028] close(3) = 0 [pid 6028] close(4) = 0 [pid 6028] mkdir("./file1", 0777) = 0 [ 137.788784][ T6028] loop0: detected capacity change from 0 to 32768 [pid 6028] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6028] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6028] chdir("./file1") = 0 [pid 6028] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6028] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6028] close(3) = 0 [pid 6028] close(4) = -1 EBADF (Bad file descriptor) [pid 6028] close(5) = -1 EBADF (Bad file descriptor) [pid 6028] close(6) = -1 EBADF (Bad file descriptor) [pid 6028] close(7) = -1 EBADF (Bad file descriptor) [pid 6028] close(8) = -1 EBADF (Bad file descriptor) [pid 6028] close(9) = -1 EBADF (Bad file descriptor) [pid 6028] close(10) = -1 EBADF (Bad file descriptor) [pid 6028] close(11) = -1 EBADF (Bad file descriptor) [pid 6028] close(12) = -1 EBADF (Bad file descriptor) [pid 6028] close(13) = -1 EBADF (Bad file descriptor) [pid 6028] close(14) = -1 EBADF (Bad file descriptor) [pid 6028] close(15) = -1 EBADF (Bad file descriptor) [pid 6028] close(16) = -1 EBADF (Bad file descriptor) [pid 6028] close(17) = -1 EBADF (Bad file descriptor) [pid 6028] close(18) = -1 EBADF (Bad file descriptor) [pid 6028] close(19) = -1 EBADF (Bad file descriptor) [pid 6028] close(20) = -1 EBADF (Bad file descriptor) [pid 6028] close(21) = -1 EBADF (Bad file descriptor) [pid 6028] close(22) = -1 EBADF (Bad file descriptor) [pid 6028] close(23) = -1 EBADF (Bad file descriptor) [pid 6028] close(24) = -1 EBADF (Bad file descriptor) [pid 6028] close(25) = -1 EBADF (Bad file descriptor) [pid 6028] close(26) = -1 EBADF (Bad file descriptor) [pid 6028] close(27) = -1 EBADF (Bad file descriptor) [pid 6028] close(28) = -1 EBADF (Bad file descriptor) [pid 6028] close(29) = -1 EBADF (Bad file descriptor) [pid 6028] exit_group(0) = ? [ 137.830394][ T6028] JBD2: Ignoring recovery information on journal [ 137.862079][ T6028] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6028] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=63, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} --- [pid 5835] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5835] umount2("./61", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./61/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./61/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./61/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./61/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./61/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [ 137.976972][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./61/file1") = 0 [pid 5835] umount2("./61/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./61/binderfs") = 0 [pid 5835] umount2("./61/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./61/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./61/cgroup.net") = 0 [pid 5835] umount2("./61/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./61/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./61/cgroup.cpu") = 0 [pid 5835] umount2("./61/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./61/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./61/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./61") = 0 [pid 5835] mkdir("./62", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6031 attached , child_tidptr=0x555561f8f750) = 64 [pid 6031] set_robust_list(0x555561f8f760, 24) = 0 [pid 6031] chdir("./62") = 0 [pid 6031] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6031] setpgid(0, 0) = 0 [pid 6031] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6031] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6031] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6031] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6031] write(3, "1000", 4) = 4 [pid 6031] close(3) = 0 [pid 6031] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6031] write(1, "executing program\n", 18) = 18 [pid 6031] memfd_create("syzkaller", 0) = 3 [pid 6031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6031] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6031] munmap(0x7fda1a200000, 138412032) = 0 [pid 6031] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6031] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6031] close(3) = 0 [pid 6031] close(4) = 0 [pid 6031] mkdir("./file1", 0777) = 0 [ 138.583186][ T6031] loop0: detected capacity change from 0 to 32768 [ 138.618440][ T6031] JBD2: Ignoring recovery information on journal [pid 6031] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6031] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6031] chdir("./file1") = 0 [pid 6031] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6031] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6031] close(3) = 0 [pid 6031] close(4) = -1 EBADF (Bad file descriptor) [ 138.659831][ T6031] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6031] close(5) = -1 EBADF (Bad file descriptor) [pid 6031] close(6) = -1 EBADF (Bad file descriptor) [pid 6031] close(7) = -1 EBADF (Bad file descriptor) [pid 6031] close(8) = -1 EBADF (Bad file descriptor) [pid 6031] close(9) = -1 EBADF (Bad file descriptor) [pid 6031] close(10) = -1 EBADF (Bad file descriptor) [pid 6031] close(11) = -1 EBADF (Bad file descriptor) [pid 6031] close(12) = -1 EBADF (Bad file descriptor) [pid 6031] close(13) = -1 EBADF (Bad file descriptor) [pid 6031] close(14) = -1 EBADF (Bad file descriptor) [pid 6031] close(15) = -1 EBADF (Bad file descriptor) [pid 6031] close(16) = -1 EBADF (Bad file descriptor) [pid 6031] close(17) = -1 EBADF (Bad file descriptor) [pid 6031] close(18) = -1 EBADF (Bad file descriptor) [pid 6031] close(19) = -1 EBADF (Bad file descriptor) [pid 6031] close(20) = -1 EBADF (Bad file descriptor) [pid 6031] close(21) = -1 EBADF (Bad file descriptor) [pid 6031] close(22) = -1 EBADF (Bad file descriptor) [pid 6031] close(23) = -1 EBADF (Bad file descriptor) [pid 6031] close(24) = -1 EBADF (Bad file descriptor) [pid 6031] close(25) = -1 EBADF (Bad file descriptor) [pid 6031] close(26) = -1 EBADF (Bad file descriptor) [pid 6031] close(27) = -1 EBADF (Bad file descriptor) [pid 6031] close(28) = -1 EBADF (Bad file descriptor) [pid 6031] close(29) = -1 EBADF (Bad file descriptor) [pid 6031] exit_group(0) = ? [pid 6031] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=64, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=18 /* 0.18 s */} --- [pid 5835] umount2("./62", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./62/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./62/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./62/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./62/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./62/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [ 138.803031][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] rmdir("./62/file1") = 0 [pid 5835] umount2("./62/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./62/binderfs") = 0 [pid 5835] umount2("./62/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./62/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./62/cgroup.net") = 0 [pid 5835] umount2("./62/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./62/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./62/cgroup.cpu") = 0 [pid 5835] umount2("./62/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./62/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./62/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./62") = 0 [pid 5835] mkdir("./63", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561f8f750) = 65 ./strace-static-x86_64: Process 6034 attached [pid 6034] set_robust_list(0x555561f8f760, 24) = 0 [pid 6034] chdir("./63") = 0 [pid 6034] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6034] setpgid(0, 0) = 0 [pid 6034] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6034] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6034] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6034] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6034] write(3, "1000", 4) = 4 [pid 6034] close(3) = 0 [pid 6034] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6034] write(1, "executing program\n", 18) = 18 [pid 6034] memfd_create("syzkaller", 0) = 3 [pid 6034] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6034] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6034] munmap(0x7fda1a200000, 138412032) = 0 [pid 6034] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6034] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6034] close(3) = 0 [pid 6034] close(4) = 0 [pid 6034] mkdir("./file1", 0777) = 0 [ 139.444853][ T6034] loop0: detected capacity change from 0 to 32768 [pid 6034] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6034] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6034] chdir("./file1") = 0 [pid 6034] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 139.502308][ T6034] JBD2: Ignoring recovery information on journal [ 139.537791][ T6034] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6034] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6034] close(3) = 0 [pid 6034] close(4) = -1 EBADF (Bad file descriptor) [pid 6034] close(5) = -1 EBADF (Bad file descriptor) [pid 6034] close(6) = -1 EBADF (Bad file descriptor) [pid 6034] close(7) = -1 EBADF (Bad file descriptor) [pid 6034] close(8) = -1 EBADF (Bad file descriptor) [pid 6034] close(9) = -1 EBADF (Bad file descriptor) [pid 6034] close(10) = -1 EBADF (Bad file descriptor) [pid 6034] close(11) = -1 EBADF (Bad file descriptor) [pid 6034] close(12) = -1 EBADF (Bad file descriptor) [pid 6034] close(13) = -1 EBADF (Bad file descriptor) [pid 6034] close(14) = -1 EBADF (Bad file descriptor) [pid 6034] close(15) = -1 EBADF (Bad file descriptor) [pid 6034] close(16) = -1 EBADF (Bad file descriptor) [pid 6034] close(17) = -1 EBADF (Bad file descriptor) [pid 6034] close(18) = -1 EBADF (Bad file descriptor) [pid 6034] close(19) = -1 EBADF (Bad file descriptor) [pid 6034] close(20) = -1 EBADF (Bad file descriptor) [pid 6034] close(21) = -1 EBADF (Bad file descriptor) [pid 6034] close(22) = -1 EBADF (Bad file descriptor) [pid 6034] close(23) = -1 EBADF (Bad file descriptor) [pid 6034] close(24) = -1 EBADF (Bad file descriptor) [pid 6034] close(25) = -1 EBADF (Bad file descriptor) [pid 6034] close(26) = -1 EBADF (Bad file descriptor) [pid 6034] close(27) = -1 EBADF (Bad file descriptor) [pid 6034] close(28) = -1 EBADF (Bad file descriptor) [pid 6034] close(29) = -1 EBADF (Bad file descriptor) [pid 6034] exit_group(0) = ? [pid 6034] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=65, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- [pid 5835] umount2("./63", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./63/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./63/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./63/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./63/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./63/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./63/file1") = 0 [pid 5835] umount2("./63/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./63/binderfs") = 0 [pid 5835] umount2("./63/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./63/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./63/cgroup.net") = 0 [pid 5835] umount2("./63/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./63/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./63/cgroup.cpu") = 0 [pid 5835] umount2("./63/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./63/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./63/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./63") = 0 [pid 5835] mkdir("./64", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 139.646593][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6037 attached , child_tidptr=0x555561f8f750) = 66 [pid 6037] set_robust_list(0x555561f8f760, 24) = 0 [pid 6037] chdir("./64") = 0 [pid 6037] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6037] setpgid(0, 0) = 0 [pid 6037] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6037] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6037] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6037] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6037] write(3, "1000", 4) = 4 [pid 6037] close(3) = 0 [pid 6037] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6037] write(1, "executing program\n", 18executing program ) = 18 [pid 6037] memfd_create("syzkaller", 0) = 3 [pid 6037] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6037] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6037] munmap(0x7fda1a200000, 138412032) = 0 [pid 6037] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6037] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6037] close(3) = 0 [pid 6037] close(4) = 0 [pid 6037] mkdir("./file1", 0777) = 0 [ 139.995362][ T6037] loop0: detected capacity change from 0 to 32768 [pid 6037] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6037] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6037] chdir("./file1") = 0 [pid 6037] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 140.049148][ T6037] JBD2: Ignoring recovery information on journal [ 140.082495][ T6037] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6037] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6037] close(3) = 0 [pid 6037] close(4) = -1 EBADF (Bad file descriptor) [pid 6037] close(5) = -1 EBADF (Bad file descriptor) [pid 6037] close(6) = -1 EBADF (Bad file descriptor) [pid 6037] close(7) = -1 EBADF (Bad file descriptor) [pid 6037] close(8) = -1 EBADF (Bad file descriptor) [pid 6037] close(9) = -1 EBADF (Bad file descriptor) [pid 6037] close(10) = -1 EBADF (Bad file descriptor) [pid 6037] close(11) = -1 EBADF (Bad file descriptor) [pid 6037] close(12) = -1 EBADF (Bad file descriptor) [pid 6037] close(13) = -1 EBADF (Bad file descriptor) [pid 6037] close(14) = -1 EBADF (Bad file descriptor) [pid 6037] close(15) = -1 EBADF (Bad file descriptor) [pid 6037] close(16) = -1 EBADF (Bad file descriptor) [pid 6037] close(17) = -1 EBADF (Bad file descriptor) [pid 6037] close(18) = -1 EBADF (Bad file descriptor) [pid 6037] close(19) = -1 EBADF (Bad file descriptor) [pid 6037] close(20) = -1 EBADF (Bad file descriptor) [pid 6037] close(21) = -1 EBADF (Bad file descriptor) [pid 6037] close(22) = -1 EBADF (Bad file descriptor) [pid 6037] close(23) = -1 EBADF (Bad file descriptor) [pid 6037] close(24) = -1 EBADF (Bad file descriptor) [pid 6037] close(25) = -1 EBADF (Bad file descriptor) [pid 6037] close(26) = -1 EBADF (Bad file descriptor) [pid 6037] close(27) = -1 EBADF (Bad file descriptor) [pid 6037] close(28) = -1 EBADF (Bad file descriptor) [pid 6037] close(29) = -1 EBADF (Bad file descriptor) [pid 6037] exit_group(0) = ? [pid 6037] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=66, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} --- [pid 5835] umount2("./64", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./64/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./64/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./64/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./64/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./64/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./64/file1") = 0 [pid 5835] umount2("./64/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./64/binderfs") = 0 [pid 5835] umount2("./64/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./64/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./64/cgroup.net") = 0 [pid 5835] umount2("./64/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./64/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./64/cgroup.cpu") = 0 [pid 5835] umount2("./64/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./64/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./64/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./64") = 0 [pid 5835] mkdir("./65", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [ 140.229294][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6040 attached , child_tidptr=0x555561f8f750) = 67 [pid 6040] set_robust_list(0x555561f8f760, 24) = 0 [pid 6040] chdir("./65") = 0 [pid 6040] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6040] setpgid(0, 0) = 0 [pid 6040] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6040] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6040] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6040] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6040] write(3, "1000", 4) = 4 [pid 6040] close(3) = 0 [pid 6040] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6040] write(1, "executing program\n", 18) = 18 [pid 6040] memfd_create("syzkaller", 0) = 3 [pid 6040] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6040] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6040] munmap(0x7fda1a200000, 138412032) = 0 [pid 6040] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6040] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6040] close(3) = 0 [pid 6040] close(4) = 0 [pid 6040] mkdir("./file1", 0777) = 0 [ 140.631706][ T6040] loop0: detected capacity change from 0 to 32768 [pid 6040] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=00000000000000000006,coherency=ful"...) = 0 [pid 6040] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6040] chdir("./file1") = 0 [pid 6040] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6040] symlink(NULL, NULL) = -1 EFAULT (Bad address) [pid 6040] close(3) = 0 [pid 6040] close(4) = -1 EBADF (Bad file descriptor) [pid 6040] close(5) = -1 EBADF (Bad file descriptor) [pid 6040] close(6) = -1 EBADF (Bad file descriptor) [pid 6040] close(7) = -1 EBADF (Bad file descriptor) [pid 6040] close(8) = -1 EBADF (Bad file descriptor) [pid 6040] close(9) = -1 EBADF (Bad file descriptor) [pid 6040] close(10) = -1 EBADF (Bad file descriptor) [pid 6040] close(11) = -1 EBADF (Bad file descriptor) [pid 6040] close(12) = -1 EBADF (Bad file descriptor) [pid 6040] close(13) = -1 EBADF (Bad file descriptor) [pid 6040] close(14) = -1 EBADF (Bad file descriptor) [pid 6040] close(15) = -1 EBADF (Bad file descriptor) [pid 6040] close(16) = -1 EBADF (Bad file descriptor) [pid 6040] close(17) = -1 EBADF (Bad file descriptor) [pid 6040] close(18) = -1 EBADF (Bad file descriptor) [pid 6040] close(19) = -1 EBADF (Bad file descriptor) [pid 6040] close(20) = -1 EBADF (Bad file descriptor) [pid 6040] close(21) = -1 EBADF (Bad file descriptor) [pid 6040] close(22) = -1 EBADF (Bad file descriptor) [pid 6040] close(23) = -1 EBADF (Bad file descriptor) [pid 6040] close(24) = -1 EBADF (Bad file descriptor) [pid 6040] close(25) = -1 EBADF (Bad file descriptor) [pid 6040] close(26) = -1 EBADF (Bad file descriptor) [pid 6040] close(27) = -1 EBADF (Bad file descriptor) [pid 6040] close(28) = -1 EBADF (Bad file descriptor) [pid 6040] close(29) = -1 EBADF (Bad file descriptor) [pid 6040] exit_group(0) = ? [ 140.692905][ T6040] JBD2: Ignoring recovery information on journal [ 140.726274][ T6040] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [pid 6040] +++ exited with 0 +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=67, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} --- [pid 5835] umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 7 entries */, 32768) = 208 [pid 5835] umount2("./65/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5835] umount2("./65/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./65/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] umount2("./65/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./65/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5835] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(4, 0x555561f98830 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(4, 0x555561f98830 /* 0 entries */, 32768) = 0 [pid 5835] close(4) = 0 [pid 5835] rmdir("./65/file1") = 0 [pid 5835] umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./65/binderfs") = 0 [pid 5835] umount2("./65/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./65/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./65/cgroup.net") = 0 [pid 5835] umount2("./65/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5835] newfstatat(AT_FDCWD, "./65/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./65/cgroup.cpu") = 0 [pid 5835] umount2("./65/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 140.820033][ T5835] ocfs2: Unmounting device (7,0) on (node local) [pid 5835] newfstatat(AT_FDCWD, "./65/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] unlink("./65/cgroup") = 0 [pid 5835] getdents64(3, 0x555561f907f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5835] rmdir("./65") = 0 [pid 5835] mkdir("./66", 0777) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5835] ioctl(3, LOOP_CLR_FD) = 0 [pid 5835] close(3) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6043 attached , child_tidptr=0x555561f8f750) = 68 [pid 6043] set_robust_list(0x555561f8f760, 24) = 0 [pid 6043] chdir("./66") = 0 [pid 6043] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6043] setpgid(0, 0) = 0 [pid 6043] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6043] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6043] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6043] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6043] write(3, "1000", 4) = 4 [pid 6043] close(3) = 0 [pid 6043] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6043] write(1, "executing program\n", 18) = 18 [pid 6043] memfd_create("syzkaller", 0) = 3 [pid 6043] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda1a200000 [pid 6043] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 6043] munmap(0x7fda1a200000, 138412032) = 0 [pid 6043] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6043] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6043] close(3) = 0 [pid 6043] close(4) = 0 [pid 6043] mkdir("./file1", 0777) = 0 [ 141.290292][ T6043] loop0: detected capacity change from 0 to 32768 [ 141.316146][ T6043] JBD2: Ignoring recovery information on journal [ 141.335119][ T2961] list_add double add: new=ffff8880272dc370, prev=ffff8880272dc370, next=ffff888142f11960. [ 141.345525][ T2961] ------------[ cut here ]------------ [ 141.350991][ T2961] kernel BUG at lib/list_debug.c:37! [ 141.356291][ T2961] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 141.363212][ T2961] CPU: 1 UID: 0 PID: 2961 Comm: kworker/u8:8 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0 [ 141.373508][ T2961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 141.383540][ T2961] Workqueue: loop0 loop_workfn [ 141.388324][ T2961] RIP: 0010:__list_add_valid_or_report+0xa4/0x130 [ 141.394724][ T2961] Code: f7 74 11 b0 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 c7 c7 a0 59 81 8c 4c 89 fe 4c 89 e2 4c 89 f1 e8 0d e8 27 fc 90 <0f> 0b 48 c7 c7 a0 57 81 8c e8 fe e7 27 fc 90 0f 0b 48 c7 c7 40 58 [ 141.414304][ T2961] RSP: 0018:ffffc9000b477628 EFLAGS: 00010046 [ 141.420350][ T2961] RAX: 0000000000000058 RBX: 1ffff11004e5b86e RCX: efd88480ba837800 [ 141.428296][ T2961] RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000 [ 141.436241][ T2961] RBP: 1ffff110285e232d R08: ffffffff81a170dc R09: 1ffff9200168ee60 [ 141.444188][ T2961] R10: dffffc0000000000 R11: fffff5200168ee61 R12: ffff8880272dc370 [ 141.452151][ T2961] R13: dffffc0000000000 R14: ffff888142f11960 R15: ffff8880272dc370 [ 141.460099][ T2961] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 141.469018][ T2961] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.475574][ T2961] CR2: 00007fda1b1ff000 CR3: 0000000029c0a000 CR4: 00000000003526f0 [ 141.483529][ T2961] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 141.491475][ T2961] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 141.499426][ T2961] Call Trace: [ 141.502682][ T2961] [ 141.505591][ T2961] ? __die_body+0x5f/0xb0 [ 141.509901][ T2961] ? die+0x9e/0xc0 [ 141.513600][ T2961] ? do_trap+0x15a/0x3a0 [ 141.517823][ T2961] ? __list_add_valid_or_report+0xa4/0x130 [ 141.523611][ T2961] ? do_error_trap+0x1dc/0x2c0 [ 141.528350][ T2961] ? __list_add_valid_or_report+0xa4/0x130 [ 141.534136][ T2961] ? __pfx_lock_release+0x10/0x10 [ 141.539140][ T2961] ? __pfx_do_error_trap+0x10/0x10 [ 141.544247][ T2961] ? report_bug+0x3cd/0x500 [ 141.548738][ T2961] ? __list_add_valid_or_report+0xa4/0x130 [ 141.554530][ T2961] ? handle_invalid_op+0x34/0x40 [ 141.559447][ T2961] ? __list_add_valid_or_report+0xa4/0x130 [ 141.565233][ T2961] ? exc_invalid_op+0x38/0x50 [ 141.569911][ T2961] ? asm_exc_invalid_op+0x1a/0x20 [ 141.574915][ T2961] ? __wake_up_klogd+0xcc/0x110 [ 141.579747][ T2961] ? __list_add_valid_or_report+0xa4/0x130 [ 141.585532][ T2961] ? __list_add_valid_or_report+0xa3/0x130 [ 141.591325][ T2961] loop_process_work+0x1f96/0x21c0 [ 141.596417][ T2961] ? ret_from_fork_asm+0x1a/0x30 [ 141.601331][ T2961] ? kvm_sched_clock_read+0x11/0x20 [ 141.606509][ T2961] ? __pfx_validate_chain+0x10/0x10 [ 141.611733][ T2961] ? mark_lock+0x9a/0x360 [ 141.616042][ T2961] ? __lock_acquire+0x1397/0x2100 [ 141.621047][ T2961] ? __pfx_loop_process_work+0x10/0x10 [ 141.626486][ T2961] ? register_lock_class+0x102/0x980 [ 141.631755][ T2961] ? __pfx_register_lock_class+0x10/0x10 [ 141.637369][ T2961] ? mark_lock+0x9a/0x360 [ 141.641674][ T2961] ? debug_object_deactivate+0x2d5/0x390 [ 141.647300][ T2961] ? __lock_acquire+0x1397/0x2100 [ 141.652343][ T2961] ? do_raw_spin_unlock+0x13c/0x8b0 [ 141.657531][ T2961] ? __pfx_lock_acquire+0x10/0x10 [ 141.662572][ T2961] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 141.668551][ T2961] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 141.674879][ T2961] ? process_scheduled_works+0x9c6/0x18e0 [ 141.680618][ T2961] process_scheduled_works+0xabe/0x18e0 [ 141.686166][ T2961] ? __pfx_process_scheduled_works+0x10/0x10 [ 141.692132][ T2961] ? assign_work+0x364/0x3d0 [ 141.696712][ T2961] worker_thread+0x870/0xd30 [ 141.701291][ T2961] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 141.707170][ T2961] ? __kthread_parkme+0x169/0x1d0 [ 141.712180][ T2961] ? __pfx_worker_thread+0x10/0x10 [ 141.717292][ T2961] kthread+0x7a9/0x920 [ 141.721352][ T2961] ? __pfx_kthread+0x10/0x10 [ 141.725946][ T2961] ? __pfx_worker_thread+0x10/0x10 [ 141.731048][ T2961] ? __pfx_kthread+0x10/0x10 [ 141.735622][ T2961] ? __pfx_kthread+0x10/0x10 [ 141.740223][ T2961] ? __pfx_kthread+0x10/0x10 [ 141.744800][ T2961] ? _raw_spin_unlock_irq+0x23/0x50 [ 141.749984][ T2961] ? lockdep_hardirqs_on+0x99/0x150 [ 141.755161][ T2961] ? __pfx_kthread+0x10/0x10 [ 141.759725][ T2961] ret_from_fork+0x4b/0x80 [ 141.764120][ T2961] ? __pfx_kthread+0x10/0x10 [ 141.768684][ T2961] ret_from_fork_asm+0x1a/0x30 [ 141.773432][ T2961] [ 141.776427][ T2961] Modules linked in: [ 141.780311][ T2961] ---[ end trace 0000000000000000 ]--- [ 141.785747][ T2961] RIP: 0010:__list_add_valid_or_report+0xa4/0x130 [ 141.792145][ T2961] Code: f7 74 11 b0 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 c7 c7 a0 59 81 8c 4c 89 fe 4c 89 e2 4c 89 f1 e8 0d e8 27 fc 90 <0f> 0b 48 c7 c7 a0 57 81 8c e8 fe e7 27 fc 90 0f 0b 48 c7 c7 40 58 [ 141.811727][ T2961] RSP: 0018:ffffc9000b477628 EFLAGS: 00010046 [ 141.817773][ T2961] RAX: 0000000000000058 RBX: 1ffff11004e5b86e RCX: efd88480ba837800 [ 141.825722][ T2961] RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000 [ 141.833671][ T2961] RBP: 1ffff110285e232d R08: ffffffff81a170dc R09: 1ffff9200168ee60 [ 141.841618][ T2961] R10: dffffc0000000000 R11: fffff5200168ee61 R12: ffff8880272dc370 [ 141.849566][ T2961] R13: dffffc0000000000 R14: ffff888142f11960 R15: ffff8880272dc370 [ 141.857515][ T2961] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 141.866417][ T2961] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.872977][ T2961] CR2: 00007fda1b1ff000 CR3: 0000000029c0a000 CR4: 00000000003526f0 [ 141.880931][ T2961] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 141.888876][ T2961] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 141.896858][ T2961] Kernel panic - not syncing: Fatal exception [ 142.991743][ T2961] Shutting down cpus with NMI [ 142.996707][ T2961] Kernel Offset: disabled [ 143.001019][ T2961] Rebooting in 86400 seconds..