./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor406780948 <...> forked to background, child pid 4661 [ 40.274609][ T4662] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.291329][ T4662] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: [ 40.787536][ T4745] sshd (4745) used greatest stack depth: 19680 bytes left OK syzkaller Warning: Permanently added '10.128.10.17' (ECDSA) to the list of known hosts. execve("./syz-executor406780948", ["./syz-executor406780948"], 0x7ffc487da660 /* 10 vars */) = 0 brk(NULL) = 0x555555b7f000 brk(0x555555b7fc40) = 0x555555b7fc40 arch_prctl(ARCH_SET_FS, 0x555555b7f300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor406780948", 4096) = 27 brk(0x555555ba0c40) = 0x555555ba0c40 brk(0x555555ba1000) = 0x555555ba1000 mprotect(0x7fd830aca000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4998 attached , child_tidptr=0x555555b7f5d0) = 4998 [pid 4997] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4998] getpid() = 4998 ./strace-static-x86_64: Process 4999 attached [pid 4998] mkdir("./syzkaller.S3OXu6", 0700 [pid 4997] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 4999 [pid 4997] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5000 [pid 4997] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5001 [pid 4997] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] getpid(./strace-static-x86_64: Process 5000 attached ) = 4999 [pid 4999] mkdir("./syzkaller.zlI6ta", 0700 [pid 5000] getpid(./strace-static-x86_64: Process 5002 attached [pid 4997] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5002 [pid 4997] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5000] <... getpid resumed>) = 5000 [pid 5000] mkdir("./syzkaller.UNXSwj", 0700./strace-static-x86_64: Process 5001 attached [pid 5002] getpid() = 5002 [pid 5002] mkdir("./syzkaller.qOJZup", 0700 [pid 4997] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5003 ./strace-static-x86_64: Process 5003 attached [pid 5001] getpid() = 5001 [pid 5001] mkdir("./syzkaller.l7g8bk", 0700 [pid 5003] getpid() = 5003 [pid 5003] mkdir("./syzkaller.6esd7v", 0700 [pid 5000] <... mkdir resumed>) = 0 [pid 4999] <... mkdir resumed>) = 0 [pid 4998] <... mkdir resumed>) = 0 [pid 4999] chmod("./syzkaller.zlI6ta", 0777) = 0 [pid 4999] chdir("./syzkaller.zlI6ta") = 0 [pid 4999] mkdir("./0", 0777 [pid 5000] chmod("./syzkaller.UNXSwj", 0777) = 0 [pid 4998] chmod("./syzkaller.S3OXu6", 0777 [pid 4999] <... mkdir resumed>) = 0 [pid 4998] <... chmod resumed>) = 0 [pid 5000] chdir("./syzkaller.UNXSwj" [pid 4998] chdir("./syzkaller.S3OXu6" [pid 5002] <... mkdir resumed>) = 0 [pid 5000] <... chdir resumed>) = 0 [pid 4998] <... chdir resumed>) = 0 [pid 5000] mkdir("./0", 0777 [pid 4998] mkdir("./0", 0777 [pid 5002] chmod("./syzkaller.qOJZup", 0777 [pid 5001] <... mkdir resumed>) = 0 [pid 5000] <... mkdir resumed>) = 0 [pid 4998] <... mkdir resumed>) = 0 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5002] <... chmod resumed>) = 0 [pid 4999] <... openat resumed>) = 3 [pid 5002] chdir("./syzkaller.qOJZup" [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5002] <... chdir resumed>) = 0 [pid 5000] <... openat resumed>) = 3 [pid 4998] <... openat resumed>) = 3 [pid 5002] mkdir("./0", 0777 [pid 5000] ioctl(3, LOOP_CLR_FD [pid 4999] ioctl(3, LOOP_CLR_FD [pid 4998] ioctl(3, LOOP_CLR_FD [pid 5000] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4998] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5000] close(3 [pid 4999] close(3 [pid 4998] close(3 [pid 5002] <... mkdir resumed>) = 0 [pid 5000] <... close resumed>) = 0 [pid 4999] <... close resumed>) = 0 [pid 4998] <... close resumed>) = 0 [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5006 [pid 4999] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5004 [pid 5000] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5005 ./strace-static-x86_64: Process 5006 attached [pid 5006] chdir("./0") = 0 [pid 5006] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5006] setpgid(0, 0) = 0 [pid 5002] <... openat resumed>) = 3 [pid 5002] ioctl(3, LOOP_CLR_FD [pid 5001] chmod("./syzkaller.l7g8bk", 0777 [pid 5006] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5002] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5004 attached [pid 5006] <... openat resumed>) = 3 [pid 5003] <... mkdir resumed>) = 0 [pid 5002] close(3 [pid 5001] <... chmod resumed>) = 0 [pid 5006] write(3, "1000", 4 [pid 5003] chmod("./syzkaller.6esd7v", 0777 [pid 5002] <... close resumed>) = 0 ./strace-static-x86_64: Process 5005 attached [pid 5006] <... write resumed>) = 4 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] chdir("./syzkaller.l7g8bk" [pid 5006] close(3 [pid 5005] chdir("./0" [pid 5003] <... chmod resumed>) = 0 [pid 5006] <... close resumed>) = 0 [pid 5005] <... chdir resumed>) = 0 [pid 5006] symlink("/dev/binderfs", "./binderfs" [pid 5005] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5003] chdir("./syzkaller.6esd7v" [pid 5001] <... chdir resumed>) = 0 [pid 5006] <... symlink resumed>) = 0 [pid 5005] <... prctl resumed>) = 0 [pid 5003] <... chdir resumed>) = 0 [pid 5002] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5007 [pid 5001] mkdir("./0", 0777 [pid 5006] memfd_create("syzkaller", 0 [pid 5005] setpgid(0, 0 [pid 5004] chdir("./0" [pid 5005] <... setpgid resumed>) = 0 [pid 5004] <... chdir resumed>) = 0 [pid 5003] mkdir("./0", 0777 [pid 5001] <... mkdir resumed>) = 0 [pid 5005] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5005] write(3, "1000", 4) = 4 [pid 5003] <... mkdir resumed>) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5005] close(3) = 0 [pid 5005] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5005] memfd_create("syzkaller", 0 [pid 5004] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5001] <... openat resumed>) = 3 [pid 5005] <... memfd_create resumed>) = 3 [pid 5003] <... openat resumed>) = 3 [pid 5005] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5001] ioctl(3, LOOP_CLR_FD [pid 5005] <... mmap resumed>) = 0x7fd82860d000 [pid 5004] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5007 attached [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5001] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] setpgid(0, 0 [pid 5007] chdir("./0" [pid 5004] <... setpgid resumed>) = 0 [pid 5003] close(3 [pid 5001] close(3 [pid 5007] <... chdir resumed>) = 0 [pid 5007] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5004] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5003] <... close resumed>) = 0 [pid 5001] <... close resumed>) = 0 [pid 5007] <... prctl resumed>) = 0 [pid 5007] setpgid(0, 0 [pid 5004] <... openat resumed>) = 3 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5007] <... setpgid resumed>) = 0 [pid 5004] write(3, "1000", 4 [pid 5006] <... memfd_create resumed>) = 3 [pid 5006] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5004] <... write resumed>) = 4 [pid 5007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5004] close(3 [pid 5003] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5008 [pid 5001] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5009 ./strace-static-x86_64: Process 5009 attached [pid 5007] <... openat resumed>) = 3 [pid 5004] <... close resumed>) = 0 [pid 5007] write(3, "1000", 4 [pid 5004] symlink("/dev/binderfs", "./binderfs" [pid 5007] <... write resumed>) = 4 ./strace-static-x86_64: Process 5008 attached [pid 5009] chdir("./0" [pid 5007] close(3 [pid 5004] <... symlink resumed>) = 0 [pid 5009] <... chdir resumed>) = 0 [pid 5008] chdir("./0" [pid 5007] <... close resumed>) = 0 [pid 5008] <... chdir resumed>) = 0 [pid 5004] memfd_create("syzkaller", 0 [pid 5007] symlink("/dev/binderfs", "./binderfs" [pid 5009] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5008] setpgid(0, 0) = 0 [pid 5008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5008] write(3, "1000", 4) = 4 [pid 5008] close(3) = 0 [pid 5007] <... symlink resumed>) = 0 [pid 5009] <... prctl resumed>) = 0 [pid 5008] symlink("/dev/binderfs", "./binderfs" [pid 5004] <... memfd_create resumed>) = 3 [pid 5009] setpgid(0, 0 [pid 5008] <... symlink resumed>) = 0 [pid 5007] memfd_create("syzkaller", 0 [pid 5009] <... setpgid resumed>) = 0 [pid 5008] memfd_create("syzkaller", 0 [pid 5007] <... memfd_create resumed>) = 3 syzkaller login: [ 67.917770][ T5006] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5006 'syz-executor406' [pid 5004] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] <... memfd_create resumed>) = 3 [pid 5008] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5004] <... mmap resumed>) = 0x7fd82860d000 [pid 5009] <... openat resumed>) = 3 [pid 5008] <... mmap resumed>) = 0x7fd82860d000 [pid 5009] write(3, "1000", 4 [pid 5007] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5009] <... write resumed>) = 4 [pid 5009] close(3 [pid 5007] <... mmap resumed>) = 0x7fd82860d000 [pid 5009] <... close resumed>) = 0 [pid 5009] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5009] memfd_create("syzkaller", 0) = 3 [pid 5009] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5005] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5006] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5007] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5009] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5004] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5008] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5005] <... write resumed>) = 4194304 [pid 5005] munmap(0x7fd82860d000, 4194304) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5005] ioctl(4, LOOP_SET_FD, 3 [pid 5007] <... write resumed>) = 4194304 [pid 5007] munmap(0x7fd82860d000, 4194304 [pid 5006] <... write resumed>) = 4194304 [pid 5006] munmap(0x7fd82860d000, 4194304 [pid 5009] <... write resumed>) = 4194304 [pid 5007] <... munmap resumed>) = 0 [pid 5006] <... munmap resumed>) = 0 [pid 5005] <... ioctl resumed>) = 0 [pid 5004] <... write resumed>) = 4194304 [pid 5009] munmap(0x7fd82860d000, 4194304 [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5006] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5005] close(3 [pid 5007] <... openat resumed>) = 4 [pid 5006] <... openat resumed>) = 4 [pid 5007] ioctl(4, LOOP_SET_FD, 3 [pid 5006] ioctl(4, LOOP_SET_FD, 3 [pid 5004] munmap(0x7fd82860d000, 4194304 [pid 5006] <... ioctl resumed>) = 0 [ 68.250341][ T5005] loop2: detected capacity change from 0 to 8192 [ 68.290176][ T5006] loop0: detected capacity change from 0 to 8192 [pid 5009] <... munmap resumed>) = 0 [pid 5008] <... write resumed>) = 4194304 [pid 5005] <... close resumed>) = 0 [pid 5004] <... munmap resumed>) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5004] ioctl(4, LOOP_SET_FD, 3 [pid 5008] munmap(0x7fd82860d000, 4194304 [pid 5009] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5008] <... munmap resumed>) = 0 [pid 5007] <... ioctl resumed>) = 0 [pid 5006] close(3 [pid 5005] mkdir("./file0", 0777 [pid 5009] <... openat resumed>) = 4 [pid 5007] close(3 [pid 5006] <... close resumed>) = 0 [pid 5005] <... mkdir resumed>) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5004] <... ioctl resumed>) = 0 [pid 5008] <... openat resumed>) = 4 [pid 5004] close(3 [pid 5008] ioctl(4, LOOP_SET_FD, 3 [pid 5004] <... close resumed>) = 0 [pid 5009] ioctl(4, LOOP_SET_FD, 3 [pid 5007] <... close resumed>) = 0 [pid 5006] mkdir("./file0", 0777 [pid 5005] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5008] <... ioctl resumed>) = 0 [pid 5004] mkdir("./file0", 0777 [pid 5008] close(3 [pid 5004] <... mkdir resumed>) = 0 [pid 5008] <... close resumed>) = 0 [pid 5004] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5008] mkdir("./file0", 0777) = 0 [pid 5008] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5007] mkdir("./file0", 0777 [pid 5006] <... mkdir resumed>) = 0 [pid 5009] <... ioctl resumed>) = 0 [ 68.299270][ T5007] loop4: detected capacity change from 0 to 8192 [ 68.304352][ T5004] loop1: detected capacity change from 0 to 8192 [ 68.314783][ T5008] loop5: detected capacity change from 0 to 8192 [ 68.317006][ T5009] loop3: detected capacity change from 0 to 8192 [ 68.333873][ T5005] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5009] close(3 [pid 5007] <... mkdir resumed>) = 0 [pid 5006] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5009] <... close resumed>) = 0 [pid 5007] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [ 68.334470][ T5004] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.348914][ T5005] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 68.369824][ T5005] REISERFS (device loop2): using ordered data mode [ 68.370430][ T5008] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.377948][ T5005] reiserfs: using flush barriers [pid 5009] mkdir("./file0", 0777) = 0 [ 68.395562][ T5008] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 68.399367][ T5004] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 68.406152][ T5005] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.415664][ T5006] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.430502][ T5005] REISERFS (device loop2): checking transaction log (loop2) [ 68.447465][ T5007] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.451339][ T5004] REISERFS (device loop1): using ordered data mode [ 68.467109][ T5009] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.472296][ T5005] REISERFS (device loop2): Using r5 hash to sort names [ 68.483007][ T5004] reiserfs: using flush barriers [ 68.485577][ T5009] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 68.490326][ T5008] REISERFS (device loop5): using ordered data mode [ 68.495656][ T5004] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.510718][ T5008] reiserfs: using flush barriers [ 68.533408][ T5009] REISERFS (device loop3): using ordered data mode [ 68.533757][ T5007] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 68.540119][ T5008] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.540497][ T5008] REISERFS (device loop5): checking transaction log (loop5) [ 68.551938][ T5005] REISERFS (device loop2): using 3.5.x disk format [ 68.566041][ T5004] REISERFS (device loop1): checking transaction log (loop1) [ 68.575122][ T5009] reiserfs: using flush barriers [ 68.579767][ T5006] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 68.592732][ T5009] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.601333][ T5006] REISERFS (device loop0): using ordered data mode [ 68.619988][ T5007] REISERFS (device loop4): using ordered data mode [ 68.623638][ T5008] REISERFS (device loop5): Using r5 hash to sort names [ 68.635639][ T5005] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 68.637463][ T5006] reiserfs: using flush barriers [pid 5009] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5005] <... mount resumed>) = 0 [pid 5005] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5005] chdir("./file0") = 0 [ 68.651506][ T5008] REISERFS (device loop5): using 3.5.x disk format [ 68.658089][ T5004] REISERFS (device loop1): Using r5 hash to sort names [ 68.665537][ T5008] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 68.675025][ T5007] reiserfs: using flush barriers [ 68.681206][ T5004] REISERFS (device loop1): using 3.5.x disk format [ 68.688096][ T5004] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5005] ioctl(4, LOOP_CLR_FD) = 0 [pid 5005] close(4) = 0 [pid 5005] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5005] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5005] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5005] exit_group(0) = ? [pid 5005] +++ exited with 0 +++ [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5005, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5000] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] <... mount resumed>) = 0 [pid 5000] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5000] <... openat resumed>) = 3 [pid 5000] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... openat resumed>) = 3 [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5008] chdir("./file0" [pid 5000] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] unlink("./0/binderfs") = 0 [pid 5000] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... mount resumed>) = 0 [ 68.697306][ T5007] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.731360][ T5009] REISERFS (device loop3): checking transaction log (loop3) [pid 5004] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5004] chdir("./file0") = 0 [pid 5004] ioctl(4, LOOP_CLR_FD [pid 5008] <... chdir resumed>) = 0 [pid 5008] ioctl(4, LOOP_CLR_FD [pid 5004] <... ioctl resumed>) = 0 [pid 5008] <... ioctl resumed>) = 0 [pid 5004] close(4) = 0 [pid 5004] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5008] close(4 [pid 5004] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5004] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5008] <... close resumed>) = 0 [pid 5004] <... mmap resumed>) = 0x20000000 [pid 5008] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5004] exit_group(0 [pid 5008] <... openat resumed>) = 4 [pid 5004] <... exit_group resumed>) = ? [pid 5008] ioctl(4, FS_IOC_GETVERSION [pid 5004] +++ exited with 0 +++ [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5004, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=17 /* 0.17 s */} --- [ 68.741355][ T5006] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.760288][ T5007] REISERFS (device loop4): checking transaction log (loop4) [ 68.768218][ T5009] REISERFS (device loop3): Using r5 hash to sort names [ 68.775942][ T5009] REISERFS (device loop3): using 3.5.x disk format [pid 5008] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 4999] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 4999] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4999] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 4999] <... openat resumed>) = 3 [pid 5008] <... mmap resumed>) = 0x20000000 [pid 4999] fstat(3, [pid 5008] exit_group(0 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5008] <... exit_group resumed>) = ? [pid 4999] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5008] +++ exited with 0 +++ [pid 4999] lstat("./0/binderfs", [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5008, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 4999] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4999] unlink("./0/binderfs") = 0 [pid 5003] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 68.796581][ T5007] REISERFS (device loop4): Using r5 hash to sort names [ 68.804153][ T5006] REISERFS (device loop0): checking transaction log (loop0) [ 68.841401][ T5009] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 5003] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./0/binderfs") = 0 [pid 5003] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5009] <... mount resumed>) = 0 [pid 5007] <... mount resumed>) = 0 [pid 5009] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5009] chdir("./file0") = 0 [pid 5009] ioctl(4, LOOP_CLR_FD) = 0 [pid 5007] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5009] close(4) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5009] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5007] chdir("./file0" [pid 5009] ioctl(4, FS_IOC_GETVERSION [pid 5007] <... chdir resumed>) = 0 [pid 5009] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5007] ioctl(4, LOOP_CLR_FD [pid 5009] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5007] <... ioctl resumed>) = 0 [pid 5009] <... mmap resumed>) = 0x20000000 [pid 5007] close(4 [pid 5009] exit_group(0 [pid 5007] <... close resumed>) = 0 [pid 5007] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5009] <... exit_group resumed>) = ? [pid 5007] <... openat resumed>) = 4 [ 68.851140][ T5007] REISERFS (device loop4): using 3.5.x disk format [ 68.868104][ T5006] REISERFS (device loop0): Using r5 hash to sort names [ 68.869659][ T5007] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 68.876790][ T5006] REISERFS (device loop0): using 3.5.x disk format [pid 5009] +++ exited with 0 +++ [pid 5007] ioctl(4, FS_IOC_GETVERSION [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5009, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5007] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5001] restart_syscall(<... resuming interrupted clone ...> [pid 5007] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5001] <... restart_syscall resumed>) = 0 [pid 5007] exit_group(0) = ? [pid 5001] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5001] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5007] +++ exited with 0 +++ [pid 5001] getdents64(3, [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5007, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=13 /* 0.13 s */} --- [pid 5002] restart_syscall(<... resuming interrupted clone ...> [pid 5001] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] <... restart_syscall resumed>) = 0 [pid 5001] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] lstat("./0/binderfs", [pid 5002] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] unlink("./0/binderfs" [pid 5002] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5001] <... unlink resumed>) = 0 [pid 5002] fstat(3, [pid 5001] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(3, [pid 5000] <... umount2 resumed>) = 0 [pid 5000] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] lstat("./0/binderfs", [pid 5003] <... umount2 resumed>) = 0 [pid 5002] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] unlink("./0/binderfs" [pid 5003] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] <... unlink resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./0/file0") = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./0") = 0 [pid 5003] mkdir("./1", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5000] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(4, [pid 5003] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5019 [pid 5000] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] close(4) = 0 [pid 5000] rmdir("./0/file0" [pid 5006] <... mount resumed>) = 0 [pid 5000] <... rmdir resumed>) = 0 [pid 5006] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5019 attached ) = 3 [ 68.961864][ T5006] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5000] getdents64(3, [pid 5006] chdir("./file0" [pid 5019] chdir("./1" [pid 5000] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5019] <... chdir resumed>) = 0 [pid 5006] <... chdir resumed>) = 0 [pid 5000] close(3 [pid 5019] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5006] ioctl(4, LOOP_CLR_FD [pid 5000] <... close resumed>) = 0 [pid 5019] <... prctl resumed>) = 0 [pid 5006] <... ioctl resumed>) = 0 [pid 5000] rmdir("./0" [pid 5019] setpgid(0, 0 [pid 5006] close(4 [pid 5000] <... rmdir resumed>) = 0 [pid 5019] <... setpgid resumed>) = 0 [pid 5000] mkdir("./1", 0777 [pid 5019] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5006] <... close resumed>) = 0 [pid 5000] <... mkdir resumed>) = 0 [pid 4999] <... umount2 resumed>) = 0 [pid 5019] <... openat resumed>) = 3 [pid 5006] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 4999] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5019] write(3, "1000", 4 [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5019] <... write resumed>) = 4 [pid 5006] <... openat resumed>) = 4 [pid 5000] <... openat resumed>) = 3 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5019] close(3 [pid 5006] ioctl(4, FS_IOC_GETVERSION [pid 5000] ioctl(3, LOOP_CLR_FD [pid 4999] lstat("./0/file0", [pid 5019] <... close resumed>) = 0 [pid 5006] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5000] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5019] symlink("/dev/binderfs", "./binderfs" [pid 5006] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5000] close(3 [pid 4999] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5019] <... symlink resumed>) = 0 [pid 5002] <... umount2 resumed>) = 0 [pid 5001] <... umount2 resumed>) = 0 [pid 5000] <... close resumed>) = 0 [pid 5002] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./0/file0", [pid 5001] lstat("./0/file0", [pid 5000] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5020 [pid 5002] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 69.078022][ T5006] [ 69.080409][ T5006] ====================================================== [ 69.087538][ T5006] WARNING: possible circular locking dependency detected [ 69.094580][ T5006] 6.4.0-rc2-syzkaller-00238-gcbd6ac3837cd #0 Not tainted [ 69.101632][ T5006] ------------------------------------------------------ [ 69.108673][ T5006] syz-executor406/5006 is trying to acquire lock: [ 69.115121][ T5006] ffff888018a67090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x7a/0xd0 [ 69.124154][ T5006] [pid 5001] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5001] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5002] <... openat resumed>) = 4 [pid 5001] <... openat resumed>) = 4 [pid 5002] fstat(4, [pid 5001] fstat(4, [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(4, [pid 5001] getdents64(4, [pid 5002] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5001] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5002] getdents64(4, [pid 5001] getdents64(4, [pid 5002] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5001] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5002] close(4 [pid 5001] close(4 [pid 5002] <... close resumed>) = 0 [pid 5001] <... close resumed>) = 0 [pid 5002] rmdir("./0/file0" [pid 5001] rmdir("./0/file0" [pid 5002] <... rmdir resumed>) = 0 [pid 5001] <... rmdir resumed>) = 0 [pid 5002] getdents64(3, [pid 5001] getdents64(3, [pid 5002] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5001] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5002] close(3 [pid 5001] close(3 [pid 5002] <... close resumed>) = 0 [pid 5001] <... close resumed>) = 0 [pid 5002] rmdir("./0" [pid 5001] rmdir("./0" [pid 5002] <... rmdir resumed>) = 0 [pid 5001] <... rmdir resumed>) = 0 [pid 5002] mkdir("./1", 0777 [pid 5001] mkdir("./1", 0777 [pid 5002] <... mkdir resumed>) = 0 [pid 5001] <... mkdir resumed>) = 0 [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5002] <... openat resumed>) = 3 [pid 5001] <... openat resumed>) = 3 [pid 5002] ioctl(3, LOOP_CLR_FD [pid 5001] ioctl(3, LOOP_CLR_FD [pid 5002] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5001] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5002] close(3 [pid 5001] close(3 [pid 5002] <... close resumed>) = 0 [pid 5001] <... close resumed>) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5002] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5021 [pid 5001] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5022 ./strace-static-x86_64: Process 5021 attached [pid 5021] chdir("./1") = 0 [pid 5021] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5021] setpgid(0, 0) = 0 [pid 5021] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5021] write(3, "1000", 4) = 4 [pid 5021] close(3) = 0 [pid 5021] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5021] memfd_create("syzkaller", 0) = 3 [ 69.124154][ T5006] but task is already holding lock: [ 69.131630][ T5006] ffff88807dbced68 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x17c/0x410 [ 69.140656][ T5006] [ 69.140656][ T5006] which lock already depends on the new lock. [ 69.140656][ T5006] [ 69.151085][ T5006] [ 69.151085][ T5006] the existing dependency chain (in reverse order) is: [ 69.160129][ T5006] [ 69.160129][ T5006] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 69.167733][ T5006] lock_acquire+0x1e3/0x520 [ 69.172815][ T5006] __might_fault+0xba/0x120 [pid 5021] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [ 69.177885][ T5006] reiserfs_ioctl+0x121/0x340 [ 69.183214][ T5006] __se_sys_ioctl+0xf1/0x160 [ 69.188361][ T5006] do_syscall_64+0x41/0xc0 [ 69.193349][ T5006] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 69.199811][ T5006] [ 69.199811][ T5006] -> #0 (&sbi->lock){+.+.}-{3:3}: [ 69.207062][ T5006] validate_chain+0x166b/0x58e0 [ 69.212479][ T5006] __lock_acquire+0x1295/0x2000 [ 69.217973][ T5006] lock_acquire+0x1e3/0x520 [ 69.223031][ T5006] __mutex_lock_common+0x1d8/0x2530 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5019] memfd_create("syzkaller", 0 [pid 4999] fstat(4, [pid 5019] <... memfd_create resumed>) = 3 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4999] getdents64(4, [pid 5019] <... mmap resumed>) = 0x7fd82860d000 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4999] close(4) = 0 [pid 4999] rmdir("./0/file0") = 0 [pid 4999] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] close(3) = 0 [pid 4999] rmdir("./0") = 0 [pid 4999] mkdir("./1", 0777) = 0 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 4999] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 69.228784][ T5006] mutex_lock_nested+0x1b/0x20 [ 69.234097][ T5006] reiserfs_write_lock+0x7a/0xd0 [ 69.239601][ T5006] reiserfs_dirty_inode+0xf2/0x240 [ 69.245448][ T5006] __mark_inode_dirty+0x305/0xd90 [ 69.251052][ T5006] touch_atime+0x3fe/0x680 [ 69.256030][ T5006] generic_file_mmap+0xc0/0x120 [ 69.261436][ T5006] mmap_region+0xe65/0x2250 [ 69.266612][ T5006] do_mmap+0x8c9/0xf70 [ 69.271233][ T5006] vm_mmap_pgoff+0x1db/0x410 [pid 4999] close(3) = 0 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5023 [ 69.276372][ T5006] ksys_mmap_pgoff+0x4f9/0x6d0 [ 69.281677][ T5006] do_syscall_64+0x41/0xc0 [ 69.286653][ T5006] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 69.293117][ T5006] [ 69.293117][ T5006] other info that might help us debug this: [ 69.293117][ T5006] [ 69.303370][ T5006] Possible unsafe locking scenario: [ 69.303370][ T5006] [ 69.310839][ T5006] CPU0 CPU1 [ 69.316223][ T5006] ---- ---- [ 69.321617][ T5006] lock(&mm->mmap_lock); [pid 5021] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5019] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5021] <... write resumed>) = 4194304 [ 69.325984][ T5006] lock(&sbi->lock); [ 69.332533][ T5006] lock(&mm->mmap_lock); [ 69.339417][ T5006] lock(&sbi->lock); [ 69.343436][ T5006] [ 69.343436][ T5006] *** DEADLOCK *** [ 69.343436][ T5006] [ 69.351599][ T5006] 2 locks held by syz-executor406/5006: [ 69.357166][ T5006] #0: ffff88807dbced68 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x17c/0x410 [ 69.366638][ T5006] #1: ffff888076c1e460 (sb_writers#9){.+.+}-{0:0}, at: generic_file_mmap+0xc0/0x120 [ 69.376189][ T5006] [pid 5021] munmap(0x7fd82860d000, 4194304) = 0 [pid 5021] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5021] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5021] close(3) = 0 [pid 5021] mkdir("./file0", 0777) = 0 [ 69.376189][ T5006] stack backtrace: [ 69.382105][ T5006] CPU: 1 PID: 5006 Comm: syz-executor406 Not tainted 6.4.0-rc2-syzkaller-00238-gcbd6ac3837cd #0 [ 69.392638][ T5006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023 [ 69.402745][ T5006] Call Trace: [ 69.406081][ T5006] [ 69.409038][ T5006] dump_stack_lvl+0x1e7/0x2d0 [ 69.412077][ T5021] loop4: detected capacity change from 0 to 8192 [ 69.413747][ T5006] ? nf_tcp_handle_invalid+0x650/0x650 [pid 5021] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5019] <... write resumed>) = 4194304 [pid 5019] munmap(0x7fd82860d000, 4194304) = 0 [pid 5019] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5019] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5019] close(3) = 0 [pid 5019] mkdir("./file0", 0777) = 0 [pid 5019] mount("/dev/loop5", "./file0", "reiserfs", 0, ""./strace-static-x86_64: Process 5020 attached [pid 5020] chdir("./1") = 0 [pid 5020] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5020] setpgid(0, 0) = 0 [pid 5020] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5020] write(3, "1000", 4) = 4 [pid 5020] close(3) = 0 [ 69.425588][ T5006] ? print_circular_bug+0x12b/0x1a0 [ 69.430844][ T5006] check_noncircular+0x2fe/0x3b0 [ 69.435842][ T5006] ? add_chain_block+0x850/0x850 [ 69.440832][ T5006] validate_chain+0x166b/0x58e0 [ 69.445749][ T5006] ? check_path+0x21/0x40 [ 69.450139][ T5006] ? reacquire_held_locks+0x660/0x660 [ 69.450663][ T5019] loop5: detected capacity change from 0 to 8192 [ 69.455538][ T5006] ? validate_chain+0x13d5/0x58e0 [ 69.455573][ T5006] ? stack_trace_snprint+0xf0/0xf0 [ 69.472086][ T5006] ? mark_lock+0x9a/0x340 [pid 5020] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5020] memfd_create("syzkaller", 0) = 3 [pid 5020] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [ 69.476463][ T5006] __lock_acquire+0x1295/0x2000 [ 69.481373][ T5006] lock_acquire+0x1e3/0x520 [ 69.485917][ T5006] ? reiserfs_write_lock+0x7a/0xd0 [ 69.491166][ T5006] ? read_lock_is_recursive+0x20/0x20 [ 69.496592][ T5006] ? __lock_acquire+0x1295/0x2000 [ 69.501666][ T5006] ? __might_sleep+0xc0/0xc0 [ 69.506317][ T5006] __mutex_lock_common+0x1d8/0x2530 [ 69.511568][ T5006] ? reiserfs_write_lock+0x7a/0xd0 [ 69.516891][ T5006] ? mark_lock+0x9a/0x340 [ 69.521273][ T5006] ? reiserfs_write_lock+0x7a/0xd0 [ 69.526448][ T5006] ? lockdep_hardirqs_on_prepare+0x43c/0x7a0 [ 69.532481][ T5006] ? mutex_lock_io_nested+0x60/0x60 [ 69.537900][ T5006] ? ktime_get_coarse_real_ts64+0x3a/0x120 [ 69.543748][ T5006] ? lockdep_hardirqs_on+0x98/0x140 [ 69.548980][ T5006] mutex_lock_nested+0x1b/0x20 [ 69.553788][ T5006] reiserfs_write_lock+0x7a/0xd0 [ 69.558781][ T5006] reiserfs_dirty_inode+0xf2/0x240 [ 69.563963][ T5006] ? __mnt_want_write+0x87/0x2b0 [ 69.568937][ T5006] ? reiserfs_free_inode+0x30/0x30 [ 69.574096][ T5006] ? current_time+0x1e0/0x300 [pid 5020] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5020] munmap(0x7fd82860d000, 4194304) = 0 [pid 5020] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5020] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5020] close(3) = 0 [pid 5020] mkdir("./file0", 0777) = 0 [ 69.578828][ T5006] ? reiserfs_free_inode+0x30/0x30 [ 69.583996][ T5006] __mark_inode_dirty+0x305/0xd90 [ 69.589066][ T5006] ? generic_file_mmap+0xc0/0x120 [ 69.594126][ T5006] touch_atime+0x3fe/0x680 [ 69.598581][ T5006] ? current_time+0x300/0x300 [ 69.603301][ T5006] ? __raw_spin_lock_init+0x45/0x100 [ 69.608653][ T5006] generic_file_mmap+0xc0/0x120 [ 69.608971][ T5020] loop2: detected capacity change from 0 to 8192 [ 69.613525][ T5006] mmap_region+0xe65/0x2250 [ 69.613562][ T5006] ? file_mmap_ok+0x150/0x150 [ 69.628197][ T5020] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.642039][ T5006] ? cap_mmap_addr+0x162/0x2c0 [ 69.642079][ T5006] do_mmap+0x8c9/0xf70 [ 69.647874][ T5020] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 69.650912][ T5006] ? mlock_future_check+0x110/0x110 [ 69.650939][ T5006] ? ima_file_free+0x3c0/0x3c0 [ 69.661070][ T5020] REISERFS (device loop2): using ordered data mode [ 69.665228][ T5006] vm_mmap_pgoff+0x1db/0x410 [ 69.665261][ T5006] ? account_locked_vm+0x220/0x220 [ 69.670985][ T5020] reiserfs: using flush barriers [ 69.676526][ T5006] ? __fget_files+0x3cf/0x440 [ 69.676556][ T5006] ksys_mmap_pgoff+0x4f9/0x6d0 [ 69.684203][ T5020] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.686243][ T5006] do_syscall_64+0x41/0xc0 [ 69.686281][ T5006] entry_SYSCALL_64_after_hwframe+0x63/0xcd [pid 5020] mount("/dev/loop2", "./file0", "reiserfs", 0, ""./strace-static-x86_64: Process 5023 attached ./strace-static-x86_64: Process 5022 attached [pid 5006] <... mmap resumed>) = 0x20000000 [pid 5023] chdir("./1" [pid 5022] chdir("./1" [pid 5023] <... chdir resumed>) = 0 [pid 5022] <... chdir resumed>) = 0 [pid 5023] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5022] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5023] <... prctl resumed>) = 0 [pid 5022] <... prctl resumed>) = 0 [pid 5023] setpgid(0, 0 [pid 5022] setpgid(0, 0 [pid 5023] <... setpgid resumed>) = 0 [pid 5022] <... setpgid resumed>) = 0 [pid 5023] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5022] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5023] <... openat resumed>) = 3 [pid 5022] <... openat resumed>) = 3 [pid 5023] write(3, "1000", 4 [pid 5022] write(3, "1000", 4 [pid 5023] <... write resumed>) = 4 [pid 5022] <... write resumed>) = 4 [pid 5023] close(3 [pid 5022] close(3 [pid 5023] <... close resumed>) = 0 [pid 5022] <... close resumed>) = 0 [pid 5023] symlink("/dev/binderfs", "./binderfs" [pid 5022] symlink("/dev/binderfs", "./binderfs" [pid 5023] <... symlink resumed>) = 0 [pid 5022] <... symlink resumed>) = 0 [ 69.692479][ T5020] REISERFS (device loop2): checking transaction log (loop2) [ 69.695869][ T5006] RIP: 0033:0x7fd830a5aa79 [ 69.695890][ T5006] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 69.695907][ T5006] RSP: 002b:00007ffe5add8c98 EFLAGS: 00000246 [ 69.702283][ T5020] REISERFS (device loop2): Using r5 hash to sort names [ 69.716696][ T5006] ORIG_RAX: 0000000000000009 [pid 5023] memfd_create("syzkaller", 0 [pid 5022] memfd_create("syzkaller", 0 [pid 5023] <... memfd_create resumed>) = 3 [pid 5022] <... memfd_create resumed>) = 3 [pid 5023] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5023] <... mmap resumed>) = 0x7fd82860d000 [pid 5022] <... mmap resumed>) = 0x7fd82860d000 [pid 5020] <... mount resumed>) = 0 [pid 5006] exit_group(0) = ? [pid 5006] +++ exited with 0 +++ [ 69.716710][ T5006] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd830a5aa79 [ 69.716725][ T5006] RDX: 0000000000800001 RSI: 0000000000b36000 RDI: 0000000020000000 [ 69.716739][ T5006] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000000 [ 69.716749][ T5006] R10: 0000000000028011 R11: 0000000000000246 R12: 00007fd830a19890 [ 69.716762][ T5006] R13: 00007ffe5add8d00 R14: 00007ffe5add8ce0 R15: 0000000000000000 [ 69.722191][ T5020] REISERFS (device loop2): using 3.5.x disk format [ 69.727098][ T5006] [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5006, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 4998] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4998] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4998] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4998] unlink("./0/binderfs") = 0 [pid 4998] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5020] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 69.779177][ T5019] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.786848][ T5020] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 69.792403][ T5019] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 69.792919][ T5019] REISERFS (device loop5): using ordered data mode [ 69.800740][ T5021] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 69.808425][ T5019] reiserfs: using flush barriers [pid 5020] chdir("./file0") = 0 [pid 5020] ioctl(4, LOOP_CLR_FD) = 0 [pid 5020] close(4) = 0 [pid 5020] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5020] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5020] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5020] exit_group(0) = ? [pid 5020] +++ exited with 0 +++ [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5020, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5000] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5000] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 69.810871][ T5019] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 69.848803][ T5021] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 69.857700][ T5019] REISERFS (device loop5): checking transaction log (loop5) [pid 5000] unlink("./1/binderfs") = 0 [pid 5000] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5023] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [ 69.927426][ T5019] REISERFS (device loop5): Using r5 hash to sort names [ 69.950049][ T5021] REISERFS (device loop4): using ordered data mode [ 69.957387][ T5021] reiserfs: using flush barriers [ 69.964446][ T5021] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5022] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 4998] <... umount2 resumed>) = 0 [pid 4998] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5022] <... write resumed>) = 4194304 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4998] close(4) = 0 [pid 4998] rmdir("./0/file0") = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] close(3) = 0 [pid 4998] rmdir("./0") = 0 [pid 4998] mkdir("./1", 0777 [pid 5023] <... write resumed>) = 4194304 [pid 5022] munmap(0x7fd82860d000, 4194304 [pid 4998] <... mkdir resumed>) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5023] munmap(0x7fd82860d000, 4194304 [pid 5019] <... mount resumed>) = 0 [pid 4998] <... openat resumed>) = 3 [pid 4998] ioctl(3, LOOP_CLR_FD [pid 5019] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4998] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5022] <... munmap resumed>) = 0 [pid 4998] close(3 [pid 5019] <... openat resumed>) = 3 [pid 4998] <... close resumed>) = 0 [pid 5000] <... umount2 resumed>) = 0 [pid 5000] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5000] fstat(4, [pid 5023] <... munmap resumed>) = 0 [pid 5022] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5019] chdir("./file0" [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5023] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5022] <... openat resumed>) = 4 [pid 5019] <... chdir resumed>) = 0 [ 69.976579][ T5019] REISERFS (device loop5): using 3.5.x disk format [ 69.981930][ T5021] REISERFS (device loop4): checking transaction log (loop4) [ 70.010259][ T5019] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 70.025675][ T5021] REISERFS (device loop4): Using r5 hash to sort names [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] close(4) = 0 [pid 5000] rmdir("./1/file0") = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] close(3 [pid 5023] <... openat resumed>) = 4 [pid 5022] ioctl(4, LOOP_SET_FD, 3 [pid 5019] ioctl(4, LOOP_CLR_FD [pid 5000] <... close resumed>) = 0 [pid 5000] rmdir("./1") = 0 [pid 5000] mkdir("./2", 0777) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5000] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5000] close(3./strace-static-x86_64: Process 5027 attached [pid 5023] ioctl(4, LOOP_SET_FD, 3 [pid 5022] <... ioctl resumed>) = 0 [pid 5021] <... mount resumed>) = 0 [pid 5019] <... ioctl resumed>) = 0 [pid 4998] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5027 [pid 5027] chdir("./1" [pid 5022] close(3 [pid 5021] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5019] close(4 [pid 5027] <... chdir resumed>) = 0 [pid 5023] <... ioctl resumed>) = 0 [pid 5022] <... close resumed>) = 0 [pid 5021] <... openat resumed>) = 3 [pid 5019] <... close resumed>) = 0 [pid 5027] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5023] close(3 [pid 5022] mkdir("./file0", 0777 [pid 5021] chdir("./file0" [pid 5019] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5027] <... prctl resumed>) = 0 [pid 5023] <... close resumed>) = 0 [pid 5022] <... mkdir resumed>) = 0 [pid 5021] <... chdir resumed>) = 0 [pid 5019] <... openat resumed>) = 4 [pid 5000] <... close resumed>) = 0 [pid 5027] setpgid(0, 0 [pid 5023] mkdir("./file0", 0777 [pid 5022] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5021] ioctl(4, LOOP_CLR_FD [pid 5019] ioctl(4, FS_IOC_GETVERSION [pid 5027] <... setpgid resumed>) = 0 [pid 5023] <... mkdir resumed>) = 0 [pid 5021] <... ioctl resumed>) = 0 [pid 5019] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5027] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5023] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5021] close(4 [pid 5019] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5027] <... openat resumed>) = 3 [pid 5021] <... close resumed>) = 0 [pid 5019] <... mmap resumed>) = 0x20000000 [pid 5027] write(3, "1000", 4 [pid 5021] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5019] exit_group(0 [pid 5027] <... write resumed>) = 4 [pid 5021] <... openat resumed>) = 4 [pid 5019] <... exit_group resumed>) = ? [pid 5000] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5030 [pid 5027] close(3 [pid 5021] ioctl(4, FS_IOC_GETVERSION [pid 5019] +++ exited with 0 +++ [pid 5027] <... close resumed>) = 0 [pid 5021] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5019, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} --- [pid 5027] symlink("/dev/binderfs", "./binderfs" [pid 5021] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5027] <... symlink resumed>) = 0 [pid 5021] <... mmap resumed>) = 0x20000000 [pid 5027] memfd_create("syzkaller", 0 [pid 5021] exit_group(0 [pid 5027] <... memfd_create resumed>) = 3 [pid 5021] <... exit_group resumed>) = ? [ 70.059617][ T5021] REISERFS (device loop4): using 3.5.x disk format [ 70.067455][ T5021] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 70.076956][ T5022] loop3: detected capacity change from 0 to 8192 [ 70.084670][ T5023] loop1: detected capacity change from 0 to 8192 [pid 5027] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5021] +++ exited with 0 +++ [pid 5003] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5030 attached [pid 5027] <... mmap resumed>) = 0x7fd82860d000 [pid 5030] chdir("./2" [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5021, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=11 /* 0.11 s */} --- [pid 5030] <... chdir resumed>) = 0 [pid 5030] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5030] setpgid(0, 0) = 0 [pid 5030] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5030] write(3, "1000", 4) = 4 [pid 5030] close(3) = 0 [pid 5030] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5003] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5030] memfd_create("syzkaller", 0 [pid 5003] <... openat resumed>) = 3 [pid 5003] fstat(3, [pid 5030] <... memfd_create resumed>) = 3 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5030] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5003] getdents64(3, [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] <... openat resumed>) = 3 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] fstat(3, [pid 5003] lstat("./1/binderfs", [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] getdents64(3, [pid 5003] unlink("./1/binderfs" [pid 5002] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5003] <... unlink resumed>) = 0 [pid 5002] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 70.106050][ T5023] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.119604][ T5022] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5002] unlink("./1/binderfs") = 0 [ 70.160166][ T5023] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 70.164995][ T5022] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 70.171045][ T5023] REISERFS (device loop1): using ordered data mode [ 70.186085][ T5023] reiserfs: using flush barriers [ 70.193301][ T5022] REISERFS (device loop3): using ordered data mode [pid 5002] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = 0 [pid 5003] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 70.200313][ T5023] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.217440][ T5022] reiserfs: using flush barriers [ 70.223794][ T5022] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.247739][ T5022] REISERFS (device loop3): checking transaction log (loop3) [pid 5003] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5027] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5003] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] <... umount2 resumed>) = 0 [pid 5003] getdents64(4, [pid 5022] <... mount resumed>) = 0 [pid 5003] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5022] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 70.257583][ T5022] REISERFS (device loop3): Using r5 hash to sort names [ 70.265466][ T5023] REISERFS (device loop1): checking transaction log (loop1) [ 70.273410][ T5022] REISERFS (device loop3): using 3.5.x disk format [ 70.281742][ T5022] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 70.291778][ T5023] REISERFS (device loop1): Using r5 hash to sort names [ 70.298667][ T5023] REISERFS (device loop1): using 3.5.x disk format [pid 5003] getdents64(4, [pid 5022] <... openat resumed>) = 3 [pid 5003] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5030] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5023] <... mount resumed>) = 0 [pid 5022] chdir("./file0" [pid 5003] close(4 [pid 5023] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5022] <... chdir resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5022] ioctl(4, LOOP_CLR_FD [pid 5003] rmdir("./1/file0") = 0 [pid 5022] <... ioctl resumed>) = 0 [pid 5003] getdents64(3, [pid 5002] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5022] close(4 [pid 5003] close(3 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5002] fstat(4, [pid 5003] <... close resumed>) = 0 [pid 5023] <... openat resumed>) = 3 [pid 5022] <... close resumed>) = 0 [pid 5023] chdir("./file0" [pid 5022] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5003] rmdir("./1" [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5023] <... chdir resumed>) = 0 [pid 5002] getdents64(4, [pid 5023] ioctl(4, LOOP_CLR_FD [pid 5022] <... openat resumed>) = 4 [pid 5003] <... rmdir resumed>) = 0 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5023] <... ioctl resumed>) = 0 [pid 5022] ioctl(4, FS_IOC_GETVERSION [pid 5003] mkdir("./2", 0777 [pid 5002] getdents64(4, [pid 5023] close(4 [pid 5022] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5003] <... mkdir resumed>) = 0 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5027] <... write resumed>) = 4194304 [pid 5023] <... close resumed>) = 0 [pid 5022] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5002] close(4 [pid 5027] munmap(0x7fd82860d000, 4194304 [pid 5023] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5022] <... mmap resumed>) = 0x20000000 [pid 5003] <... openat resumed>) = 3 [pid 5002] <... close resumed>) = 0 [pid 5027] <... munmap resumed>) = 0 [pid 5023] <... openat resumed>) = 4 [pid 5022] exit_group(0 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5002] rmdir("./1/file0" [pid 5030] <... write resumed>) = 4194304 [pid 5027] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5023] ioctl(4, FS_IOC_GETVERSION [pid 5002] <... rmdir resumed>) = 0 [ 70.309302][ T5023] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5030] munmap(0x7fd82860d000, 4194304 [pid 5027] <... openat resumed>) = 4 [pid 5002] getdents64(3, [pid 5030] <... munmap resumed>) = 0 [pid 5027] ioctl(4, LOOP_SET_FD, 3 [pid 5023] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5022] <... exit_group resumed>) = ? [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5002] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5030] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5023] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5022] +++ exited with 0 +++ [pid 5003] close(3 [pid 5023] <... mmap resumed>) = 0x20000000 [pid 5003] <... close resumed>) = 0 [pid 5023] exit_group(0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5002] close(3 [pid 5030] <... openat resumed>) = 4 [pid 5023] <... exit_group resumed>) = ? [pid 5002] <... close resumed>) = 0 [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5022, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5030] ioctl(4, LOOP_SET_FD, 3 [pid 5023] +++ exited with 0 +++ [pid 5003] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5031 [pid 5002] rmdir("./1" [pid 5027] <... ioctl resumed>) = 0 [pid 5027] close(3) = 0 [pid 5027] mkdir("./file0", 0777) = 0 [pid 5027] mount("/dev/loop0", "./file0", "reiserfs", 0, ""./strace-static-x86_64: Process 5031 attached [pid 5031] chdir("./2") = 0 [pid 5002] <... rmdir resumed>) = 0 [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5023, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5002] mkdir("./2", 0777 [pid 5001] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5031] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5002] <... mkdir resumed>) = 0 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5001] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5030] <... ioctl resumed>) = 0 [pid 5002] <... openat resumed>) = 3 [pid 5001] <... openat resumed>) = 3 [pid 5030] close(3 [pid 5002] ioctl(3, LOOP_CLR_FD [pid 5001] fstat(3, [pid 5002] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5030] <... close resumed>) = 0 [pid 5002] close(3 [pid 5001] getdents64(3, [pid 5030] mkdir("./file0", 0777 [pid 5002] <... close resumed>) = 0 [pid 5001] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5030] <... mkdir resumed>) = 0 [pid 5031] <... prctl resumed>) = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5030] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5002] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5033 [pid 5001] lstat("./1/binderfs", [pid 4999] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5001] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5001] unlink("./1/binderfs" [pid 4999] <... openat resumed>) = 3 [pid 5001] <... unlink resumed>) = 0 [pid 4999] fstat(3, [pid 5001] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5031] setpgid(0, 0) = 0 [pid 4999] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5031] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5031] <... openat resumed>) = 3 [pid 4999] lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5031] write(3, "1000", 4 [pid 4999] unlink("./1/binderfs" [pid 5031] <... write resumed>) = 4 [pid 5031] close(3 [pid 4999] <... unlink resumed>) = 0 [pid 5031] <... close resumed>) = 0 [pid 5031] symlink("/dev/binderfs", "./binderfs" [pid 4999] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5031] <... symlink resumed>) = 0 [ 70.375308][ T5027] loop0: detected capacity change from 0 to 8192 [ 70.387933][ T5030] loop2: detected capacity change from 0 to 8192 ./strace-static-x86_64: Process 5033 attached [pid 5033] chdir("./2") = 0 [pid 5033] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5033] setpgid(0, 0) = 0 [pid 5033] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5033] write(3, "1000", 4) = 4 [pid 5033] close(3) = 0 [pid 5033] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5033] memfd_create("syzkaller", 0) = 3 [pid 5033] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [ 70.419816][ T5027] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.433427][ T5030] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.440174][ T5027] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [pid 5033] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5031] memfd_create("syzkaller", 0) = 3 [pid 5031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5001] <... umount2 resumed>) = 0 [ 70.473582][ T5027] REISERFS (device loop0): using ordered data mode [ 70.504279][ T5027] reiserfs: using flush barriers [ 70.504651][ T5030] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [pid 5001] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] <... umount2 resumed>) = 0 [pid 5001] <... openat resumed>) = 4 [ 70.518668][ T5030] REISERFS (device loop2): using ordered data mode [ 70.525301][ T5030] reiserfs: using flush barriers [ 70.531237][ T5030] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.551879][ T5030] REISERFS (device loop2): checking transaction log (loop2) [pid 5033] <... write resumed>) = 4194304 [pid 5031] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5001] fstat(4, [pid 4999] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] getdents64(4, [pid 4999] lstat("./1/file0", [pid 5001] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(4, [pid 4999] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] close(4 [pid 4999] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5001] <... close resumed>) = 0 [pid 4999] <... openat resumed>) = 4 [pid 5001] rmdir("./1/file0" [pid 4999] fstat(4, [pid 5001] <... rmdir resumed>) = 0 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(3, [pid 4999] getdents64(4, [pid 5001] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5001] close(3 [pid 4999] getdents64(4, [pid 5001] <... close resumed>) = 0 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5001] rmdir("./1" [pid 4999] close(4 [pid 5001] <... rmdir resumed>) = 0 [pid 4999] <... close resumed>) = 0 [pid 5001] mkdir("./2", 0777 [pid 4999] rmdir("./1/file0" [pid 5001] <... mkdir resumed>) = 0 [pid 4999] <... rmdir resumed>) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4999] getdents64(3, [pid 5033] munmap(0x7fd82860d000, 4194304 [pid 5001] <... openat resumed>) = 3 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5001] ioctl(3, LOOP_CLR_FD [pid 4999] close(3 [pid 5001] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] <... close resumed>) = 0 [pid 5001] close(3 [pid 4999] rmdir("./1" [pid 5001] <... close resumed>) = 0 [pid 4999] <... rmdir resumed>) = 0 [pid 5033] <... munmap resumed>) = 0 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] mkdir("./2", 0777) = 0 [pid 5033] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5001] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5035 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5033] <... openat resumed>) = 4 [pid 4999] <... openat resumed>) = 3 [pid 5033] ioctl(4, LOOP_SET_FD, 3 [pid 4999] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5035 attached ) = -1 ENXIO (No such device or address) [pid 4999] close(3) = 0 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5036 ./strace-static-x86_64: Process 5036 attached [pid 5035] chdir("./2" [pid 5036] chdir("./2" [pid 5035] <... chdir resumed>) = 0 [pid 5036] <... chdir resumed>) = 0 [pid 5036] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5036] setpgid(0, 0) = 0 [ 70.555320][ T5027] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.577492][ T5030] REISERFS (device loop2): Using r5 hash to sort names [ 70.578053][ T5027] REISERFS (device loop0): checking transaction log (loop0) [ 70.593588][ T5027] REISERFS (device loop0): Using r5 hash to sort names [ 70.601257][ T5027] REISERFS (device loop0): using 3.5.x disk format [ 70.604639][ T5030] REISERFS (device loop2): using 3.5.x disk format [ 70.616551][ T5033] loop4: detected capacity change from 0 to 8192 [pid 5036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5035] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5036] <... openat resumed>) = 3 [pid 5036] write(3, "1000", 4) = 4 [pid 5036] close(3) = 0 [pid 5036] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5036] memfd_create("syzkaller", 0) = 3 [pid 5036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5033] <... ioctl resumed>) = 0 [pid 5033] close(3) = 0 [pid 5033] mkdir("./file0", 0777 [pid 5035] <... prctl resumed>) = 0 [pid 5035] setpgid(0, 0 [pid 5033] <... mkdir resumed>) = 0 [pid 5035] <... setpgid resumed>) = 0 [pid 5033] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5035] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5035] write(3, "1000", 4) = 4 [pid 5035] close(3) = 0 [pid 5035] symlink("/dev/binderfs", "./binderfs" [pid 5031] <... write resumed>) = 4194304 [pid 5027] <... mount resumed>) = 0 [pid 5035] <... symlink resumed>) = 0 [pid 5031] munmap(0x7fd82860d000, 4194304 [pid 5027] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5035] memfd_create("syzkaller", 0 [pid 5031] <... munmap resumed>) = 0 [pid 5027] <... openat resumed>) = 3 [pid 5035] <... memfd_create resumed>) = 3 [pid 5031] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5035] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5027] chdir("./file0" [pid 5031] <... openat resumed>) = 4 [pid 5027] <... chdir resumed>) = 0 [pid 5030] <... mount resumed>) = 0 [pid 5030] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5035] <... mmap resumed>) = 0x7fd82860d000 [pid 5027] ioctl(4, LOOP_CLR_FD [pid 5031] ioctl(4, LOOP_SET_FD, 3 [pid 5030] <... openat resumed>) = 3 [pid 5030] chdir("./file0") = 0 [ 70.629716][ T5027] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 70.652973][ T5030] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 70.664028][ T5033] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5030] ioctl(4, LOOP_CLR_FD [pid 5027] <... ioctl resumed>) = 0 [pid 5030] <... ioctl resumed>) = 0 [pid 5030] close(4 [pid 5031] <... ioctl resumed>) = 0 [pid 5027] close(4) = 0 [pid 5027] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5030] <... close resumed>) = 0 [pid 5030] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5027] <... openat resumed>) = 4 [pid 5027] ioctl(4, FS_IOC_GETVERSION [pid 5030] <... openat resumed>) = 4 [pid 5030] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5030] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5027] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5031] close(3 [pid 5027] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5030] exit_group(0) = ? [pid 5027] <... mmap resumed>) = 0x20000000 [pid 5031] <... close resumed>) = 0 [pid 5027] exit_group(0 [pid 5031] mkdir("./file0", 0777 [pid 5027] <... exit_group resumed>) = ? [pid 5027] +++ exited with 0 +++ [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5027, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5031] <... mkdir resumed>) = 0 [pid 5031] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5030] +++ exited with 0 +++ [pid 4998] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5030, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5000] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] fstat(3, [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4998] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4998] getdents64(3, [pid 5000] <... openat resumed>) = 3 [pid 4998] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] fstat(3, [pid 4998] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] getdents64(3, [pid 4998] lstat("./1/binderfs", [pid 5000] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4998] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 70.680331][ T5031] loop5: detected capacity change from 0 to 8192 [ 70.718839][ T5033] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [pid 5036] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5000] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] unlink("./1/binderfs" [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4998] <... unlink resumed>) = 0 [pid 5000] lstat("./2/binderfs", [pid 4998] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] unlink("./2/binderfs") = 0 [pid 5000] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] <... umount2 resumed>) = 0 [pid 4998] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 70.728534][ T5033] REISERFS (device loop4): using ordered data mode [ 70.735878][ T5031] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 70.749020][ T5033] reiserfs: using flush barriers [ 70.754308][ T5031] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [pid 4998] lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4998] close(4) = 0 [pid 4998] rmdir("./1/file0") = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] close(3) = 0 [pid 4998] rmdir("./1") = 0 [pid 4998] mkdir("./2", 0777 [pid 5035] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 4998] <... mkdir resumed>) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 4998] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4998] close(3) = 0 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5039 ./strace-static-x86_64: Process 5039 attached [pid 5039] chdir("./2") = 0 [pid 5039] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5039] setpgid(0, 0) = 0 [ 70.786268][ T5033] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5039] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5039] write(3, "1000", 4) = 4 [pid 5039] close(3) = 0 [pid 5039] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5039] memfd_create("syzkaller", 0) = 3 [pid 5039] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5036] <... write resumed>) = 4194304 [pid 5036] munmap(0x7fd82860d000, 4194304) = 0 [pid 5000] <... umount2 resumed>) = 0 [pid 5035] <... write resumed>) = 4194304 [pid 5000] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./2/file0", [pid 5035] munmap(0x7fd82860d000, 4194304 [pid 5036] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5035] <... munmap resumed>) = 0 [ 70.843454][ T5031] REISERFS (device loop5): using ordered data mode [ 70.850814][ T5031] reiserfs: using flush barriers [ 70.857694][ T5031] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 70.857857][ T5033] REISERFS (device loop4): checking transaction log (loop4) [ 70.886833][ T5033] REISERFS (device loop4): Using r5 hash to sort names [pid 5036] <... openat resumed>) = 4 [pid 5035] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5000] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5036] ioctl(4, LOOP_SET_FD, 3 [pid 5000] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5035] <... openat resumed>) = 4 [pid 5035] ioctl(4, LOOP_SET_FD, 3 [pid 5000] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] close(4) = 0 [pid 5000] rmdir("./2/file0") = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] close(3) = 0 [pid 5000] rmdir("./2") = 0 [pid 5000] mkdir("./3", 0777) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5000] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5000] close(3) = 0 [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5040 [ 70.897685][ T5031] REISERFS (device loop5): checking transaction log (loop5) [ 70.899279][ T5036] loop1: detected capacity change from 0 to 8192 [ 70.906131][ T5033] REISERFS (device loop4): using 3.5.x disk format [ 70.913722][ T5031] REISERFS (device loop5): Using r5 hash to sort names [ 70.918350][ T5033] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 70.934608][ T5035] loop3: detected capacity change from 0 to 8192 ./strace-static-x86_64: Process 5040 attached [pid 5039] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5036] <... ioctl resumed>) = 0 [pid 5035] <... ioctl resumed>) = 0 [pid 5033] <... mount resumed>) = 0 [pid 5040] chdir("./3" [pid 5036] close(3 [pid 5035] close(3 [pid 5033] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5036] <... close resumed>) = 0 [pid 5033] <... openat resumed>) = 3 [pid 5035] <... close resumed>) = 0 [pid 5036] mkdir("./file0", 0777 [pid 5035] mkdir("./file0", 0777) = 0 [pid 5036] <... mkdir resumed>) = 0 [pid 5033] chdir("./file0" [pid 5040] <... chdir resumed>) = 0 [pid 5040] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5036] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5035] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5033] <... chdir resumed>) = 0 [pid 5033] ioctl(4, LOOP_CLR_FD [pid 5040] <... prctl resumed>) = 0 [pid 5040] setpgid(0, 0 [pid 5033] <... ioctl resumed>) = 0 [pid 5040] <... setpgid resumed>) = 0 [pid 5033] close(4 [pid 5040] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5033] <... close resumed>) = 0 [pid 5033] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5040] <... openat resumed>) = 3 [ 70.948619][ T5031] REISERFS (device loop5): using 3.5.x disk format [ 70.966869][ T5031] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5040] write(3, "1000", 4 [pid 5033] <... openat resumed>) = 4 [pid 5040] <... write resumed>) = 4 [pid 5033] ioctl(4, FS_IOC_GETVERSION [pid 5040] close(3) = 0 [pid 5033] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5040] symlink("/dev/binderfs", "./binderfs" [pid 5033] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5040] <... symlink resumed>) = 0 [pid 5033] <... mmap resumed>) = 0x20000000 [pid 5040] memfd_create("syzkaller", 0) = 3 [pid 5040] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5033] exit_group(0 [pid 5031] <... mount resumed>) = 0 [pid 5040] <... mmap resumed>) = 0x7fd82860d000 [pid 5033] <... exit_group resumed>) = ? [pid 5031] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5033] +++ exited with 0 +++ [pid 5031] <... openat resumed>) = 3 [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5033, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [ 70.988441][ T5035] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.006110][ T5036] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.008115][ T5035] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 71.029555][ T5036] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 71.034367][ T5035] REISERFS (device loop3): using ordered data mode [pid 5031] chdir("./file0") = 0 [pid 5031] ioctl(4, LOOP_CLR_FD) = 0 [pid 5031] close(4) = 0 [pid 5002] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5031] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5031] <... openat resumed>) = 4 [pid 5002] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5031] ioctl(4, FS_IOC_GETVERSION [pid 5002] <... openat resumed>) = 3 [pid 5031] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5002] fstat(3, [pid 5031] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5031] <... mmap resumed>) = 0x20000000 [pid 5002] getdents64(3, [pid 5039] <... write resumed>) = 4194304 [pid 5031] exit_group(0 [pid 5002] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5039] munmap(0x7fd82860d000, 4194304 [pid 5031] <... exit_group resumed>) = ? [ 71.045956][ T5035] reiserfs: using flush barriers [ 71.059034][ T5035] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.077253][ T5035] REISERFS (device loop3): checking transaction log (loop3) [ 71.085138][ T5036] REISERFS (device loop1): using ordered data mode [ 71.088618][ T5039] loop0: detected capacity change from 0 to 8192 [pid 5002] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5039] <... munmap resumed>) = 0 [pid 5031] +++ exited with 0 +++ [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5031, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5002] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] unlink("./2/binderfs" [pid 5003] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] <... unlink resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5039] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5003] fstat(3, [pid 5039] <... openat resumed>) = 4 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5039] ioctl(4, LOOP_SET_FD, 3 [pid 5003] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./2/binderfs") = 0 [pid 5003] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5039] <... ioctl resumed>) = 0 [pid 5039] close(3) = 0 [pid 5039] mkdir("./file0", 0777) = 0 [pid 5039] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5035] <... mount resumed>) = 0 [pid 5035] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5035] chdir("./file0") = 0 [ 71.091912][ T5036] reiserfs: using flush barriers [ 71.103307][ T5035] REISERFS (device loop3): Using r5 hash to sort names [ 71.110490][ T5035] REISERFS (device loop3): using 3.5.x disk format [ 71.117964][ T5035] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 71.132298][ T5036] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5035] ioctl(4, LOOP_CLR_FD [pid 5003] <... umount2 resumed>) = 0 [pid 5002] <... umount2 resumed>) = 0 [pid 5035] <... ioctl resumed>) = 0 [pid 5035] close(4) = 0 [pid 5035] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5003] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./2/file0", [pid 5002] lstat("./2/file0", [pid 5035] ioctl(4, FS_IOC_GETVERSION [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5035] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5003] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5035] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5002] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5035] <... mmap resumed>) = 0x20000000 [pid 5003] <... openat resumed>) = 4 [pid 5002] <... openat resumed>) = 4 [pid 5035] exit_group(0 [pid 5003] fstat(4, [pid 5002] fstat(4, [pid 5035] <... exit_group resumed>) = ? [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, [pid 5002] getdents64(4, [pid 5035] +++ exited with 0 +++ [pid 5003] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, [pid 5002] getdents64(4, [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5035, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5003] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5001] restart_syscall(<... resuming interrupted clone ...> [pid 5003] close(4 [pid 5002] close(4 [pid 5001] <... restart_syscall resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5002] <... close resumed>) = 0 [pid 5003] rmdir("./2/file0" [pid 5002] rmdir("./2/file0" [pid 5003] <... rmdir resumed>) = 0 [pid 5002] <... rmdir resumed>) = 0 [pid 5001] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] getdents64(3, [pid 5002] getdents64(3, [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5002] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5001] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] close(3 [pid 5002] close(3 [pid 5001] <... openat resumed>) = 3 [pid 5003] <... close resumed>) = 0 [pid 5002] <... close resumed>) = 0 [pid 5001] fstat(3, [pid 5003] rmdir("./2" [pid 5002] rmdir("./2" [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... rmdir resumed>) = 0 [pid 5002] <... rmdir resumed>) = 0 [pid 5001] getdents64(3, [pid 5003] mkdir("./3", 0777 [pid 5002] mkdir("./3", 0777 [pid 5001] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [ 71.159037][ T5036] REISERFS (device loop1): checking transaction log (loop1) [pid 5003] <... mkdir resumed>) = 0 [pid 5002] <... mkdir resumed>) = 0 [pid 5001] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... openat resumed>) = 3 [pid 5002] <... openat resumed>) = 3 [pid 5001] lstat("./2/binderfs", [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5002] ioctl(3, LOOP_CLR_FD [pid 5001] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5002] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5001] unlink("./2/binderfs" [pid 5003] close(3 [pid 5002] close(3 [pid 5001] <... unlink resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5002] <... close resumed>) = 0 [pid 5001] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5044 [pid 5002] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5045 [pid 5040] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304./strace-static-x86_64: Process 5044 attached [pid 5044] chdir("./3") = 0 ./strace-static-x86_64: Process 5045 attached [pid 5044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5045] chdir("./3" [pid 5044] setpgid(0, 0) = 0 [pid 5044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5045] <... chdir resumed>) = 0 [pid 5044] <... openat resumed>) = 3 [pid 5045] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5044] write(3, "1000", 4 [pid 5045] <... prctl resumed>) = 0 [pid 5044] <... write resumed>) = 4 [ 71.209840][ T5039] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.228761][ T5036] REISERFS (device loop1): Using r5 hash to sort names [ 71.235715][ T5036] REISERFS (device loop1): using 3.5.x disk format [ 71.236978][ T5039] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [pid 5045] setpgid(0, 0 [pid 5044] close(3 [pid 5045] <... setpgid resumed>) = 0 [pid 5044] <... close resumed>) = 0 [pid 5045] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5044] symlink("/dev/binderfs", "./binderfs" [pid 5045] <... openat resumed>) = 3 [pid 5044] <... symlink resumed>) = 0 [pid 5045] write(3, "1000", 4 [pid 5044] memfd_create("syzkaller", 0 [pid 5040] <... write resumed>) = 4194304 [pid 5045] <... write resumed>) = 4 [pid 5044] <... memfd_create resumed>) = 3 [pid 5045] close(3 [pid 5044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5045] <... close resumed>) = 0 [pid 5044] <... mmap resumed>) = 0x7fd82860d000 [pid 5045] symlink("/dev/binderfs", "./binderfs" [pid 5040] munmap(0x7fd82860d000, 4194304 [pid 5036] <... mount resumed>) = 0 [pid 5045] <... symlink resumed>) = 0 [pid 5045] memfd_create("syzkaller", 0) = 3 [pid 5045] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5040] <... munmap resumed>) = 0 [pid 5036] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5040] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5036] <... openat resumed>) = 3 [pid 5001] <... umount2 resumed>) = 0 [pid 5040] ioctl(4, LOOP_SET_FD, 3 [pid 5036] chdir("./file0" [ 71.301255][ T5036] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 71.311042][ T5039] REISERFS (device loop0): using ordered data mode [ 71.317573][ T5039] reiserfs: using flush barriers [ 71.325909][ T5039] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5001] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5036] <... chdir resumed>) = 0 [pid 5036] ioctl(4, LOOP_CLR_FD [pid 5001] lstat("./2/file0", [pid 5036] <... ioctl resumed>) = 0 [pid 5001] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5036] close(4 [pid 5001] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5036] <... close resumed>) = 0 [pid 5036] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5036] <... openat resumed>) = 4 [pid 5036] ioctl(4, FS_IOC_GETVERSION [pid 5001] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5036] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5036] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5001] <... openat resumed>) = 4 [pid 5036] <... mmap resumed>) = 0x20000000 [pid 5001] fstat(4, [pid 5036] exit_group(0 [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5036] <... exit_group resumed>) = ? [pid 5001] getdents64(4, [pid 5036] +++ exited with 0 +++ [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5036, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5001] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5040] <... ioctl resumed>) = 0 [pid 5001] getdents64(4, [pid 5040] close(3 [pid 5001] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5040] <... close resumed>) = 0 [pid 5001] close(4 [pid 5040] mkdir("./file0", 0777 [pid 5001] <... close resumed>) = 0 [pid 5001] rmdir("./2/file0") = 0 [pid 5001] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5001] close(3) = 0 [pid 4999] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] rmdir("./2" [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... rmdir resumed>) = 0 [pid 4999] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5001] mkdir("./3", 0777 [pid 4999] <... openat resumed>) = 3 [pid 4999] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] <... mkdir resumed>) = 0 [pid 4999] getdents64(3, [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4999] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] <... openat resumed>) = 3 [pid 4999] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] ioctl(3, LOOP_CLR_FD [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5040] <... mkdir resumed>) = 0 [pid 5001] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] lstat("./2/binderfs", [pid 5001] close(3 [pid 5040] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5001] <... close resumed>) = 0 [pid 4999] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] unlink("./2/binderfs") = 0 [pid 4999] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5044] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5001] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5046 [pid 4999] <... umount2 resumed>) = 0 [pid 4999] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4999] lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 71.353799][ T5040] loop2: detected capacity change from 0 to 8192 [ 71.393744][ T5039] REISERFS (device loop0): checking transaction log (loop0) ./strace-static-x86_64: Process 5046 attached [pid 5045] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 4999] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5046] chdir("./3") = 0 [pid 4999] <... openat resumed>) = 4 [pid 5046] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4999] fstat(4, [pid 5046] <... prctl resumed>) = 0 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5046] setpgid(0, 0 [pid 4999] getdents64(4, [pid 5046] <... setpgid resumed>) = 0 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5046] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4999] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5046] <... openat resumed>) = 3 [ 71.411255][ T5040] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.411695][ T5039] REISERFS (device loop0): Using r5 hash to sort names [ 71.431401][ T5039] REISERFS (device loop0): using 3.5.x disk format [ 71.438258][ T5039] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 4999] close(4 [pid 5046] write(3, "1000", 4 [pid 5045] <... write resumed>) = 4194304 [pid 5039] <... mount resumed>) = 0 [pid 4999] <... close resumed>) = 0 [pid 5046] <... write resumed>) = 4 [pid 5045] munmap(0x7fd82860d000, 4194304 [pid 5039] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4999] rmdir("./2/file0" [pid 5046] close(3 [pid 5045] <... munmap resumed>) = 0 [pid 5039] <... openat resumed>) = 3 [pid 5046] <... close resumed>) = 0 [pid 5045] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5039] chdir("./file0" [pid 4999] <... rmdir resumed>) = 0 [pid 5046] symlink("/dev/binderfs", "./binderfs" [pid 5045] <... openat resumed>) = 4 [pid 5039] <... chdir resumed>) = 0 [pid 4999] getdents64(3, [pid 5046] <... symlink resumed>) = 0 [pid 5045] ioctl(4, LOOP_SET_FD, 3 [pid 5039] ioctl(4, LOOP_CLR_FD [pid 4999] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5046] memfd_create("syzkaller", 0 [pid 5039] <... ioctl resumed>) = 0 [pid 5045] <... ioctl resumed>) = 0 [pid 4999] close(3 [pid 5046] <... memfd_create resumed>) = 3 [pid 5039] close(4 [pid 4999] <... close resumed>) = 0 [ 71.471728][ T5040] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 71.485355][ T5040] REISERFS (device loop2): using ordered data mode [ 71.492076][ T5040] reiserfs: using flush barriers [ 71.499523][ T5045] loop4: detected capacity change from 0 to 8192 [pid 5046] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5045] close(3 [pid 5044] <... write resumed>) = 4194304 [pid 5039] <... close resumed>) = 0 [pid 4999] rmdir("./2" [pid 5046] <... mmap resumed>) = 0x7fd82860d000 [pid 5045] <... close resumed>) = 0 [pid 5044] munmap(0x7fd82860d000, 4194304 [pid 5039] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5045] mkdir("./file0", 0777) = 0 [pid 5045] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 4999] <... rmdir resumed>) = 0 [pid 4999] mkdir("./3", 0777) = 0 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 4999] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4999] close(3 [pid 5044] <... munmap resumed>) = 0 [pid 5039] <... openat resumed>) = 4 [pid 4999] <... close resumed>) = 0 [pid 5044] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5039] ioctl(4, FS_IOC_GETVERSION [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5044] <... openat resumed>) = 4 [pid 5039] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 4999] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5049 ./strace-static-x86_64: Process 5049 attached [pid 5049] chdir("./3") = 0 [ 71.512293][ T5040] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.529393][ T5040] REISERFS (device loop2): checking transaction log (loop2) [ 71.549400][ T5040] REISERFS (device loop2): Using r5 hash to sort names [ 71.556670][ T5040] REISERFS (device loop2): using 3.5.x disk format [pid 5044] ioctl(4, LOOP_SET_FD, 3 [pid 5039] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5049] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5046] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5049] <... prctl resumed>) = 0 [pid 5049] setpgid(0, 0) = 0 [pid 5049] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5049] write(3, "1000", 4) = 4 [pid 5049] close(3) = 0 [pid 5049] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5049] memfd_create("syzkaller", 0) = 3 [pid 5049] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5039] <... mmap resumed>) = 0x20000000 [pid 5044] <... ioctl resumed>) = 0 [pid 5039] exit_group(0 [pid 5044] close(3) = 0 [pid 5039] <... exit_group resumed>) = ? [pid 5044] mkdir("./file0", 0777 [pid 5039] +++ exited with 0 +++ [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5039, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5044] <... mkdir resumed>) = 0 [pid 5044] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 4998] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4998] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4998] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./2/binderfs", [pid 5040] <... mount resumed>) = 0 [pid 5040] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5040] chdir("./file0") = 0 [pid 5040] ioctl(4, LOOP_CLR_FD) = 0 [pid 5040] close(4 [pid 4998] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5040] <... close resumed>) = 0 [pid 4998] unlink("./2/binderfs" [pid 5040] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 4998] <... unlink resumed>) = 0 [pid 5040] <... openat resumed>) = 4 [pid 5040] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5040] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 4998] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 71.557518][ T5045] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.576696][ T5040] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 71.586018][ T5044] loop5: detected capacity change from 0 to 8192 [pid 5049] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5040] <... mmap resumed>) = 0x20000000 [pid 5040] exit_group(0) = ? [pid 5040] +++ exited with 0 +++ [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5040, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5000] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5000] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] unlink("./3/binderfs") = 0 [ 71.637604][ T5044] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.650796][ T5045] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 71.660766][ T5044] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 71.660984][ T5045] REISERFS (device loop4): using ordered data mode [ 71.677980][ T5045] reiserfs: using flush barriers [ 71.688932][ T5044] REISERFS (device loop5): using ordered data mode [ 71.691957][ T5045] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.695877][ T5044] reiserfs: using flush barriers [ 71.718160][ T5045] REISERFS (device loop4): checking transaction log (loop4) [pid 5000] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... write resumed>) = 4194304 [pid 5046] <... write resumed>) = 4194304 [pid 4998] <... umount2 resumed>) = 0 [pid 5049] munmap(0x7fd82860d000, 4194304 [pid 5046] munmap(0x7fd82860d000, 4194304 [pid 4998] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... munmap resumed>) = 0 [pid 5046] <... munmap resumed>) = 0 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5046] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4998] lstat("./2/file0", [pid 5049] <... openat resumed>) = 4 [pid 5046] <... openat resumed>) = 4 [pid 4998] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5049] ioctl(4, LOOP_SET_FD, 3 [pid 5046] ioctl(4, LOOP_SET_FD, 3 [pid 4998] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... ioctl resumed>) = 0 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] close(3 [pid 4998] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... close resumed>) = 0 [pid 4998] <... openat resumed>) = 4 [pid 5049] mkdir("./file0", 0777 [pid 4998] fstat(4, [pid 5049] <... mkdir resumed>) = 0 [pid 4998] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5049] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4998] close(4) = 0 [pid 4998] rmdir("./2/file0") = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] close(3) = 0 [pid 4998] rmdir("./2") = 0 [pid 4998] mkdir("./3", 0777) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 4998] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4998] close(3) = 0 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5052 [pid 5046] <... ioctl resumed>) = 0 [pid 5046] close(3) = 0 [pid 5046] mkdir("./file0", 0777) = 0 [ 71.725210][ T5044] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.743106][ T5044] REISERFS (device loop5): checking transaction log (loop5) [ 71.751553][ T5045] REISERFS (device loop4): Using r5 hash to sort names [ 71.757808][ T5049] loop1: detected capacity change from 0 to 8192 [ 71.765739][ T5046] loop3: detected capacity change from 0 to 8192 [ 71.777703][ T5045] REISERFS (device loop4): using 3.5.x disk format [pid 5046] mount("/dev/loop3", "./file0", "reiserfs", 0, ""./strace-static-x86_64: Process 5052 attached [pid 5052] chdir("./3") = 0 [pid 5052] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5052] setpgid(0, 0) = 0 [pid 5052] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5052] write(3, "1000", 4) = 4 [pid 5052] close(3) = 0 [pid 5052] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5052] memfd_create("syzkaller", 0) = 3 [pid 5052] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5000] <... umount2 resumed>) = 0 [pid 5000] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5000] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] close(4) = 0 [pid 5000] rmdir("./3/file0") = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] close(3) = 0 [pid 5000] rmdir("./3") = 0 [pid 5000] mkdir("./4", 0777) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5000] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5000] close(3) = 0 [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5054 ./strace-static-x86_64: Process 5054 attached [pid 5054] chdir("./4") = 0 [pid 5054] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5054] setpgid(0, 0) = 0 [pid 5054] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5054] write(3, "1000", 4) = 4 [pid 5054] close(3) = 0 [pid 5054] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5054] memfd_create("syzkaller", 0) = 3 [pid 5054] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5045] <... mount resumed>) = 0 [ 71.799426][ T5044] REISERFS (device loop5): Using r5 hash to sort names [ 71.806326][ T5044] REISERFS (device loop5): using 3.5.x disk format [ 71.809151][ T5045] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 71.822151][ T5049] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 71.835496][ T5046] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5045] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5044] <... mount resumed>) = 0 [pid 5044] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5044] chdir("./file0") = 0 [pid 5044] ioctl(4, LOOP_CLR_FD) = 0 [pid 5044] close(4 [pid 5045] <... openat resumed>) = 3 [pid 5045] chdir("./file0" [pid 5044] <... close resumed>) = 0 [ 71.859374][ T5049] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 71.868677][ T5049] REISERFS (device loop1): using ordered data mode [ 71.875600][ T5044] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 71.885847][ T5049] reiserfs: using flush barriers [ 71.892155][ T5049] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5045] <... chdir resumed>) = 0 [pid 5044] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5044] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5044] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5044] exit_group(0 [pid 5045] ioctl(4, LOOP_CLR_FD [pid 5044] <... exit_group resumed>) = ? [pid 5044] +++ exited with 0 +++ [pid 5045] <... ioctl resumed>) = 0 [ 71.909028][ T5049] REISERFS (device loop1): checking transaction log (loop1) [ 71.910427][ T5046] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 71.917901][ T5049] REISERFS (device loop1): Using r5 hash to sort names [ 71.932739][ T5049] REISERFS (device loop1): using 3.5.x disk format [ 71.940054][ T5049] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5045] close(4 [pid 5054] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5049] <... mount resumed>) = 0 [pid 5045] <... close resumed>) = 0 [pid 5045] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5044, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5045] <... openat resumed>) = 4 [pid 5045] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5045] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5045] exit_group(0 [pid 5049] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5045] <... exit_group resumed>) = ? [pid 5049] <... openat resumed>) = 3 [pid 5045] +++ exited with 0 +++ [pid 5049] chdir("./file0" [pid 5003] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... chdir resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5045, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5049] ioctl(4, LOOP_CLR_FD [pid 5003] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5002] restart_syscall(<... resuming interrupted clone ...> [pid 5003] <... openat resumed>) = 3 [pid 5002] <... restart_syscall resumed>) = 0 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5052] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5003] getdents64(3, [pid 5002] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] <... openat resumed>) = 3 [pid 5003] lstat("./3/binderfs", [pid 5002] fstat(3, [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] unlink("./3/binderfs" [pid 5002] getdents64(3, [pid 5049] <... ioctl resumed>) = 0 [pid 5003] <... unlink resumed>) = 0 [pid 5002] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5049] close(4 [ 71.961055][ T5046] REISERFS (device loop3): using ordered data mode [ 71.967725][ T5046] reiserfs: using flush barriers [ 71.988054][ T5046] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5003] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5054] <... write resumed>) = 4194304 [pid 5049] <... close resumed>) = 0 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] unlink("./3/binderfs") = 0 [pid 5002] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5054] munmap(0x7fd82860d000, 4194304 [pid 5049] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5054] <... munmap resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5049] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5054] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5049] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5054] <... openat resumed>) = 4 [pid 5054] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... mmap resumed>) = 0x20000000 [pid 5049] exit_group(0) = ? [pid 5049] +++ exited with 0 +++ [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5049, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 4999] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4999] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4999] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5054] <... ioctl resumed>) = 0 [pid 4999] getdents64(3, [pid 5054] close(3 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5054] <... close resumed>) = 0 [pid 4999] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5054] mkdir("./file0", 0777 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 72.015413][ T5046] REISERFS (device loop3): checking transaction log (loop3) [ 72.025124][ T5046] REISERFS (device loop3): Using r5 hash to sort names [ 72.038478][ T5054] loop2: detected capacity change from 0 to 8192 [ 72.057325][ T5046] REISERFS (device loop3): using 3.5.x disk format [pid 4999] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4999] unlink("./3/binderfs") = 0 [pid 4999] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5054] <... mkdir resumed>) = 0 [pid 5046] <... mount resumed>) = 0 [pid 5054] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5046] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5003] <... umount2 resumed>) = 0 [pid 5046] chdir("./file0" [pid 5002] <... umount2 resumed>) = 0 [pid 5052] <... write resumed>) = 4194304 [pid 5046] <... chdir resumed>) = 0 [pid 5002] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./3/file0") = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./3") = 0 [pid 5003] mkdir("./4", 0777) = 0 [pid 5046] ioctl(4, LOOP_CLR_FD [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5046] <... ioctl resumed>) = 0 [pid 5002] lstat("./3/file0", [pid 5046] close(4 [pid 5002] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5046] <... close resumed>) = 0 [pid 5002] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5046] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5046] <... openat resumed>) = 4 [pid 5002] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5046] ioctl(4, FS_IOC_GETVERSION [pid 5002] <... openat resumed>) = 4 [pid 5046] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5002] fstat(4, [pid 5046] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5046] <... mmap resumed>) = 0x20000000 [pid 5002] getdents64(4, [pid 5046] exit_group(0 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5046] <... exit_group resumed>) = ? [pid 5002] getdents64(4, [pid 5046] +++ exited with 0 +++ [pid 5002] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5002] close(4 [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5046, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5002] <... close resumed>) = 0 [pid 5002] rmdir("./3/file0") = 0 [pid 5002] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5002] close(3) = 0 [pid 5002] rmdir("./3") = 0 [pid 5002] mkdir("./4", 0777) = 0 [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5002] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5002] close(3 [pid 5001] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] <... close resumed>) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 72.079012][ T5046] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 72.114497][ T5054] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5001] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5002] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5056 [pid 5052] munmap(0x7fd82860d000, 4194304 [pid 5001] <... openat resumed>) = 3 [pid 5052] <... munmap resumed>) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5001] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(3, [pid 5052] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5056 attached ) = 4 [pid 5001] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5056] chdir("./4" [pid 5052] ioctl(4, LOOP_SET_FD, 3 [pid 5056] <... chdir resumed>) = 0 [pid 5001] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5001] unlink("./3/binderfs") = 0 [pid 5001] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... openat resumed>) = 3 [pid 5056] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5056] setpgid(0, 0) = 0 [pid 5056] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... ioctl resumed>) = 0 [pid 5056] <... openat resumed>) = 3 [pid 5052] close(3 [pid 5056] write(3, "1000", 4 [pid 5052] <... close resumed>) = 0 [pid 5056] <... write resumed>) = 4 [pid 5052] mkdir("./file0", 0777 [pid 5056] close(3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3 [pid 5056] <... close resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5056] symlink("/dev/binderfs", "./binderfs" [pid 5052] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5056] <... symlink resumed>) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5056] memfd_create("syzkaller", 0) = 3 [pid 5056] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5003] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5058 ./strace-static-x86_64: Process 5058 attached [ 72.144696][ T5054] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 72.159863][ T5052] loop0: detected capacity change from 0 to 8192 [pid 5058] chdir("./4") = 0 [pid 5056] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 4999] <... umount2 resumed>) = 0 [ 72.203849][ T5052] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.217032][ T5054] REISERFS (device loop2): using ordered data mode [ 72.217047][ T5054] reiserfs: using flush barriers [ 72.229482][ T5054] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5058] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4999] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5058] <... prctl resumed>) = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5058] setpgid(0, 0 [pid 4999] lstat("./3/file0", [pid 5058] <... setpgid resumed>) = 0 [pid 5058] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4999] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5058] <... openat resumed>) = 3 [pid 4999] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5058] write(3, "1000", 4) = 4 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5058] close(3 [pid 4999] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5058] <... close resumed>) = 0 [pid 5058] symlink("/dev/binderfs", "./binderfs" [pid 4999] <... openat resumed>) = 4 [pid 5058] <... symlink resumed>) = 0 [pid 4999] fstat(4, [pid 5058] memfd_create("syzkaller", 0 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5058] <... memfd_create resumed>) = 3 [pid 4999] getdents64(4, [pid 5058] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5058] <... mmap resumed>) = 0x7fd82860d000 [pid 4999] getdents64(4, [pid 5001] <... umount2 resumed>) = 0 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5001] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] close(4 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] <... close resumed>) = 0 [pid 4999] rmdir("./3/file0" [pid 5001] lstat("./3/file0", [pid 4999] <... rmdir resumed>) = 0 [pid 4999] getdents64(3, [pid 5001] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] close(3 [pid 5001] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... close resumed>) = 0 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] rmdir("./3" [pid 5001] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] <... rmdir resumed>) = 0 [pid 5001] <... openat resumed>) = 4 [pid 4999] mkdir("./4", 0777 [pid 5001] fstat(4, [pid 4999] <... mkdir resumed>) = 0 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] <... openat resumed>) = 3 [pid 5001] getdents64(4, [pid 4999] ioctl(3, LOOP_CLR_FD [pid 5001] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5001] getdents64(4, [ 72.245103][ T5052] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 72.256232][ T5052] REISERFS (device loop0): using ordered data mode [ 72.266059][ T5052] reiserfs: using flush barriers [ 72.275051][ T5052] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 4999] close(3 [pid 5001] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4999] <... close resumed>) = 0 [pid 5001] close(4 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5059 [pid 5001] <... close resumed>) = 0 [pid 5001] rmdir("./3/file0" [pid 5052] <... mount resumed>) = 0 [pid 5001] <... rmdir resumed>) = 0 [pid 5001] getdents64(3, [pid 5052] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5001] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5001] close(3) = 0 [pid 5001] rmdir("./3") = 0 [pid 5052] <... openat resumed>) = 3 [pid 5001] mkdir("./4", 0777) = 0 [pid 5052] chdir("./file0" [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] <... chdir resumed>) = 0 [pid 5052] ioctl(4, LOOP_CLR_FD [pid 5001] <... openat resumed>) = 3 [pid 5001] ioctl(3, LOOP_CLR_FD [pid 5052] <... ioctl resumed>) = 0 [pid 5001] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(4 [pid 5001] close(3 [pid 5052] <... close resumed>) = 0 [pid 5001] <... close resumed>) = 0 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5001] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5060 [pid 5052] <... openat resumed>) = 4 [pid 5052] ioctl(4, FS_IOC_GETVERSION./strace-static-x86_64: Process 5059 attached , 0) = -1 EFAULT (Bad address) [pid 5052] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5059] chdir("./4" [pid 5052] <... mmap resumed>) = 0x20000000 ./strace-static-x86_64: Process 5060 attached [pid 5059] <... chdir resumed>) = 0 [pid 5060] chdir("./4" [pid 5052] exit_group(0 [pid 5059] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5060] <... chdir resumed>) = 0 [pid 5059] setpgid(0, 0 [pid 5052] <... exit_group resumed>) = ? [pid 5060] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5059] <... setpgid resumed>) = 0 [pid 5059] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5059] write(3, "1000", 4 [pid 5060] <... prctl resumed>) = 0 [pid 5052] +++ exited with 0 +++ [pid 5059] <... write resumed>) = 4 [pid 5060] setpgid(0, 0 [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5052, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5060] <... setpgid resumed>) = 0 [pid 5059] close(3 [pid 4998] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5059] <... close resumed>) = 0 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5060] <... openat resumed>) = 3 [pid 5059] symlink("/dev/binderfs", "./binderfs" [pid 4998] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] write(3, "1000", 4 [pid 5059] <... symlink resumed>) = 0 [pid 4998] <... openat resumed>) = 3 [pid 4998] fstat(3, [pid 5059] memfd_create("syzkaller", 0 [pid 5060] <... write resumed>) = 4 [pid 4998] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5060] close(3 [pid 5059] <... memfd_create resumed>) = 3 [pid 4998] getdents64(3, [pid 5060] <... close resumed>) = 0 [pid 5059] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5056] <... write resumed>) = 4194304 [pid 4998] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5060] symlink("/dev/binderfs", "./binderfs" [pid 5059] <... mmap resumed>) = 0x7fd82860d000 [pid 4998] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5060] <... symlink resumed>) = 0 [pid 4998] unlink("./3/binderfs" [pid 5060] memfd_create("syzkaller", 0 [pid 4998] <... unlink resumed>) = 0 [pid 5060] <... memfd_create resumed>) = 3 [ 72.297523][ T5052] REISERFS (device loop0): checking transaction log (loop0) [ 72.305853][ T5052] REISERFS (device loop0): Using r5 hash to sort names [ 72.312945][ T5054] REISERFS (device loop2): checking transaction log (loop2) [ 72.314264][ T5052] REISERFS (device loop0): using 3.5.x disk format [ 72.327623][ T5052] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 4998] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5056] munmap(0x7fd82860d000, 4194304) = 0 [pid 5056] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5056] ioctl(4, LOOP_SET_FD, 3 [pid 5060] <... mmap resumed>) = 0x7fd82860d000 [pid 5058] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5056] <... ioctl resumed>) = 0 [pid 5056] close(3) = 0 [pid 5056] mkdir("./file0", 0777) = 0 [pid 5056] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 4998] <... umount2 resumed>) = 0 [ 72.389338][ T5054] REISERFS (device loop2): Using r5 hash to sort names [ 72.393814][ T5056] loop4: detected capacity change from 0 to 8192 [ 72.397068][ T5054] REISERFS (device loop2): using 3.5.x disk format [pid 4998] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4998] close(4) = 0 [pid 4998] rmdir("./3/file0") = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] close(3) = 0 [pid 4998] rmdir("./3") = 0 [pid 4998] mkdir("./4", 0777) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 4998] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4998] close(3) = 0 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5062 ./strace-static-x86_64: Process 5062 attached [pid 5062] chdir("./4") = 0 [pid 5062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5062] setpgid(0, 0) = 0 [pid 5062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5059] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5062] write(3, "1000", 4) = 4 [pid 5062] close(3) = 0 [pid 5062] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5062] memfd_create("syzkaller", 0 [pid 5054] <... mount resumed>) = 0 [pid 5054] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5062] <... memfd_create resumed>) = 3 [pid 5062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5060] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5058] <... write resumed>) = 4194304 [pid 5054] <... openat resumed>) = 3 [pid 5054] chdir("./file0") = 0 [pid 5054] ioctl(4, LOOP_CLR_FD) = 0 [ 72.435552][ T5054] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 72.469303][ T5056] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5054] close(4) = 0 [pid 5054] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5054] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5054] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5059] <... write resumed>) = 4194304 [pid 5060] <... write resumed>) = 4194304 [pid 5059] munmap(0x7fd82860d000, 4194304 [pid 5058] munmap(0x7fd82860d000, 4194304 [pid 5054] <... mmap resumed>) = 0x20000000 [pid 5059] <... munmap resumed>) = 0 [pid 5058] <... munmap resumed>) = 0 [pid 5054] exit_group(0 [pid 5060] munmap(0x7fd82860d000, 4194304 [pid 5059] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5058] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5054] <... exit_group resumed>) = ? [pid 5060] <... munmap resumed>) = 0 [pid 5054] +++ exited with 0 +++ [pid 5058] <... openat resumed>) = 4 [pid 5060] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5059] <... openat resumed>) = 4 [pid 5058] ioctl(4, LOOP_SET_FD, 3 [pid 5060] <... openat resumed>) = 4 [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5054, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [ 72.530542][ T5056] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 72.539929][ T5056] REISERFS (device loop4): using ordered data mode [ 72.546456][ T5056] reiserfs: using flush barriers [ 72.559186][ T5056] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5000] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5000] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5000] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] unlink("./4/binderfs" [pid 5060] ioctl(4, LOOP_SET_FD, 3 [pid 5059] ioctl(4, LOOP_SET_FD, 3 [pid 5058] <... ioctl resumed>) = 0 [pid 5000] <... unlink resumed>) = 0 [pid 5000] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5062] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5060] <... ioctl resumed>) = 0 [pid 5059] <... ioctl resumed>) = 0 [pid 5058] close(3 [pid 5060] close(3) = 0 [pid 5059] close(3 [pid 5058] <... close resumed>) = 0 [pid 5060] mkdir("./file0", 0777 [pid 5059] <... close resumed>) = 0 [pid 5060] <... mkdir resumed>) = 0 [pid 5059] mkdir("./file0", 0777 [pid 5058] mkdir("./file0", 0777 [ 72.581643][ T5058] loop5: detected capacity change from 0 to 8192 [ 72.588895][ T5060] loop3: detected capacity change from 0 to 8192 [ 72.595846][ T5059] loop1: detected capacity change from 0 to 8192 [ 72.603853][ T5056] REISERFS (device loop4): checking transaction log (loop4) [ 72.613150][ T5056] REISERFS (device loop4): Using r5 hash to sort names [ 72.620607][ T5056] REISERFS (device loop4): using 3.5.x disk format [pid 5060] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5059] <... mkdir resumed>) = 0 [pid 5058] <... mkdir resumed>) = 0 [pid 5059] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5058] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5062] <... write resumed>) = 4194304 [pid 5056] <... mount resumed>) = 0 [pid 5000] <... umount2 resumed>) = 0 [pid 5062] munmap(0x7fd82860d000, 4194304 [pid 5056] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5062] <... munmap resumed>) = 0 [pid 5056] <... openat resumed>) = 3 [pid 5062] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5056] chdir("./file0" [pid 5062] <... openat resumed>) = 4 [pid 5056] <... chdir resumed>) = 0 [ 72.629101][ T5056] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 72.645468][ T5059] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.659184][ T5060] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.672995][ T5062] loop0: detected capacity change from 0 to 8192 [pid 5062] ioctl(4, LOOP_SET_FD, 3 [pid 5056] ioctl(4, LOOP_CLR_FD) = 0 [pid 5056] close(4) = 0 [pid 5056] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5056] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5056] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5056] exit_group(0) = ? [pid 5056] +++ exited with 0 +++ [pid 5000] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5000] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] close(4) = 0 [pid 5000] rmdir("./4/file0") = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] close(3) = 0 [pid 5000] rmdir("./4") = 0 [pid 5000] mkdir("./5", 0777) = 0 [pid 5062] <... ioctl resumed>) = 0 [pid 5062] close(3) = 0 [pid 5062] mkdir("./file0", 0777) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5062] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5000] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5000] close(3) = 0 [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5067 [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5056, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- ./strace-static-x86_64: Process 5067 attached [ 72.673046][ T5058] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.696535][ T5059] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 72.707045][ T5059] REISERFS (device loop1): using ordered data mode [ 72.707666][ T5060] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 72.713797][ T5058] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [pid 5067] chdir("./5") = 0 [pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5002] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... prctl resumed>) = 0 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] setpgid(0, 0 [pid 5002] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] <... setpgid resumed>) = 0 [pid 5002] <... openat resumed>) = 3 [pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5002] fstat(3, [pid 5067] <... openat resumed>) = 3 [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] write(3, "1000", 4 [pid 5002] getdents64(3, [pid 5067] <... write resumed>) = 4 [pid 5002] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5067] close(3 [pid 5002] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... close resumed>) = 0 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] symlink("/dev/binderfs", "./binderfs" [pid 5002] lstat("./4/binderfs", [pid 5067] <... symlink resumed>) = 0 [pid 5002] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5067] memfd_create("syzkaller", 0 [pid 5002] unlink("./4/binderfs" [pid 5067] <... memfd_create resumed>) = 3 [ 72.724641][ T5062] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.732718][ T5059] reiserfs: using flush barriers [ 72.746296][ T5062] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 72.750650][ T5060] REISERFS (device loop3): using ordered data mode [ 72.759330][ T5062] REISERFS (device loop0): using ordered data mode [ 72.759342][ T5062] reiserfs: using flush barriers [pid 5002] <... unlink resumed>) = 0 [pid 5067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5002] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] <... mmap resumed>) = 0x7fd82860d000 [ 72.760252][ T5058] REISERFS (device loop5): using ordered data mode [ 72.784025][ T5062] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.801739][ T5062] REISERFS (device loop0): checking transaction log (loop0) [ 72.809659][ T5058] reiserfs: using flush barriers [ 72.816604][ T5062] REISERFS (device loop0): Using r5 hash to sort names [pid 5062] <... mount resumed>) = 0 [pid 5062] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5062] chdir("./file0") = 0 [ 72.820005][ T5058] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.823735][ T5062] REISERFS (device loop0): using 3.5.x disk format [ 72.847357][ T5062] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 72.857964][ T5059] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.874899][ T5059] REISERFS (device loop1): checking transaction log (loop1) [pid 5062] ioctl(4, LOOP_CLR_FD) = 0 [pid 5062] close(4 [pid 5059] <... mount resumed>) = 0 [pid 5062] <... close resumed>) = 0 [ 72.883383][ T5059] REISERFS (device loop1): Using r5 hash to sort names [ 72.890598][ T5059] REISERFS (device loop1): using 3.5.x disk format [ 72.896483][ T5060] reiserfs: using flush barriers [ 72.897449][ T5059] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 72.912136][ T5058] REISERFS (device loop5): checking transaction log (loop5) [ 72.920491][ T5058] REISERFS (device loop5): Using r5 hash to sort names [ 72.927483][ T5058] REISERFS (device loop5): using 3.5.x disk format [pid 5059] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5062] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5059] <... openat resumed>) = 3 [pid 5002] <... umount2 resumed>) = 0 [pid 5067] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5062] <... openat resumed>) = 4 [pid 5059] chdir("./file0" [pid 5058] <... mount resumed>) = 0 [pid 5002] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5002] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5002] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5002] close(4) = 0 [pid 5002] rmdir("./4/file0") = 0 [pid 5062] ioctl(4, FS_IOC_GETVERSION [pid 5059] <... chdir resumed>) = 0 [pid 5002] getdents64(3, [pid 5062] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5058] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5002] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5062] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5059] ioctl(4, LOOP_CLR_FD [pid 5058] <... openat resumed>) = 3 [pid 5002] close(3) = 0 [pid 5002] rmdir("./4") = 0 [pid 5002] mkdir("./5", 0777) = 0 [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5062] <... mmap resumed>) = 0x20000000 [pid 5059] <... ioctl resumed>) = 0 [pid 5058] chdir("./file0" [pid 5002] <... openat resumed>) = 3 [pid 5002] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 72.934753][ T5058] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 72.945438][ T5060] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.962917][ T5060] REISERFS (device loop3): checking transaction log (loop3) [ 72.971384][ T5060] REISERFS (device loop3): Using r5 hash to sort names [pid 5002] close(3 [pid 5062] exit_group(0 [pid 5059] close(4 [pid 5058] <... chdir resumed>) = 0 [pid 5002] <... close resumed>) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5068 ./strace-static-x86_64: Process 5068 attached [pid 5068] chdir("./5") = 0 [pid 5062] <... exit_group resumed>) = ? [pid 5059] <... close resumed>) = 0 [pid 5058] ioctl(4, LOOP_CLR_FD [pid 5060] <... mount resumed>) = 0 [pid 5062] +++ exited with 0 +++ [pid 5060] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5059] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5058] <... ioctl resumed>) = 0 [pid 5060] <... openat resumed>) = 3 [pid 5059] <... openat resumed>) = 4 [pid 5058] close(4 [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5060] chdir("./file0" [pid 5059] ioctl(4, FS_IOC_GETVERSION [pid 5058] <... close resumed>) = 0 [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5062, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=15 /* 0.15 s */} --- [pid 5068] <... prctl resumed>) = 0 [pid 5060] <... chdir resumed>) = 0 [pid 5059] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5058] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 4998] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] setpgid(0, 0 [pid 5060] ioctl(4, LOOP_CLR_FD [pid 5059] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5058] <... openat resumed>) = 4 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... setpgid resumed>) = 0 [pid 5060] <... ioctl resumed>) = 0 [pid 5059] <... mmap resumed>) = 0x20000000 [pid 5058] ioctl(4, FS_IOC_GETVERSION [pid 4998] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5060] close(4 [pid 5059] exit_group(0 [pid 5058] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 4998] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5060] <... close resumed>) = 0 [pid 5059] <... exit_group resumed>) = ? [pid 5058] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 4998] fstat(3, [pid 5068] write(3, "1000", 4 [pid 5060] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 4998] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] <... write resumed>) = 4 [pid 5059] +++ exited with 0 +++ [pid 5058] <... mmap resumed>) = 0x20000000 [pid 5060] <... openat resumed>) = 4 [pid 4998] getdents64(3, [pid 5068] close(3 [pid 5060] ioctl(4, FS_IOC_GETVERSION [pid 5058] exit_group(0 [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5059, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 4998] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5068] <... close resumed>) = 0 [pid 5060] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5058] <... exit_group resumed>) = ? [pid 4998] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] symlink("/dev/binderfs", "./binderfs" [pid 5060] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... symlink resumed>) = 0 [pid 5058] +++ exited with 0 +++ [pid 4999] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] lstat("./4/binderfs", [pid 5068] memfd_create("syzkaller", 0 [pid 5060] <... mmap resumed>) = 0x20000000 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5058, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4998] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] <... memfd_create resumed>) = 3 [pid 5060] exit_group(0 [pid 4999] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4998] unlink("./4/binderfs" [pid 5068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5060] <... exit_group resumed>) = ? [pid 4999] <... openat resumed>) = 3 [ 72.979391][ T5060] REISERFS (device loop3): using 3.5.x disk format [ 72.986565][ T5060] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [pid 4998] <... unlink resumed>) = 0 [pid 5068] <... mmap resumed>) = 0x7fd82860d000 [pid 5067] <... write resumed>) = 4194304 [pid 5003] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] fstat(3, [pid 4998] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] munmap(0x7fd82860d000, 4194304 [pid 5060] +++ exited with 0 +++ [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] getdents64(3, [pid 5003] <... openat resumed>) = 3 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5067] <... munmap resumed>) = 0 [pid 5003] fstat(3, [pid 4999] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5067] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5060, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5067] <... openat resumed>) = 4 [pid 5003] getdents64(3, [pid 5001] restart_syscall(<... resuming interrupted clone ...> [pid 4999] lstat("./4/binderfs", [pid 5067] ioctl(4, LOOP_SET_FD, 3 [pid 5003] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] <... restart_syscall resumed>) = 0 [pid 4999] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] unlink("./4/binderfs" [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] <... unlink resumed>) = 0 [pid 5003] lstat("./4/binderfs", [pid 4999] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./4/binderfs") = 0 [pid 5003] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5067] <... ioctl resumed>) = 0 [pid 5001] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] close(3 [pid 5001] <... openat resumed>) = 3 [pid 5067] <... close resumed>) = 0 [pid 5001] fstat(3, [pid 5067] mkdir("./file0", 0777) = 0 [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5067] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5001] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5001] unlink("./4/binderfs") = 0 [ 73.059726][ T5067] loop2: detected capacity change from 0 to 8192 [pid 5001] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] <... umount2 resumed>) = 0 [pid 5001] <... umount2 resumed>) = 0 [pid 5001] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5001] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [ 73.098199][ T5067] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5001] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5001] close(4) = 0 [pid 5001] rmdir("./4/file0") = 0 [pid 5001] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5001] close(3 [pid 4999] <... umount2 resumed>) = 0 [pid 5001] <... close resumed>) = 0 [pid 5001] rmdir("./4") = 0 [pid 5001] mkdir("./5", 0777) = 0 [pid 4999] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... openat resumed>) = 3 [pid 5001] ioctl(3, LOOP_CLR_FD) = 0 [pid 5001] close(3) = 0 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5070 [pid 4999] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4999] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4999] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4999] close(4) = 0 [pid 4999] rmdir("./4/file0") = 0 [pid 4999] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] close(3) = 0 [pid 4999] rmdir("./4") = 0 [pid 4999] mkdir("./5", 0777) = 0 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 4999] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4999] close(3) = 0 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 73.165499][ T5067] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 73.175647][ T5067] REISERFS (device loop2): using ordered data mode [ 73.183137][ T5067] reiserfs: using flush barriers [ 73.189742][ T5067] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.206542][ T5067] REISERFS (device loop2): checking transaction log (loop2) [pid 4998] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5070 attached [pid 5070] chdir("./5") = 0 [pid 4999] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5071 [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... prctl resumed>) = 0 [pid 5070] setpgid(0, 0) = 0 [pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5070] write(3, "1000", 4) = 4 [pid 5070] close(3) = 0 [pid 5070] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4998] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5071 attached ) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] chdir("./5" [pid 5070] memfd_create("syzkaller", 0 [pid 4998] <... openat resumed>) = 4 [pid 5071] <... chdir resumed>) = 0 [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(4, [pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... memfd_create resumed>) = 3 [pid 5068] <... write resumed>) = 4194304 [pid 4998] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5071] <... prctl resumed>) = 0 [pid 5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] setpgid(0, 0 [pid 5070] <... mmap resumed>) = 0x7fd82860d000 [pid 5071] <... setpgid resumed>) = 0 [pid 5068] munmap(0x7fd82860d000, 4194304 [pid 5067] <... mount resumed>) = 0 [pid 4998] getdents64(4, [pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] <... munmap resumed>) = 0 [pid 5067] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4998] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5067] <... openat resumed>) = 3 [pid 4998] close(4 [pid 5071] write(3, "1000", 4 [pid 5068] <... openat resumed>) = 4 [pid 5067] chdir("./file0" [pid 5071] <... write resumed>) = 4 [pid 5068] ioctl(4, LOOP_SET_FD, 3 [pid 5067] <... chdir resumed>) = 0 [pid 4998] <... close resumed>) = 0 [pid 5071] close(3) = 0 [ 73.214835][ T5067] REISERFS (device loop2): Using r5 hash to sort names [ 73.225957][ T5067] REISERFS (device loop2): using 3.5.x disk format [ 73.246728][ T5067] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5071] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5071] memfd_create("syzkaller", 0) = 3 [pid 5071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5068] <... ioctl resumed>) = 0 [pid 5067] ioctl(4, LOOP_CLR_FD [pid 4998] rmdir("./4/file0" [pid 5068] close(3 [pid 5067] <... ioctl resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5067] close(4 [pid 4998] <... rmdir resumed>) = 0 [pid 5068] mkdir("./file0", 0777 [pid 5067] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 4998] getdents64(3, [pid 5067] <... openat resumed>) = 4 [pid 5068] <... mkdir resumed>) = 0 [pid 4998] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5068] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5067] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 4998] close(3 [pid 5067] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 4998] <... close resumed>) = 0 [pid 5067] <... mmap resumed>) = 0x20000000 [pid 4998] rmdir("./4" [pid 5067] exit_group(0 [pid 4998] <... rmdir resumed>) = 0 [pid 5067] <... exit_group resumed>) = ? [pid 4998] mkdir("./5", 0777 [pid 5067] +++ exited with 0 +++ [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5067, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 4998] <... mkdir resumed>) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5000] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] ioctl(3, LOOP_CLR_FD [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4998] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5000] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4998] close(3 [pid 5000] <... openat resumed>) = 3 [pid 4998] <... close resumed>) = 0 [pid 5000] fstat(3, [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(3, [pid 4998] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5073 [pid 5000] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 73.269843][ T5068] loop4: detected capacity change from 0 to 8192 [ 73.300429][ T5068] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5000] unlink("./5/binderfs" [pid 5070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5000] <... unlink resumed>) = 0 [pid 5003] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5073 attached [pid 5000] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] chdir("./5") = 0 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] setpgid(0, 0 [pid 5003] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... setpgid resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] lstat("./4/file0", [pid 5073] write(3, "1000", 4 [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... write resumed>) = 4 [pid 5003] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] close(3 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... close resumed>) = 0 [pid 5003] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] symlink("/dev/binderfs", "./binderfs" [pid 5003] <... openat resumed>) = 4 [pid 5073] <... symlink resumed>) = 0 [pid 5003] fstat(4, [pid 5073] memfd_create("syzkaller", 0 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... memfd_create resumed>) = 3 [pid 5003] getdents64(4, [pid 5073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5003] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5073] <... mmap resumed>) = 0x7fd82860d000 [pid 5003] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./4/file0") = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./4") = 0 [pid 5003] mkdir("./5", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5003] close(3) = 0 [ 73.338825][ T5068] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 73.348050][ T5068] REISERFS (device loop4): using ordered data mode [ 73.355092][ T5068] reiserfs: using flush barriers [ 73.362529][ T5068] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.379673][ T5068] REISERFS (device loop4): checking transaction log (loop4) [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5075 attached , child_tidptr=0x555555b7f5d0) = 5075 [pid 5075] chdir("./5") = 0 [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5075] setpgid(0, 0 [pid 5071] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5075] <... setpgid resumed>) = 0 [pid 5068] <... mount resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5068] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] write(3, "1000", 4 [pid 5068] <... openat resumed>) = 3 [pid 5075] <... write resumed>) = 4 [pid 5068] chdir("./file0" [pid 5075] close(3 [pid 5068] <... chdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5068] ioctl(4, LOOP_CLR_FD [pid 5075] symlink("/dev/binderfs", "./binderfs" [pid 5068] <... ioctl resumed>) = 0 [pid 5075] <... symlink resumed>) = 0 [pid 5068] close(4 [pid 5075] memfd_create("syzkaller", 0 [pid 5068] <... close resumed>) = 0 [pid 5075] <... memfd_create resumed>) = 3 [pid 5068] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... openat resumed>) = 4 [pid 5075] <... mmap resumed>) = 0x7fd82860d000 [pid 5068] ioctl(4, FS_IOC_GETVERSION [pid 5070] <... write resumed>) = 4194304 [pid 5068] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5070] munmap(0x7fd82860d000, 4194304 [ 73.390496][ T5068] REISERFS (device loop4): Using r5 hash to sort names [ 73.401146][ T5068] REISERFS (device loop4): using 3.5.x disk format [ 73.408085][ T5068] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5068] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5070] <... munmap resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5068] <... mmap resumed>) = 0x20000000 [pid 5070] <... openat resumed>) = 4 [pid 5070] ioctl(4, LOOP_SET_FD, 3 [pid 5068] exit_group(0) = ? [pid 5068] +++ exited with 0 +++ [pid 5070] <... ioctl resumed>) = 0 [pid 5070] close(3) = 0 [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5068, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5070] mkdir("./file0", 0777 [pid 5002] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... mkdir resumed>) = 0 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5002] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5002] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] unlink("./5/binderfs" [pid 5071] <... write resumed>) = 4194304 [pid 5002] <... unlink resumed>) = 0 [pid 5002] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] munmap(0x7fd82860d000, 4194304) = 0 [ 73.482347][ T5070] loop3: detected capacity change from 0 to 8192 [ 73.506592][ T5070] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5071] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5071] ioctl(4, LOOP_SET_FD, 3 [pid 5000] <... umount2 resumed>) = 0 [pid 5002] <... umount2 resumed>) = 0 [pid 5002] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5002] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] getdents64(4, [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... write resumed>) = 4194304 [pid 5071] <... ioctl resumed>) = 0 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] lstat("./5/file0", [pid 5002] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] munmap(0x7fd82860d000, 4194304 [pid 5071] close(3 [pid 5002] close(4 [pid 5000] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... munmap resumed>) = 0 [pid 5073] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5071] <... close resumed>) = 0 [pid 5002] <... close resumed>) = 0 [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] rmdir("./5/file0" [pid 5000] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5002] <... rmdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5071] mkdir("./file0", 0777 [pid 5002] getdents64(3, [pid 5000] <... openat resumed>) = 4 [pid 5075] <... openat resumed>) = 4 [pid 5071] <... mkdir resumed>) = 0 [pid 5002] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] fstat(4, [pid 5075] ioctl(4, LOOP_SET_FD, 3 [ 73.528320][ T5070] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 73.538954][ T5071] loop1: detected capacity change from 0 to 8192 [ 73.546316][ T5070] REISERFS (device loop3): using ordered data mode [ 73.554814][ T5070] reiserfs: using flush barriers [ 73.563624][ T5075] loop5: detected capacity change from 0 to 8192 [pid 5071] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5002] close(3 [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] <... close resumed>) = 0 [pid 5000] getdents64(4, [pid 5002] rmdir("./5" [pid 5000] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5075] <... ioctl resumed>) = 0 [pid 5002] <... rmdir resumed>) = 0 [pid 5000] getdents64(4, [pid 5075] close(3 [pid 5002] mkdir("./6", 0777 [pid 5000] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5002] <... mkdir resumed>) = 0 [pid 5000] close(4 [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5000] <... close resumed>) = 0 [pid 5000] rmdir("./5/file0") = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] close(3) = 0 [pid 5000] rmdir("./5") = 0 [pid 5000] mkdir("./6", 0777) = 0 [pid 5075] <... close resumed>) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] mkdir("./file0", 0777 [pid 5000] <... openat resumed>) = 3 [pid 5075] <... mkdir resumed>) = 0 [pid 5073] <... write resumed>) = 4194304 [pid 5002] <... openat resumed>) = 3 [pid 5000] ioctl(3, LOOP_CLR_FD [pid 5075] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5073] munmap(0x7fd82860d000, 4194304 [pid 5002] ioctl(3, LOOP_CLR_FD [pid 5000] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... munmap resumed>) = 0 [pid 5002] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 73.568991][ T5070] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.595954][ T5071] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.621510][ T5070] REISERFS (device loop3): checking transaction log (loop3) [ 73.629829][ T5070] REISERFS (device loop3): Using r5 hash to sort names [ 73.629983][ T5075] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.636708][ T5070] REISERFS (device loop3): using 3.5.x disk format [ 73.649834][ T5075] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 73.657056][ T5070] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 73.665520][ T5075] REISERFS (device loop5): using ordered data mode [pid 5000] close(3 [pid 5073] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5002] close(3 [pid 5000] <... close resumed>) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5002] <... close resumed>) = 0 [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5000] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5079 [pid 5002] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5080 [pid 5073] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5080 attached ./strace-static-x86_64: Process 5079 attached [pid 5080] chdir("./6" [pid 5079] chdir("./6" [pid 5080] <... chdir resumed>) = 0 [pid 5079] <... chdir resumed>) = 0 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... prctl resumed>) = 0 [pid 5079] <... prctl resumed>) = 0 [pid 5080] setpgid(0, 0 [pid 5079] setpgid(0, 0 [pid 5080] <... setpgid resumed>) = 0 [pid 5079] <... setpgid resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5080] write(3, "1000", 4 [pid 5079] write(3, "1000", 4 [pid 5080] <... write resumed>) = 4 [pid 5079] <... write resumed>) = 4 [pid 5080] close(3 [pid 5079] close(3 [pid 5080] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5080] symlink("/dev/binderfs", "./binderfs" [pid 5079] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... symlink resumed>) = 0 [pid 5079] <... symlink resumed>) = 0 [pid 5080] memfd_create("syzkaller", 0 [pid 5079] memfd_create("syzkaller", 0 [pid 5080] <... memfd_create resumed>) = 3 [pid 5079] <... memfd_create resumed>) = 3 [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... mmap resumed>) = 0x7fd82860d000 [pid 5079] <... mmap resumed>) = 0x7fd82860d000 [pid 5073] <... ioctl resumed>) = 0 [pid 5073] close(3) = 0 [ 73.681035][ T5075] reiserfs: using flush barriers [ 73.687208][ T5071] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 73.696687][ T5071] REISERFS (device loop1): using ordered data mode [ 73.703627][ T5073] loop0: detected capacity change from 0 to 8192 [ 73.710102][ T5075] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.727192][ T5071] reiserfs: using flush barriers [pid 5073] mkdir("./file0", 0777) = 0 [pid 5073] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5070] <... mount resumed>) = 0 [pid 5070] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5070] chdir("./file0") = 0 [pid 5070] ioctl(4, LOOP_CLR_FD) = 0 [ 73.733459][ T5071] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.750510][ T5075] REISERFS (device loop5): checking transaction log (loop5) [ 73.758774][ T5075] REISERFS (device loop5): Using r5 hash to sort names [ 73.765845][ T5075] REISERFS (device loop5): using 3.5.x disk format [pid 5070] close(4) = 0 [ 73.773471][ T5073] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 73.787335][ T5075] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 73.796761][ T5073] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 73.806029][ T5073] REISERFS (device loop0): using ordered data mode [ 73.812725][ T5073] reiserfs: using flush barriers [pid 5070] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5070] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5070] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5070] exit_group(0) = ? [pid 5070] +++ exited with 0 +++ [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5070, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5001] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... write resumed>) = 4194304 [pid 5075] <... mount resumed>) = 0 [pid 5001] <... openat resumed>) = 3 [ 73.818986][ T5073] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 73.819557][ T5071] REISERFS (device loop1): checking transaction log (loop1) [ 73.844528][ T5071] REISERFS (device loop1): Using r5 hash to sort names [ 73.844869][ T5073] REISERFS (device loop0): checking transaction log (loop0) [ 73.869386][ T5073] REISERFS (device loop0): Using r5 hash to sort names [ 73.876311][ T5073] REISERFS (device loop0): using 3.5.x disk format [pid 5001] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5001] unlink("./5/binderfs") = 0 [pid 5079] munmap(0x7fd82860d000, 4194304 [pid 5075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5001] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... munmap resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] chdir("./file0" [pid 5079] <... openat resumed>) = 4 [pid 5075] <... chdir resumed>) = 0 [pid 5079] ioctl(4, LOOP_SET_FD, 3 [pid 5075] ioctl(4, LOOP_CLR_FD [pid 5080] <... write resumed>) = 4194304 [pid 5075] <... ioctl resumed>) = 0 [pid 5071] <... mount resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5075] close(4 [pid 5071] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] munmap(0x7fd82860d000, 4194304 [pid 5079] close(3 [pid 5075] <... close resumed>) = 0 [pid 5073] <... mount resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5001] <... umount2 resumed>) = 0 [pid 5080] <... munmap resumed>) = 0 [pid 5075] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5073] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] chdir("./file0" [pid 5001] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5073] <... openat resumed>) = 3 [pid 5071] <... chdir resumed>) = 0 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... openat resumed>) = 4 [pid 5075] <... openat resumed>) = 4 [pid 5073] chdir("./file0" [pid 5071] ioctl(4, LOOP_CLR_FD [pid 5001] lstat("./5/file0", [ 73.882947][ T5071] REISERFS (device loop1): using 3.5.x disk format [ 73.890352][ T5071] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 73.894376][ T5079] loop2: detected capacity change from 0 to 8192 [ 73.924044][ T5073] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5080] ioctl(4, LOOP_SET_FD, 3 [pid 5075] ioctl(4, FS_IOC_GETVERSION [pid 5073] <... chdir resumed>) = 0 [pid 5071] <... ioctl resumed>) = 0 [pid 5001] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5075] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5073] ioctl(4, LOOP_CLR_FD [pid 5071] close(4 [pid 5001] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5073] <... ioctl resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] close(3 [pid 5073] close(4 [pid 5071] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5001] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... close resumed>) = 0 [pid 5079] mkdir("./file0", 0777 [pid 5075] <... mmap resumed>) = 0x20000000 [pid 5073] <... close resumed>) = 0 [pid 5071] <... openat resumed>) = 4 [pid 5001] <... openat resumed>) = 4 [pid 5080] mkdir("./file0", 0777 [pid 5073] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5071] ioctl(4, FS_IOC_GETVERSION [pid 5001] fstat(4, [pid 5075] exit_group(0 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5071] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5080] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5079] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5075] <... exit_group resumed>) = ? [pid 5073] ioctl(4, FS_IOC_GETVERSION [pid 5071] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5001] getdents64(4, [pid 5075] +++ exited with 0 +++ [pid 5073] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5071] <... mmap resumed>) = 0x20000000 [pid 5001] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5073] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5071] exit_group(0 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5001] getdents64(4, [pid 5073] <... mmap resumed>) = 0x20000000 [pid 5071] <... exit_group resumed>) = ? [pid 5001] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5073] exit_group(0 [pid 5071] +++ exited with 0 +++ [pid 5001] close(4 [pid 5073] <... exit_group resumed>) = ? [pid 5001] <... close resumed>) = 0 [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5071, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5073] +++ exited with 0 +++ [pid 5001] rmdir("./5/file0") = 0 [pid 5001] getdents64(3, [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=13 /* 0.13 s */} --- [pid 5001] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] close(3 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... close resumed>) = 0 [pid 5003] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5001] rmdir("./5" [pid 4999] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] <... openat resumed>) = 3 [pid 5001] <... rmdir resumed>) = 0 [pid 5001] mkdir("./6", 0777 [pid 4999] <... openat resumed>) = 3 [pid 5003] fstat(3, [pid 5001] <... mkdir resumed>) = 0 [pid 4999] fstat(3, [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5003] getdents64(3, [pid 5001] <... openat resumed>) = 3 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] ioctl(3, LOOP_CLR_FD [pid 5003] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] getdents64(3, [pid 4998] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] close(3 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... close resumed>) = 0 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./5/binderfs", [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 73.940484][ T5080] loop4: detected capacity change from 0 to 8192 [ 73.971982][ T5080] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4998] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] unlink("./5/binderfs" [pid 5001] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5084 [pid 4998] <... openat resumed>) = 3 [pid 5003] <... unlink resumed>) = 0 [pid 4998] fstat(3, [pid 5003] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4998] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5084 attached [pid 4999] unlink("./5/binderfs" [pid 4998] getdents64(3, [pid 4999] <... unlink resumed>) = 0 [pid 5084] chdir("./6" [pid 4998] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4999] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5084] <... chdir resumed>) = 0 [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5084] setpgid(0, 0) = 0 [pid 4998] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5084] <... openat resumed>) = 3 [pid 5084] write(3, "1000", 4) = 4 [pid 5084] close(3) = 0 [pid 5084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5084] memfd_create("syzkaller", 0) = 3 [pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 4998] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4998] unlink("./5/binderfs") = 0 [ 73.992787][ T5079] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.009964][ T5080] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 74.019823][ T5080] REISERFS (device loop4): using ordered data mode [ 74.026734][ T5080] reiserfs: using flush barriers [ 74.033018][ T5079] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [pid 4998] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 4998] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4998] close(4) = 0 [pid 4998] rmdir("./5/file0") = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] close(3) = 0 [pid 4998] rmdir("./5") = 0 [pid 4998] mkdir("./6", 0777) = 0 [ 74.033325][ T5080] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 4998] ioctl(3, LOOP_CLR_FD) = 0 [pid 4998] close(3) = 0 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 4998] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5085 ./strace-static-x86_64: Process 5085 attached [pid 5085] chdir("./6") = 0 [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5085] setpgid(0, 0) = 0 [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5085] write(3, "1000", 4) = 4 [pid 5085] close(3) = 0 [pid 5085] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5085] memfd_create("syzkaller", 0) = 3 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5003] <... umount2 resumed>) = 0 [pid 5003] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./5/file0") = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./5") = 0 [pid 4999] <... umount2 resumed>) = 0 [pid 5003] mkdir("./6", 0777 [ 74.133551][ T5079] REISERFS (device loop2): using ordered data mode [ 74.168972][ T5079] reiserfs: using flush barriers [pid 4999] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5084] <... write resumed>) = 4194304 [pid 5084] munmap(0x7fd82860d000, 4194304 [pid 5003] <... mkdir resumed>) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... openat resumed>) = 3 [pid 4999] lstat("./5/file0", [pid 5003] ioctl(3, LOOP_CLR_FD [pid 4999] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] close(3) = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5084] <... munmap resumed>) = 0 [pid 5084] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5084] ioctl(4, LOOP_SET_FD, 3 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4999] fstat(4, [pid 5003] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5086 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5086 attached [pid 4999] getdents64(4, [pid 5086] chdir("./6" [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5086] <... chdir resumed>) = 0 [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5084] <... ioctl resumed>) = 0 [pid 4999] close(4 [pid 5086] <... prctl resumed>) = 0 [pid 4999] <... close resumed>) = 0 [pid 5086] setpgid(0, 0 [pid 4999] rmdir("./5/file0" [pid 5086] <... setpgid resumed>) = 0 [pid 4999] <... rmdir resumed>) = 0 [ 74.176696][ T5079] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.200716][ T5079] REISERFS (device loop2): checking transaction log (loop2) [ 74.205327][ T5084] loop3: detected capacity change from 0 to 8192 [ 74.209723][ T5080] REISERFS (device loop4): checking transaction log (loop4) [pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4999] getdents64(3, [pid 5086] <... openat resumed>) = 3 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5086] write(3, "1000", 4 [pid 4999] close(3 [pid 5086] <... write resumed>) = 4 [pid 4999] <... close resumed>) = 0 [pid 5086] close(3 [pid 4999] rmdir("./5" [pid 5086] <... close resumed>) = 0 [pid 4999] <... rmdir resumed>) = 0 [pid 5086] symlink("/dev/binderfs", "./binderfs" [pid 4999] mkdir("./6", 0777 [pid 5086] <... symlink resumed>) = 0 [pid 4999] <... mkdir resumed>) = 0 [pid 5086] memfd_create("syzkaller", 0 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5086] <... memfd_create resumed>) = 3 [pid 4999] <... openat resumed>) = 3 [pid 5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4999] ioctl(3, LOOP_CLR_FD [pid 5086] <... mmap resumed>) = 0x7fd82860d000 [pid 5084] close(3 [pid 4999] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] close(3 [pid 5084] <... close resumed>) = 0 [pid 5079] <... mount resumed>) = 0 [pid 4999] <... close resumed>) = 0 [pid 5084] mkdir("./file0", 0777 [pid 5079] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5084] <... mkdir resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5084] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5079] chdir("./file0" [pid 4999] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5087 ./strace-static-x86_64: Process 5087 attached [pid 5085] <... write resumed>) = 4194304 [pid 5079] <... chdir resumed>) = 0 [ 74.229558][ T5079] REISERFS (device loop2): Using r5 hash to sort names [ 74.236466][ T5079] REISERFS (device loop2): using 3.5.x disk format [ 74.243623][ T5079] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 74.272550][ T5080] REISERFS (device loop4): Using r5 hash to sort names [pid 5087] chdir("./6" [pid 5085] munmap(0x7fd82860d000, 4194304 [pid 5079] ioctl(4, LOOP_CLR_FD [pid 5087] <... chdir resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5079] close(4 [pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... munmap resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5087] <... prctl resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... openat resumed>) = 4 [pid 5079] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5079] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5079] exit_group(0) = ? [pid 5079] +++ exited with 0 +++ [pid 5087] setpgid(0, 0 [pid 5085] <... openat resumed>) = 4 [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5000] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5000] fstat(3, [pid 5087] <... setpgid resumed>) = 0 [pid 5085] ioctl(4, LOOP_SET_FD, 3 [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... mount resumed>) = 0 [ 74.272803][ T5084] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.279660][ T5080] REISERFS (device loop4): using 3.5.x disk format [ 74.299494][ T5080] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 74.309849][ T5084] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 74.319255][ T5084] REISERFS (device loop3): using ordered data mode [ 74.325969][ T5084] reiserfs: using flush barriers [pid 5000] getdents64(3, [pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5000] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5080] <... openat resumed>) = 3 [pid 5000] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5087] <... openat resumed>) = 3 [pid 5085] <... ioctl resumed>) = 0 [pid 5080] chdir("./file0" [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] write(3, "1000", 4 [pid 5086] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5085] close(3 [pid 5080] <... chdir resumed>) = 0 [pid 5087] <... write resumed>) = 4 [pid 5085] <... close resumed>) = 0 [pid 5000] lstat("./6/binderfs", [pid 5087] close(3 [pid 5085] mkdir("./file0", 0777 [pid 5080] ioctl(4, LOOP_CLR_FD [pid 5000] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5087] <... close resumed>) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5000] unlink("./6/binderfs" [pid 5087] symlink("/dev/binderfs", "./binderfs" [pid 5085] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5087] <... symlink resumed>) = 0 [pid 5080] close(4 [pid 5000] <... unlink resumed>) = 0 [pid 5087] memfd_create("syzkaller", 0) = 3 [pid 5080] <... close resumed>) = 0 [pid 5087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5080] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5000] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 4 [pid 5080] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5080] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [ 74.332059][ T5085] loop0: detected capacity change from 0 to 8192 [ 74.340259][ T5084] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.369502][ T5084] REISERFS (device loop3): checking transaction log (loop3) [pid 5086] <... write resumed>) = 4194304 [pid 5080] exit_group(0 [pid 5086] munmap(0x7fd82860d000, 4194304 [pid 5080] <... exit_group resumed>) = ? [pid 5080] +++ exited with 0 +++ [pid 5086] <... munmap resumed>) = 0 [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 5086] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 74.378042][ T5085] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.392956][ T5084] REISERFS (device loop3): Using r5 hash to sort names [pid 5086] ioctl(4, LOOP_SET_FD, 3 [pid 5002] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5086] <... ioctl resumed>) = 0 [pid 5002] <... openat resumed>) = 3 [pid 5002] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] unlink("./6/binderfs") = 0 [pid 5002] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5086] close(3) = 0 [pid 5086] mkdir("./file0", 0777) = 0 [ 74.428858][ T5086] loop5: detected capacity change from 0 to 8192 [ 74.432061][ T5084] REISERFS (device loop3): using 3.5.x disk format [ 74.440550][ T5085] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [pid 5086] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5087] <... write resumed>) = 4194304 [pid 5087] munmap(0x7fd82860d000, 4194304) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5084] <... mount resumed>) = 0 [ 74.481255][ T5085] REISERFS (device loop0): using ordered data mode [ 74.487848][ T5085] reiserfs: using flush barriers [ 74.489697][ T5084] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 74.502911][ T5086] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5087] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5002] <... umount2 resumed>) = 0 [pid 5000] <... umount2 resumed>) = 0 [pid 5087] close(3 [pid 5084] <... openat resumed>) = 3 [pid 5002] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5087] <... close resumed>) = 0 [pid 5084] chdir("./file0" [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 74.521839][ T5085] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.521855][ T5087] loop1: detected capacity change from 0 to 8192 [ 74.524582][ T5086] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 74.541373][ T5085] REISERFS (device loop0): checking transaction log (loop0) [ 74.544888][ T5086] REISERFS (device loop5): using ordered data mode [ 74.556060][ T5085] REISERFS (device loop0): Using r5 hash to sort names [ 74.561294][ T5086] reiserfs: using flush barriers [pid 5087] mkdir("./file0", 0777 [pid 5084] <... chdir resumed>) = 0 [pid 5002] lstat("./6/file0", [pid 5000] lstat("./6/file0", [pid 5087] <... mkdir resumed>) = 0 [pid 5084] ioctl(4, LOOP_CLR_FD [pid 5002] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5087] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5084] <... ioctl resumed>) = 0 [pid 5002] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5084] close(4 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5084] <... close resumed>) = 0 [pid 5002] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5000] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5084] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5002] <... openat resumed>) = 4 [pid 5000] <... openat resumed>) = 4 [pid 5084] <... openat resumed>) = 4 [pid 5002] fstat(4, [pid 5000] fstat(4, [pid 5084] ioctl(4, FS_IOC_GETVERSION [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5084] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5002] getdents64(4, [pid 5000] getdents64(4, [pid 5084] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5084] <... mmap resumed>) = 0x20000000 [pid 5002] getdents64(4, [pid 5000] getdents64(4, [pid 5084] exit_group(0 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5084] <... exit_group resumed>) = ? [pid 5002] close(4 [pid 5000] close(4 [pid 5084] +++ exited with 0 +++ [pid 5002] <... close resumed>) = 0 [pid 5000] <... close resumed>) = 0 [pid 5002] rmdir("./6/file0" [pid 5000] rmdir("./6/file0" [pid 5002] <... rmdir resumed>) = 0 [pid 5000] <... rmdir resumed>) = 0 [pid 5002] getdents64(3, [pid 5000] getdents64(3, [pid 5085] <... mount resumed>) = 0 [pid 5002] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5002] close(3 [pid 5000] close(3 [pid 5002] <... close resumed>) = 0 [pid 5000] <... close resumed>) = 0 [pid 5002] rmdir("./6" [pid 5000] rmdir("./6" [pid 5002] <... rmdir resumed>) = 0 [pid 5000] <... rmdir resumed>) = 0 [pid 5002] mkdir("./7", 0777 [pid 5000] mkdir("./7", 0777 [pid 5002] <... mkdir resumed>) = 0 [pid 5000] <... mkdir resumed>) = 0 [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5002] <... openat resumed>) = 3 [pid 5000] <... openat resumed>) = 3 [pid 5002] ioctl(3, LOOP_CLR_FD [pid 5000] ioctl(3, LOOP_CLR_FD [pid 5002] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5000] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 74.569191][ T5085] REISERFS (device loop0): using 3.5.x disk format [ 74.587356][ T5085] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 74.597315][ T5087] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 74.598934][ T5086] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5002] close(3 [pid 5000] close(3 [pid 5085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5002] <... close resumed>) = 0 [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [pid 5000] <... close resumed>) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5002] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5092 [pid 5000] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5093 ./strace-static-x86_64: Process 5093 attached [pid 5085] <... openat resumed>) = 3 [pid 5001] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] chdir("./7" [pid 5085] chdir("./file0" [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... chdir resumed>) = 0 [pid 5085] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5092 attached [pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5092] chdir("./7" [pid 5093] setpgid(0, 0 [pid 5092] <... chdir resumed>) = 0 [pid 5093] <... setpgid resumed>) = 0 [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] ioctl(4, LOOP_CLR_FD [pid 5001] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... prctl resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5092] setpgid(0, 0 [pid 5093] write(3, "1000", 4 [pid 5092] <... setpgid resumed>) = 0 [ 74.627398][ T5086] REISERFS (device loop5): checking transaction log (loop5) [ 74.636858][ T5087] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 74.639189][ T5086] REISERFS (device loop5): Using r5 hash to sort names [ 74.646802][ T5087] REISERFS (device loop1): using ordered data mode [ 74.660357][ T5087] reiserfs: using flush barriers [ 74.666875][ T5086] REISERFS (device loop5): using 3.5.x disk format [pid 5093] <... write resumed>) = 4 [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] <... ioctl resumed>) = 0 [pid 5001] <... openat resumed>) = 3 [pid 5093] close(3 [pid 5092] <... openat resumed>) = 3 [pid 5085] close(4 [pid 5001] fstat(3, [pid 5093] <... close resumed>) = 0 [pid 5092] write(3, "1000", 4 [pid 5085] <... close resumed>) = 0 [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... write resumed>) = 4 [pid 5085] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5001] getdents64(3, [pid 5093] <... symlink resumed>) = 0 [pid 5092] close(3 [pid 5085] <... openat resumed>) = 4 [pid 5001] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5093] memfd_create("syzkaller", 0 [pid 5092] <... close resumed>) = 0 [pid 5085] ioctl(4, FS_IOC_GETVERSION [pid 5001] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... memfd_create resumed>) = 3 [pid 5092] symlink("/dev/binderfs", "./binderfs" [pid 5085] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] <... symlink resumed>) = 0 [pid 5087] <... mount resumed>) = 0 [pid 5085] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5001] lstat("./6/binderfs", [pid 5093] <... mmap resumed>) = 0x7fd82860d000 [pid 5092] memfd_create("syzkaller", 0 [pid 5085] <... mmap resumed>) = 0x20000000 [pid 5001] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5092] <... memfd_create resumed>) = 3 [pid 5087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... mount resumed>) = 0 [pid 5085] exit_group(0 [pid 5001] unlink("./6/binderfs" [pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... exit_group resumed>) = ? [pid 5001] <... unlink resumed>) = 0 [pid 5092] <... mmap resumed>) = 0x7fd82860d000 [pid 5087] chdir("./file0" [pid 5086] <... openat resumed>) = 3 [pid 5085] +++ exited with 0 +++ [pid 5001] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5087] <... chdir resumed>) = 0 [ 74.666907][ T5087] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 74.674240][ T5087] REISERFS (device loop1): checking transaction log (loop1) [ 74.698668][ T5087] REISERFS (device loop1): Using r5 hash to sort names [ 74.705877][ T5087] REISERFS (device loop1): using 3.5.x disk format [ 74.712880][ T5087] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 74.723096][ T5086] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5086] chdir("./file0" [pid 5087] ioctl(4, LOOP_CLR_FD [pid 5086] <... chdir resumed>) = 0 [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5087] <... ioctl resumed>) = 0 [pid 5086] ioctl(4, LOOP_CLR_FD [pid 4998] restart_syscall(<... resuming interrupted clone ...> [pid 5087] close(4 [pid 5086] <... ioctl resumed>) = 0 [pid 4998] <... restart_syscall resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5086] close(4 [pid 5087] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5086] <... close resumed>) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5086] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 4998] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5087] ioctl(4, FS_IOC_GETVERSION [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5086] <... openat resumed>) = 4 [pid 4998] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5087] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5086] ioctl(4, FS_IOC_GETVERSION [pid 4998] <... openat resumed>) = 3 [pid 5087] <... mmap resumed>) = 0x20000000 [pid 5086] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 4998] fstat(3, [pid 5087] exit_group(0 [pid 5086] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 4998] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5087] <... exit_group resumed>) = ? [pid 4998] getdents64(3, [pid 5087] +++ exited with 0 +++ [pid 5086] <... mmap resumed>) = 0x20000000 [pid 4998] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4998] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] exit_group(0 [pid 4999] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] lstat("./6/binderfs", [pid 5086] <... exit_group resumed>) = ? [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4998] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5086] +++ exited with 0 +++ [pid 4999] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4998] unlink("./6/binderfs" [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} --- [pid 4999] <... openat resumed>) = 3 [pid 4998] <... unlink resumed>) = 0 [pid 4999] fstat(3, [pid 4998] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4999] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] lstat("./6/binderfs", [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] unlink("./6/binderfs" [pid 5003] <... openat resumed>) = 3 [pid 4999] <... unlink resumed>) = 0 [pid 5003] fstat(3, [pid 4999] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./6/binderfs") = 0 [pid 5003] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] <... write resumed>) = 4194304 [pid 5093] munmap(0x7fd82860d000, 4194304 [pid 5001] <... umount2 resumed>) = 0 [pid 5093] <... munmap resumed>) = 0 [pid 5003] <... umount2 resumed>) = 0 [pid 4999] <... umount2 resumed>) = 0 [pid 5003] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5093] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] lstat("./6/file0", [pid 5093] <... openat resumed>) = 4 [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] ioctl(4, LOOP_SET_FD, 3 [pid 5003] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] lstat("./6/file0", [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./6/file0") = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./6") = 0 [pid 5003] mkdir("./7", 0777) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 4999] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] ioctl(3, LOOP_CLR_FD) = 0 [pid 4999] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] close(3 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... close resumed>) = 0 [pid 4999] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5094 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] <... openat resumed>) = 4 [pid 5001] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] fstat(4, [pid 5093] <... ioctl resumed>) = 0 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5093] close(3 [pid 5001] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5093] <... close resumed>) = 0 [pid 5001] <... openat resumed>) = 4 [pid 4999] getdents64(4, [pid 5093] mkdir("./file0", 0777 [pid 5001] fstat(4, [pid 4999] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(4, [pid 4999] getdents64(4, ./strace-static-x86_64: Process 5094 attached [pid 5001] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5094] chdir("./7" [pid 5093] <... mkdir resumed>) = 0 [pid 5001] getdents64(4, [pid 4999] close(4 [pid 5094] <... chdir resumed>) = 0 [pid 5001] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5001] close(4 [pid 4999] <... close resumed>) = 0 [pid 5094] <... prctl resumed>) = 0 [pid 5001] <... close resumed>) = 0 [pid 5094] setpgid(0, 0 [pid 5001] rmdir("./6/file0" [pid 4999] rmdir("./6/file0" [pid 5094] <... setpgid resumed>) = 0 [pid 5001] <... rmdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5001] getdents64(3, [pid 4999] <... rmdir resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5001] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] getdents64(3, [pid 5094] write(3, "1000", 4 [pid 5001] close(3 [pid 5094] <... write resumed>) = 4 [pid 5001] <... close resumed>) = 0 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5094] close(3 [pid 5001] rmdir("./6" [pid 5094] <... close resumed>) = 0 [pid 5001] <... rmdir resumed>) = 0 [pid 4999] close(3 [pid 5094] symlink("/dev/binderfs", "./binderfs" [pid 5001] mkdir("./7", 0777 [pid 5094] <... symlink resumed>) = 0 [pid 5001] <... mkdir resumed>) = 0 [pid 4999] <... close resumed>) = 0 [pid 5094] memfd_create("syzkaller", 0 [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4999] rmdir("./6" [pid 5094] <... memfd_create resumed>) = 3 [pid 5001] <... openat resumed>) = 3 [pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5001] ioctl(3, LOOP_CLR_FD [pid 5094] <... mmap resumed>) = 0x7fd82860d000 [pid 5001] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5001] close(3) = 0 [pid 4999] <... rmdir resumed>) = 0 [pid 4998] <... umount2 resumed>) = 0 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] mkdir("./7", 0777 [pid 5001] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5096 [pid 4999] <... mkdir resumed>) = 0 [pid 4998] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] ioctl(3, LOOP_CLR_FD [pid 4998] lstat("./6/file0", [pid 4999] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] close(3 [pid 4998] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] <... close resumed>) = 0 [pid 4998] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5096 attached [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5096] chdir("./7" [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5096] <... chdir resumed>) = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4998] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5097 [pid 4998] <... openat resumed>) = 4 [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 74.863691][ T5093] loop2: detected capacity change from 0 to 8192 [ 74.899171][ T5093] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5096] setpgid(0, 0 [pid 5092] <... write resumed>) = 4194304 [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, [pid 5096] <... setpgid resumed>) = 0 [pid 4998] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4998] close(4./strace-static-x86_64: Process 5097 attached [pid 5096] <... openat resumed>) = 3 [pid 4998] <... close resumed>) = 0 [pid 4998] rmdir("./6/file0" [pid 5096] write(3, "1000", 4) = 4 [pid 4998] <... rmdir resumed>) = 0 [pid 5096] close(3 [pid 4998] getdents64(3, [pid 5096] <... close resumed>) = 0 [pid 5096] symlink("/dev/binderfs", "./binderfs" [pid 4998] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5096] <... symlink resumed>) = 0 [pid 4998] close(3 [pid 5097] chdir("./7" [pid 5096] memfd_create("syzkaller", 0 [pid 5092] munmap(0x7fd82860d000, 4194304 [pid 4998] <... close resumed>) = 0 [pid 5097] <... chdir resumed>) = 0 [pid 5096] <... memfd_create resumed>) = 3 [pid 5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5092] <... munmap resumed>) = 0 [pid 4998] rmdir("./6" [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5097] <... prctl resumed>) = 0 [pid 5096] <... mmap resumed>) = 0x7fd82860d000 [pid 5092] <... openat resumed>) = 4 [pid 4998] <... rmdir resumed>) = 0 [pid 5097] setpgid(0, 0) = 0 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4998] mkdir("./7", 0777 [pid 5097] <... openat resumed>) = 3 [pid 5097] write(3, "1000", 4) = 4 [pid 5092] ioctl(4, LOOP_SET_FD, 3 [pid 5097] close(3 [pid 4998] <... mkdir resumed>) = 0 [pid 5097] <... close resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5097] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5097] memfd_create("syzkaller", 0) = 3 [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 4998] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 4998] close(3) = 0 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5098 [pid 5092] close(3) = 0 [pid 5092] mkdir("./file0", 0777) = 0 ./strace-static-x86_64: Process 5098 attached [pid 5098] chdir("./7") = 0 [pid 5094] <... write resumed>) = 4194304 [pid 5094] munmap(0x7fd82860d000, 4194304 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5094] <... munmap resumed>) = 0 [pid 5098] <... prctl resumed>) = 0 [ 74.971458][ T5092] loop4: detected capacity change from 0 to 8192 [ 74.971808][ T5093] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 74.987163][ T5093] REISERFS (device loop2): using ordered data mode [ 74.994010][ T5093] reiserfs: using flush barriers [ 75.000851][ T5093] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5094] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5098] setpgid(0, 0 [pid 5096] <... write resumed>) = 4194304 [pid 5094] <... openat resumed>) = 4 [pid 5098] <... setpgid resumed>) = 0 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5096] munmap(0x7fd82860d000, 4194304 [pid 5094] ioctl(4, LOOP_SET_FD, 3 [pid 5098] write(3, "1000", 4 [pid 5096] <... munmap resumed>) = 0 [pid 5096] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5096] ioctl(4, LOOP_SET_FD, 3 [pid 5098] <... write resumed>) = 4 [pid 5094] <... ioctl resumed>) = 0 [pid 5094] close(3) = 0 [ 75.060331][ T5093] REISERFS (device loop2): checking transaction log (loop2) [ 75.069588][ T5093] REISERFS (device loop2): Using r5 hash to sort names [ 75.077222][ T5094] loop5: detected capacity change from 0 to 8192 [ 75.077284][ T5092] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.089427][ T5096] loop3: detected capacity change from 0 to 8192 [pid 5098] close(3) = 0 [pid 5094] mkdir("./file0", 0777) = 0 [pid 5094] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5098] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5098] memfd_create("syzkaller", 0 [pid 5096] <... ioctl resumed>) = 0 [pid 5098] <... memfd_create resumed>) = 3 [pid 5096] close(3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5096] <... close resumed>) = 0 [pid 5098] <... mmap resumed>) = 0x7fd82860d000 [pid 5096] mkdir("./file0", 0777) = 0 [ 75.104735][ T5093] REISERFS (device loop2): using 3.5.x disk format [ 75.118985][ T5092] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 75.129020][ T5092] REISERFS (device loop4): using ordered data mode [ 75.136668][ T5092] reiserfs: using flush barriers [ 75.142466][ T5094] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5096] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5093] <... mount resumed>) = 0 [pid 5093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5093] chdir("./file0") = 0 [pid 5093] ioctl(4, LOOP_CLR_FD) = 0 [pid 5093] close(4) = 0 [pid 5093] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5093] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5093] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5093] exit_group(0) = ? [pid 5093] +++ exited with 0 +++ [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5000] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5000] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] unlink("./7/binderfs") = 0 [ 75.144435][ T5093] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 75.155761][ T5092] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5000] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5098] <... write resumed>) = 4194304 [pid 5098] munmap(0x7fd82860d000, 4194304 [pid 5097] <... write resumed>) = 4194304 [pid 5097] munmap(0x7fd82860d000, 4194304 [pid 5098] <... munmap resumed>) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5097] <... munmap resumed>) = 0 [pid 5097] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 75.215360][ T5096] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.230201][ T5096] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 75.237247][ T5094] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 75.240257][ T5096] REISERFS (device loop3): using ordered data mode [ 75.257612][ T5096] reiserfs: using flush barriers [pid 5097] ioctl(4, LOOP_SET_FD, 3 [pid 5098] <... openat resumed>) = 4 [pid 5097] <... ioctl resumed>) = 0 [pid 5097] close(3) = 0 [pid 5097] mkdir("./file0", 0777) = 0 [pid 5097] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5098] ioctl(4, LOOP_SET_FD, 3 [pid 5000] <... umount2 resumed>) = 0 [pid 5000] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5000] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] close(4) = 0 [pid 5000] rmdir("./7/file0") = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] close(3) = 0 [pid 5000] rmdir("./7") = 0 [pid 5000] mkdir("./8", 0777) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5000] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5000] close(3) = 0 [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5103 ./strace-static-x86_64: Process 5103 attached [pid 5103] chdir("./8") = 0 [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5103] setpgid(0, 0) = 0 [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5103] write(3, "1000", 4) = 4 [pid 5103] close(3) = 0 [pid 5103] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5103] memfd_create("syzkaller", 0) = 3 [pid 5103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5098] <... ioctl resumed>) = 0 [pid 5098] close(3) = 0 [pid 5098] mkdir("./file0", 0777) = 0 [ 75.262132][ T5097] loop1: detected capacity change from 0 to 8192 [ 75.264575][ T5092] REISERFS (device loop4): checking transaction log (loop4) [ 75.276737][ T5096] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.293244][ T5098] loop0: detected capacity change from 0 to 8192 [ 75.308869][ T5092] REISERFS (device loop4): Using r5 hash to sort names [ 75.318770][ T5092] REISERFS (device loop4): using 3.5.x disk format [ 75.325962][ T5097] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.326270][ T5092] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 75.340208][ T5097] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [pid 5098] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5092] <... mount resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5092] chdir("./file0") = 0 [pid 5092] ioctl(4, LOOP_CLR_FD) = 0 [pid 5092] close(4) = 0 [pid 5092] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5092] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5092] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5092] exit_group(0) = ? [pid 5092] +++ exited with 0 +++ [pid 5103] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [ 75.348204][ T5098] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.358225][ T5097] REISERFS (device loop1): using ordered data mode [ 75.371496][ T5098] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 75.378299][ T5097] reiserfs: using flush barriers [ 75.387432][ T5098] REISERFS (device loop0): using ordered data mode [ 75.398084][ T5094] REISERFS (device loop5): using ordered data mode [ 75.398654][ T5098] reiserfs: using flush barriers [ 75.410782][ T5096] REISERFS (device loop3): checking transaction log (loop3) [pid 5002] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5103] <... write resumed>) = 4194304 [ 75.429605][ T5094] reiserfs: using flush barriers [ 75.435180][ T5097] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.449434][ T5096] REISERFS (device loop3): Using r5 hash to sort names [ 75.451379][ T5098] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5103] munmap(0x7fd82860d000, 4194304 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5096] <... mount resumed>) = 0 [pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5103] <... munmap resumed>) = 0 [pid 5002] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5096] <... openat resumed>) = 3 [ 75.467075][ T5096] REISERFS (device loop3): using 3.5.x disk format [ 75.475266][ T5097] REISERFS (device loop1): checking transaction log (loop1) [ 75.482484][ T5094] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 75.488991][ T5098] REISERFS (device loop0): checking transaction log (loop0) [ 75.505385][ T5096] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 75.512672][ T5094] REISERFS (device loop5): checking transaction log (loop5) [pid 5103] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5096] chdir("./file0" [pid 5002] <... openat resumed>) = 3 [pid 5103] <... openat resumed>) = 4 [pid 5002] fstat(3, [pid 5103] ioctl(4, LOOP_SET_FD, 3 [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] unlink("./7/binderfs") = 0 [pid 5002] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5096] <... chdir resumed>) = 0 [pid 5096] ioctl(4, LOOP_CLR_FD) = 0 [pid 5096] close(4) = 0 [pid 5096] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5096] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5096] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5096] exit_group(0) = ? [pid 5096] +++ exited with 0 +++ [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5001] restart_syscall(<... resuming interrupted clone ...> [pid 5103] <... ioctl resumed>) = 0 [pid 5103] close(3) = 0 [pid 5103] mkdir("./file0", 0777 [pid 5001] <... restart_syscall resumed>) = 0 [pid 5001] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5001] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5001] unlink("./7/binderfs") = 0 [pid 5001] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5103] <... mkdir resumed>) = 0 [ 75.530696][ T5098] REISERFS (device loop0): Using r5 hash to sort names [ 75.531869][ T5103] loop2: detected capacity change from 0 to 8192 [ 75.537643][ T5098] REISERFS (device loop0): using 3.5.x disk format [ 75.550656][ T5097] REISERFS (device loop1): Using r5 hash to sort names [ 75.557543][ T5097] REISERFS (device loop1): using 3.5.x disk format [ 75.564448][ T5094] REISERFS (device loop5): Using r5 hash to sort names [ 75.572108][ T5094] REISERFS (device loop5): using 3.5.x disk format [pid 5103] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5098] <... mount resumed>) = 0 [pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5098] chdir("./file0") = 0 [pid 5098] ioctl(4, LOOP_CLR_FD) = 0 [pid 5098] close(4) = 0 [ 75.575924][ T5098] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 75.579672][ T5097] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 75.601540][ T5103] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 75.610793][ T5094] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5098] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5098] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5098] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5098] exit_group(0) = ? [pid 5098] +++ exited with 0 +++ [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 4998] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 4998] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4998] fstat(3, [pid 5001] <... umount2 resumed>) = 0 [pid 4998] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(3, [pid 5001] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4998] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] lstat("./7/file0", [pid 4998] lstat("./7/binderfs", [pid 5001] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5001] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] unlink("./7/binderfs" [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4998] <... unlink resumed>) = 0 [pid 4998] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... openat resumed>) = 4 [pid 5001] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5001] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5001] close(4) = 0 [pid 5001] rmdir("./7/file0") = 0 [pid 5001] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5001] close(3) = 0 [pid 5001] rmdir("./7") = 0 [pid 5001] mkdir("./8", 0777) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5001] ioctl(3, LOOP_CLR_FD) = 0 [pid 5001] close(3) = 0 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5106 ./strace-static-x86_64: Process 5106 attached [pid 4998] <... umount2 resumed>) = 0 [pid 4998] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5097] <... mount resumed>) = 0 [pid 5097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5097] chdir("./file0") = 0 [ 75.615808][ T5103] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 75.637938][ T5103] REISERFS (device loop2): using ordered data mode [ 75.656652][ T5103] reiserfs: using flush barriers [ 75.663195][ T5103] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5097] ioctl(4, LOOP_CLR_FD [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4998] close(4) = 0 [pid 4998] rmdir("./7/file0" [pid 5106] chdir("./8" [pid 5097] <... ioctl resumed>) = 0 [pid 5094] <... mount resumed>) = 0 [pid 5106] <... chdir resumed>) = 0 [pid 5097] close(4 [pid 5094] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4998] <... rmdir resumed>) = 0 [pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5097] <... close resumed>) = 0 [pid 5097] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5097] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5097] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5097] exit_group(0) = ? [pid 5106] <... prctl resumed>) = 0 [pid 5097] +++ exited with 0 +++ [pid 5094] <... openat resumed>) = 3 [pid 4998] getdents64(3, [pid 5094] chdir("./file0" [pid 5106] setpgid(0, 0 [pid 4998] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5106] <... setpgid resumed>) = 0 [pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4998] close(3 [pid 5106] <... openat resumed>) = 3 [pid 5103] <... mount resumed>) = 0 [pid 5094] <... chdir resumed>) = 0 [pid 5002] <... umount2 resumed>) = 0 [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 4998] <... close resumed>) = 0 [pid 5106] write(3, "1000", 4 [pid 5103] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5094] ioctl(4, LOOP_CLR_FD [pid 4998] rmdir("./7" [pid 5106] <... write resumed>) = 4 [pid 5103] <... openat resumed>) = 3 [pid 5094] <... ioctl resumed>) = 0 [pid 4998] <... rmdir resumed>) = 0 [pid 5106] close(3 [pid 5103] chdir("./file0" [pid 5094] close(4 [pid 4998] mkdir("./8", 0777 [pid 5106] <... close resumed>) = 0 [pid 5103] <... chdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 4998] <... mkdir resumed>) = 0 [pid 5106] symlink("/dev/binderfs", "./binderfs" [pid 5103] ioctl(4, LOOP_CLR_FD [pid 5094] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5106] <... symlink resumed>) = 0 [pid 5103] <... ioctl resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [ 75.684632][ T5103] REISERFS (device loop2): checking transaction log (loop2) [ 75.693712][ T5103] REISERFS (device loop2): Using r5 hash to sort names [ 75.708811][ T5103] REISERFS (device loop2): using 3.5.x disk format [ 75.716171][ T5103] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 4999] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] <... openat resumed>) = 3 [pid 5106] memfd_create("syzkaller", 0 [pid 5103] close(4 [pid 5094] ioctl(4, FS_IOC_GETVERSION [pid 5002] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4998] ioctl(3, LOOP_CLR_FD [pid 5106] <... memfd_create resumed>) = 3 [pid 5103] <... close resumed>) = 0 [pid 5094] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4998] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5103] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5094] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 4998] close(3 [pid 5106] <... mmap resumed>) = 0x7fd82860d000 [pid 5002] lstat("./7/file0", [pid 4999] <... openat resumed>) = 3 [pid 4998] <... close resumed>) = 0 [pid 5103] <... openat resumed>) = 4 [pid 5094] <... mmap resumed>) = 0x20000000 [pid 5002] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] fstat(3, [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5103] ioctl(4, FS_IOC_GETVERSION [pid 5094] exit_group(0 [pid 5002] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5103] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5094] <... exit_group resumed>) = ? [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] getdents64(3, [pid 4998] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5107 [pid 5103] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0./strace-static-x86_64: Process 5107 attached [pid 5094] +++ exited with 0 +++ [pid 5002] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5103] <... mmap resumed>) = 0x20000000 [pid 5003] restart_syscall(<... resuming interrupted clone ...> [pid 5103] exit_group(0 [pid 5003] <... restart_syscall resumed>) = 0 [pid 5002] <... openat resumed>) = 4 [pid 4999] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] chdir("./8" [pid 5103] <... exit_group resumed>) = ? [pid 5002] fstat(4, [pid 5107] <... chdir resumed>) = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5003] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... prctl resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] setpgid(0, 0 [pid 5103] +++ exited with 0 +++ [pid 5003] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] lstat("./7/binderfs", [pid 5107] <... setpgid resumed>) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5002] getdents64(4, [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5003] fstat(3, [pid 4999] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5107] <... openat resumed>) = 3 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] unlink("./7/binderfs" [pid 5107] write(3, "1000", 4 [pid 5003] getdents64(3, [pid 5002] getdents64(4, [pid 5000] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... write resumed>) = 4 [pid 5003] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] <... unlink resumed>) = 0 [pid 5107] close(3 [pid 5003] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] close(4 [pid 5000] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5107] <... close resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] <... close resumed>) = 0 [pid 5000] <... openat resumed>) = 3 [pid 4999] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] symlink("/dev/binderfs", "./binderfs" [pid 5003] lstat("./7/binderfs", [pid 5002] rmdir("./7/file0" [pid 5000] fstat(3, [pid 5107] <... symlink resumed>) = 0 [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5107] memfd_create("syzkaller", 0 [pid 5003] unlink("./7/binderfs" [pid 5002] <... rmdir resumed>) = 0 [pid 5000] getdents64(3, [pid 5107] <... memfd_create resumed>) = 3 [pid 5003] <... unlink resumed>) = 0 [pid 5002] getdents64(3, [pid 5000] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5003] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... mmap resumed>) = 0x7fd82860d000 [pid 5002] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] close(3 [pid 5000] lstat("./8/binderfs", [pid 5002] <... close resumed>) = 0 [pid 5000] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] rmdir("./7" [pid 5000] unlink("./8/binderfs" [pid 5002] <... rmdir resumed>) = 0 [pid 5000] <... unlink resumed>) = 0 [pid 5002] mkdir("./8", 0777 [pid 5000] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] <... mkdir resumed>) = 0 [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5000] <... umount2 resumed>) = 0 [pid 5002] <... openat resumed>) = 3 [pid 5002] ioctl(3, LOOP_CLR_FD [pid 5000] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] close(3 [pid 5000] lstat("./8/file0", [pid 5002] <... close resumed>) = 0 [pid 5000] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5000] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5002] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5108 [pid 5000] <... openat resumed>) = 4 [pid 5000] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] close(4) = 0 [pid 5000] rmdir("./8/file0") = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5000] close(3) = 0 [pid 5000] rmdir("./8") = 0 [pid 5000] mkdir("./9", 0777) = 0 ./strace-static-x86_64: Process 5108 attached [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5108] chdir("./8" [pid 5000] <... openat resumed>) = 3 [pid 5108] <... chdir resumed>) = 0 [pid 5000] ioctl(3, LOOP_CLR_FD) = 0 [pid 5000] close(3) = 0 [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5000] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5109 [pid 5108] setpgid(0, 0) = 0 [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5108] write(3, "1000", 4) = 4 [pid 5108] close(3./strace-static-x86_64: Process 5109 attached [pid 5109] chdir("./9" [pid 5108] <... close resumed>) = 0 [pid 5109] <... chdir resumed>) = 0 [pid 5108] symlink("/dev/binderfs", "./binderfs" [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5108] <... symlink resumed>) = 0 [pid 5109] setpgid(0, 0) = 0 [pid 5108] memfd_create("syzkaller", 0 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5108] <... memfd_create resumed>) = 3 [pid 5109] write(3, "1000", 4 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5109] <... write resumed>) = 4 [pid 5109] close(3) = 0 [pid 5109] symlink("/dev/binderfs", "./binderfs" [pid 5108] <... mmap resumed>) = 0x7fd82860d000 [pid 5003] <... umount2 resumed>) = 0 [pid 5109] <... symlink resumed>) = 0 [pid 5109] memfd_create("syzkaller", 0) = 3 [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5003] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, [pid 4999] <... umount2 resumed>) = 0 [pid 5003] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 4999] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] rmdir("./7/file0") = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] lstat("./7/file0", [pid 5003] close(3) = 0 [pid 5003] rmdir("./7" [pid 4999] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... rmdir resumed>) = 0 [pid 4999] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] mkdir("./8", 0777 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... mkdir resumed>) = 0 [pid 4999] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 4999] <... openat resumed>) = 4 [pid 5003] <... openat resumed>) = 3 [pid 4999] fstat(4, [pid 5003] ioctl(3, LOOP_CLR_FD [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] getdents64(4, [pid 5107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5003] close(3) = 0 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5110 ./strace-static-x86_64: Process 5110 attached [pid 5110] chdir("./8") = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5110] setpgid(0, 0) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4999] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4999] close(4) = 0 [pid 4999] rmdir("./7/file0" [pid 5110] <... openat resumed>) = 3 [pid 4999] <... rmdir resumed>) = 0 [pid 5110] write(3, "1000", 4 [pid 4999] getdents64(3, [pid 5110] <... write resumed>) = 4 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5110] close(3 [pid 4999] close(3 [pid 5110] <... close resumed>) = 0 [pid 4999] <... close resumed>) = 0 [pid 4999] rmdir("./7" [pid 5110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4999] <... rmdir resumed>) = 0 [pid 5110] memfd_create("syzkaller", 0 [pid 4999] mkdir("./8", 0777 [pid 5110] <... memfd_create resumed>) = 3 [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 4999] <... mkdir resumed>) = 0 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 4999] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4999] close(3) = 0 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5111 ./strace-static-x86_64: Process 5111 attached [pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5111] chdir("./8") = 0 [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5111] setpgid(0, 0 [pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5111] <... setpgid resumed>) = 0 [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5111] write(3, "1000", 4) = 4 [pid 5111] close(3) = 0 [pid 5111] symlink("/dev/binderfs", "./binderfs" [pid 5106] <... write resumed>) = 4194304 [pid 5111] <... symlink resumed>) = 0 [pid 5111] memfd_create("syzkaller", 0) = 3 [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5106] munmap(0x7fd82860d000, 4194304) = 0 [pid 5106] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5106] ioctl(4, LOOP_SET_FD, 3 [pid 5107] <... write resumed>) = 4194304 [pid 5107] munmap(0x7fd82860d000, 4194304) = 0 [pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5106] <... ioctl resumed>) = 0 [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5107] <... openat resumed>) = 4 [pid 5106] close(3 [pid 5107] ioctl(4, LOOP_SET_FD, 3 [pid 5106] <... close resumed>) = 0 [pid 5106] mkdir("./file0", 0777) = 0 [pid 5108] <... write resumed>) = 4194304 [pid 5106] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5107] <... ioctl resumed>) = 0 [ 76.042408][ T5106] loop3: detected capacity change from 0 to 8192 [ 76.074360][ T5107] loop0: detected capacity change from 0 to 8192 [pid 5111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5108] munmap(0x7fd82860d000, 4194304 [pid 5107] close(3 [pid 5108] <... munmap resumed>) = 0 [pid 5107] <... close resumed>) = 0 [pid 5107] mkdir("./file0", 0777 [pid 5108] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5107] <... mkdir resumed>) = 0 [pid 5108] ioctl(4, LOOP_SET_FD, 3 [pid 5107] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5109] <... write resumed>) = 4194304 [pid 5109] munmap(0x7fd82860d000, 4194304 [ 76.091859][ T5106] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.114023][ T5108] loop4: detected capacity change from 0 to 8192 [ 76.124046][ T5106] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [pid 5110] <... write resumed>) = 4194304 [pid 5111] <... write resumed>) = 4194304 [pid 5109] <... munmap resumed>) = 0 [pid 5108] <... ioctl resumed>) = 0 [pid 5111] munmap(0x7fd82860d000, 4194304 [pid 5110] munmap(0x7fd82860d000, 4194304 [pid 5109] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5108] close(3 [pid 5111] <... munmap resumed>) = 0 [pid 5110] <... munmap resumed>) = 0 [pid 5109] <... openat resumed>) = 4 [pid 5108] <... close resumed>) = 0 [pid 5111] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5110] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5109] ioctl(4, LOOP_SET_FD, 3 [ 76.134877][ T5107] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.146076][ T5106] REISERFS (device loop3): using ordered data mode [ 76.149629][ T5107] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 76.155180][ T5106] reiserfs: using flush barriers [ 76.165115][ T5107] REISERFS (device loop0): using ordered data mode [ 76.173562][ T5109] loop2: detected capacity change from 0 to 8192 [pid 5108] mkdir("./file0", 0777 [pid 5111] <... openat resumed>) = 4 [pid 5110] <... openat resumed>) = 4 [pid 5108] <... mkdir resumed>) = 0 [pid 5109] <... ioctl resumed>) = 0 [pid 5109] close(3) = 0 [pid 5109] mkdir("./file0", 0777) = 0 [pid 5109] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5111] ioctl(4, LOOP_SET_FD, 3 [pid 5110] ioctl(4, LOOP_SET_FD, 3 [ 76.176725][ T5106] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.184140][ T5107] reiserfs: using flush barriers [ 76.203415][ T5110] loop5: detected capacity change from 0 to 8192 [ 76.204194][ T5106] REISERFS (device loop3): checking transaction log (loop3) [ 76.209971][ T5107] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.218106][ T5111] loop1: detected capacity change from 0 to 8192 [pid 5108] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5111] <... ioctl resumed>) = 0 [pid 5111] close(3) = 0 [pid 5111] mkdir("./file0", 0777) = 0 [pid 5111] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5110] <... ioctl resumed>) = 0 [pid 5110] close(3) = 0 [pid 5110] mkdir("./file0", 0777) = 0 [ 76.234269][ T5109] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.253772][ T5106] REISERFS (device loop3): Using r5 hash to sort names [ 76.261143][ T5107] REISERFS (device loop0): checking transaction log (loop0) [ 76.268635][ T5109] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 76.269504][ T5107] REISERFS (device loop0): Using r5 hash to sort names [ 76.278128][ T5109] REISERFS (device loop2): using ordered data mode [pid 5110] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5107] <... mount resumed>) = 0 [ 76.285439][ T5106] REISERFS (device loop3): using 3.5.x disk format [ 76.299067][ T5107] REISERFS (device loop0): using 3.5.x disk format [ 76.299110][ T5110] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.305836][ T5107] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 76.328362][ T5108] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5107] chdir("./file0") = 0 [pid 5107] ioctl(4, LOOP_CLR_FD) = 0 [pid 5107] close(4) = 0 [pid 5107] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5107] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5107] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5107] exit_group(0) = ? [pid 5107] +++ exited with 0 +++ [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 4998] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4998] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4998] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4998] unlink("./8/binderfs") = 0 [ 76.328855][ T5106] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 76.343036][ T5111] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.350713][ T5109] reiserfs: using flush barriers [ 76.378938][ T5110] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 76.388161][ T5109] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.400786][ T5108] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 76.404886][ T5110] REISERFS (device loop5): using ordered data mode [ 76.420647][ T5109] REISERFS (device loop2): checking transaction log (loop2) [ 76.428101][ T5110] reiserfs: using flush barriers [ 76.434382][ T5111] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [pid 4998] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5106] <... mount resumed>) = 0 [pid 5106] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5106] chdir("./file0") = 0 [pid 5106] ioctl(4, LOOP_CLR_FD) = 0 [pid 5106] close(4) = 0 [pid 5106] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5106] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5106] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5106] exit_group(0) = ? [ 76.443766][ T5110] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.460849][ T5109] REISERFS (device loop2): Using r5 hash to sort names [ 76.467751][ T5109] REISERFS (device loop2): using 3.5.x disk format [ 76.475484][ T5109] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 76.484886][ T5111] REISERFS (device loop1): using ordered data mode [pid 5106] +++ exited with 0 +++ [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=18 /* 0.18 s */} --- [pid 5001] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5001] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5001] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5001] unlink("./8/binderfs") = 0 [pid 5001] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] <... mount resumed>) = 0 [pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4998] <... umount2 resumed>) = 0 [pid 4998] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4998] close(4) = 0 [pid 4998] rmdir("./8/file0") = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] close(3) = 0 [pid 4998] rmdir("./8") = 0 [pid 4998] mkdir("./9", 0777) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 4998] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4998] close(3 [pid 5109] <... openat resumed>) = 3 [pid 4998] <... close resumed>) = 0 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5118 ./strace-static-x86_64: Process 5118 attached [pid 5118] chdir("./9") = 0 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5118] setpgid(0, 0) = 0 [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5118] write(3, "1000", 4) = 4 [pid 5118] close(3) = 0 [ 76.491932][ T5110] REISERFS (device loop5): checking transaction log (loop5) [ 76.499503][ T5111] reiserfs: using flush barriers [ 76.506643][ T5111] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.524196][ T5108] REISERFS (device loop4): using ordered data mode [ 76.530987][ T5108] reiserfs: using flush barriers [ 76.537100][ T5111] REISERFS (device loop1): checking transaction log (loop1) [pid 5118] symlink("/dev/binderfs", "./binderfs" [pid 5109] chdir("./file0" [pid 5118] <... symlink resumed>) = 0 [pid 5118] memfd_create("syzkaller", 0 [pid 5109] <... chdir resumed>) = 0 [pid 5118] <... memfd_create resumed>) = 3 [pid 5109] ioctl(4, LOOP_CLR_FD [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5109] <... ioctl resumed>) = 0 [pid 5109] close(4) = 0 [pid 5109] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5109] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [ 76.546841][ T5110] REISERFS (device loop5): Using r5 hash to sort names [ 76.546915][ T5108] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.560350][ T5110] REISERFS (device loop5): using 3.5.x disk format [ 76.577191][ T5111] REISERFS (device loop1): Using r5 hash to sort names [ 76.585595][ T5110] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [pid 5109] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5109] exit_group(0) = ? [pid 5109] +++ exited with 0 +++ [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5000] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5000] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5000] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] unlink("./9/binderfs") = 0 [pid 5000] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] <... mount resumed>) = 0 [pid 5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5110] chdir("./file0") = 0 [pid 5110] ioctl(4, LOOP_CLR_FD) = 0 [pid 5110] close(4) = 0 [pid 5110] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5110] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5110] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5110] exit_group(0) = ? [pid 5110] +++ exited with 0 +++ [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5003] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./8/binderfs") = 0 [ 76.597694][ T5111] REISERFS (device loop1): using 3.5.x disk format [ 76.623054][ T5111] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [pid 5003] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5003] <... umount2 resumed>) = 0 [pid 5003] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] <... mount resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... umount2 resumed>) = 0 [pid 5003] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5003] <... openat resumed>) = 4 [pid 5001] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5003] close(4 [pid 5111] <... openat resumed>) = 3 [pid 5003] <... close resumed>) = 0 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] rmdir("./8/file0" [pid 5111] chdir("./file0" [pid 5003] <... rmdir resumed>) = 0 [pid 5001] lstat("./8/file0", [pid 5003] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./8") = 0 [pid 5003] mkdir("./9", 0777 [pid 5111] <... chdir resumed>) = 0 [pid 5003] <... mkdir resumed>) = 0 [pid 5001] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5111] ioctl(4, LOOP_CLR_FD [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5001] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] <... ioctl resumed>) = 0 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5111] close(4 [pid 5001] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5111] <... close resumed>) = 0 [pid 5003] close(3) = 0 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5119 ./strace-static-x86_64: Process 5119 attached [pid 5119] chdir("./9") = 0 [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5119] setpgid(0, 0) = 0 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5119] write(3, "1000", 4) = 4 [pid 5119] close(3) = 0 [pid 5119] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5119] memfd_create("syzkaller", 0) = 3 [pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5001] <... openat resumed>) = 4 [pid 5111] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5001] fstat(4, [pid 5111] <... openat resumed>) = 4 [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] getdents64(4, [pid 5111] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5001] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5111] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5001] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5111] <... mmap resumed>) = 0x20000000 [pid 5001] close(4) = 0 [pid 5111] exit_group(0 [pid 5001] rmdir("./8/file0" [pid 5000] <... umount2 resumed>) = 0 [pid 5000] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] <... exit_group resumed>) = ? [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./9/file0", [pid 5001] <... rmdir resumed>) = 0 [pid 5000] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5111] +++ exited with 0 +++ [pid 5001] getdents64(3, [pid 5000] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [ 76.695171][ T5108] REISERFS (device loop4): checking transaction log (loop4) [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5001] close(3 [pid 5000] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5001] <... close resumed>) = 0 [pid 5000] <... openat resumed>) = 4 [pid 5000] fstat(4, [pid 4999] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] getdents64(4, [pid 4999] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5001] rmdir("./8" [pid 5000] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] <... openat resumed>) = 3 [pid 5000] getdents64(4, [pid 4999] fstat(3, [pid 5000] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] close(4 [pid 4999] getdents64(3, [pid 5000] <... close resumed>) = 0 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] rmdir("./9/file0" [pid 4999] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... rmdir resumed>) = 0 [pid 5000] <... rmdir resumed>) = 0 [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] getdents64(3, [pid 4999] lstat("./8/binderfs", [pid 5000] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] close(3 [pid 4999] unlink("./8/binderfs" [pid 5001] mkdir("./9", 0777 [pid 5000] <... close resumed>) = 0 [pid 4999] <... unlink resumed>) = 0 [pid 5000] rmdir("./9" [pid 4999] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] <... rmdir resumed>) = 0 [pid 5000] mkdir("./10", 0777) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5000] ioctl(3, LOOP_CLR_FD [pid 5001] <... mkdir resumed>) = 0 [pid 5000] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5000] close(3) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] <... openat resumed>) = 3 [pid 5000] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5120 [pid 5001] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5001] close(3) = 0 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5121 ./strace-static-x86_64: Process 5121 attached ./strace-static-x86_64: Process 5120 attached [pid 5121] chdir("./9" [pid 5120] chdir("./10" [pid 5121] <... chdir resumed>) = 0 [pid 5120] <... chdir resumed>) = 0 [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5121] <... prctl resumed>) = 0 [pid 5121] setpgid(0, 0 [pid 5120] <... prctl resumed>) = 0 [pid 5121] <... setpgid resumed>) = 0 [pid 5120] setpgid(0, 0 [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5120] <... setpgid resumed>) = 0 [pid 5121] <... openat resumed>) = 3 [pid 5121] write(3, "1000", 4 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5121] <... write resumed>) = 4 [pid 5121] close(3 [pid 5120] <... openat resumed>) = 3 [pid 5121] <... close resumed>) = 0 [pid 5120] write(3, "1000", 4 [pid 5121] symlink("/dev/binderfs", "./binderfs") = 0 [ 76.739403][ T5108] REISERFS (device loop4): Using r5 hash to sort names [ 76.746320][ T5108] REISERFS (device loop4): using 3.5.x disk format [pid 5120] <... write resumed>) = 4 [pid 5121] memfd_create("syzkaller", 0 [pid 5120] close(3 [pid 5121] <... memfd_create resumed>) = 3 [pid 5120] <... close resumed>) = 0 [pid 5120] symlink("/dev/binderfs", "./binderfs" [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5118] <... write resumed>) = 4194304 [pid 5120] <... symlink resumed>) = 0 [pid 5121] <... mmap resumed>) = 0x7fd82860d000 [pid 5120] memfd_create("syzkaller", 0 [pid 5118] munmap(0x7fd82860d000, 4194304 [pid 5120] <... memfd_create resumed>) = 3 [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5118] <... munmap resumed>) = 0 [pid 5120] <... mmap resumed>) = 0x7fd82860d000 [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5118] ioctl(4, LOOP_SET_FD, 3 [pid 5119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5118] <... ioctl resumed>) = 0 [pid 5118] close(3) = 0 [pid 5118] mkdir("./file0", 0777) = 0 [pid 4999] <... umount2 resumed>) = 0 [pid 5118] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5108] <... mount resumed>) = 0 [pid 5108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5108] chdir("./file0") = 0 [pid 4999] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5108] ioctl(4, LOOP_CLR_FD [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5108] <... ioctl resumed>) = 0 [pid 4999] lstat("./8/file0", [pid 5108] close(4) = 0 [pid 4999] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5108] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 4999] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5108] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5108] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 4999] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5108] exit_group(0) = ? [pid 4999] <... openat resumed>) = 4 [ 76.805314][ T5108] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 76.820968][ T5118] loop0: detected capacity change from 0 to 8192 [pid 4999] fstat(4, [pid 5108] +++ exited with 0 +++ [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] getdents64(4, [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5002] restart_syscall(<... resuming interrupted clone ...> [pid 4999] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4999] close(4) = 0 [pid 4999] rmdir("./8/file0" [pid 5002] <... restart_syscall resumed>) = 0 [pid 4999] <... rmdir resumed>) = 0 [pid 4999] getdents64(3, [pid 5002] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] close(3 [pid 5002] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] <... close resumed>) = 0 [pid 5002] <... openat resumed>) = 3 [pid 4999] rmdir("./8" [pid 5002] fstat(3, [pid 4999] <... rmdir resumed>) = 0 [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] mkdir("./9", 0777 [pid 5002] getdents64(3, [pid 4999] <... mkdir resumed>) = 0 [pid 5002] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5002] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... openat resumed>) = 3 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] ioctl(3, LOOP_CLR_FD [pid 5002] lstat("./8/binderfs", [pid 4999] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5002] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4999] close(3) = 0 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5123 ./strace-static-x86_64: Process 5123 attached [pid 5123] chdir("./9") = 0 [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5123] setpgid(0, 0) = 0 [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5002] unlink("./8/binderfs" [pid 5123] write(3, "1000", 4 [pid 5002] <... unlink resumed>) = 0 [pid 5123] <... write resumed>) = 4 [pid 5123] close(3) = 0 [pid 5123] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5123] memfd_create("syzkaller", 0) = 3 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [ 76.881663][ T5118] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5002] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5119] <... write resumed>) = 4194304 [pid 5119] munmap(0x7fd82860d000, 4194304 [pid 5121] <... write resumed>) = 4194304 [pid 5119] <... munmap resumed>) = 0 [pid 5119] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5119] ioctl(4, LOOP_SET_FD, 3 [pid 5121] munmap(0x7fd82860d000, 4194304) = 0 [pid 5121] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5121] ioctl(4, LOOP_SET_FD, 3 [pid 5119] <... ioctl resumed>) = 0 [pid 5120] <... write resumed>) = 4194304 [ 76.955622][ T5118] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 76.971000][ T5119] loop5: detected capacity change from 0 to 8192 [ 76.978121][ T5121] loop3: detected capacity change from 0 to 8192 [ 76.980436][ T5118] REISERFS (device loop0): using ordered data mode [ 76.991486][ T5118] reiserfs: using flush barriers [pid 5120] munmap(0x7fd82860d000, 4194304 [pid 5119] close(3 [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5121] <... ioctl resumed>) = 0 [pid 5121] close(3 [pid 5120] <... munmap resumed>) = 0 [pid 5119] <... close resumed>) = 0 [pid 5121] <... close resumed>) = 0 [pid 5120] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5119] mkdir("./file0", 0777 [pid 5121] mkdir("./file0", 0777 [pid 5120] <... openat resumed>) = 4 [pid 5119] <... mkdir resumed>) = 0 [pid 5120] ioctl(4, LOOP_SET_FD, 3 [pid 5119] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5121] <... mkdir resumed>) = 0 [pid 5121] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5120] <... ioctl resumed>) = 0 [ 76.997888][ T5118] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.016137][ T5118] REISERFS (device loop0): checking transaction log (loop0) [ 77.025728][ T5120] loop2: detected capacity change from 0 to 8192 [ 77.026926][ T5118] REISERFS (device loop0): Using r5 hash to sort names [ 77.040666][ T5118] REISERFS (device loop0): using 3.5.x disk format [pid 5123] <... write resumed>) = 4194304 [pid 5120] close(3 [pid 5118] <... mount resumed>) = 0 [pid 5002] <... umount2 resumed>) = 0 [pid 5123] munmap(0x7fd82860d000, 4194304 [pid 5120] <... close resumed>) = 0 [pid 5002] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] <... munmap resumed>) = 0 [pid 5120] mkdir("./file0", 0777 [pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5120] <... mkdir resumed>) = 0 [pid 5002] lstat("./8/file0", [pid 5123] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5120] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5002] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5123] <... openat resumed>) = 4 [pid 5002] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] ioctl(4, LOOP_SET_FD, 3 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5118] <... openat resumed>) = 3 [pid 5002] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5002] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5002] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5002] close(4) = 0 [pid 5002] rmdir("./8/file0") = 0 [pid 5002] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5002] close(3) = 0 [ 77.048176][ T5119] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.060851][ T5118] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 77.071548][ T5119] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 77.076252][ T5123] loop1: detected capacity change from 0 to 8192 [ 77.081453][ T5119] REISERFS (device loop5): using ordered data mode [ 77.090269][ T5121] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5118] chdir("./file0" [pid 5002] rmdir("./8") = 0 [pid 5002] mkdir("./9", 0777) = 0 [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5002] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5002] close(3) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5127 [pid 5123] <... ioctl resumed>) = 0 [pid 5118] <... chdir resumed>) = 0 [pid 5123] close(3) = 0 [pid 5123] mkdir("./file0", 0777) = 0 [pid 5123] mount("/dev/loop1", "./file0", "reiserfs", 0, ""./strace-static-x86_64: Process 5127 attached [pid 5127] chdir("./9") = 0 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5127] setpgid(0, 0) = 0 [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5127] write(3, "1000", 4) = 4 [pid 5127] close(3) = 0 [pid 5127] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5118] ioctl(4, LOOP_CLR_FD [pid 5127] memfd_create("syzkaller", 0) = 3 [pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5118] <... ioctl resumed>) = 0 [ 77.094019][ T5119] reiserfs: using flush barriers [ 77.123276][ T5120] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.137098][ T5123] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5118] close(4) = 0 [pid 5118] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5118] ioctl(4, FS_IOC_GETVERSION, 0) = -1 EFAULT (Bad address) [pid 5118] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5118] exit_group(0) = ? [pid 5118] +++ exited with 0 +++ [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 4998] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4998] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4998] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 77.149426][ T5121] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 77.158163][ T5119] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.159489][ T5121] REISERFS (device loop3): using ordered data mode [ 77.182433][ T5121] reiserfs: using flush barriers [ 77.188896][ T5120] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [pid 4998] unlink("./9/binderfs") = 0 [pid 4998] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 77.196701][ T5121] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 77.198969][ T5120] REISERFS (device loop2): using ordered data mode [ 77.221011][ T5120] reiserfs: using flush barriers [ 77.226836][ T5123] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 77.237493][ T5120] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [ 77.242376][ T5123] REISERFS (device loop1): using ordered data mode [ 77.255917][ T5119] REISERFS (device loop5): checking transaction log (loop5) [ 77.275646][ T5123] reiserfs: using flush barriers [ 77.281762][ T5121] REISERFS (device loop3): checking transaction log (loop3) [ 77.290076][ T5123] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5127] munmap(0x7fd82860d000, 4194304) = 0 [pid 5127] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 77.306938][ T5123] REISERFS (device loop1): checking transaction log (loop1) [ 77.316893][ T5119] REISERFS (device loop5): Using r5 hash to sort names [ 77.317429][ T5123] REISERFS (device loop1): Using r5 hash to sort names [ 77.331428][ T5123] REISERFS (device loop1): using 3.5.x disk format [ 77.339021][ T5120] REISERFS (device loop2): checking transaction log (loop2) [ 77.339082][ T5121] REISERFS (device loop3): Using r5 hash to sort names [pid 5127] ioctl(4, LOOP_SET_FD, 3 [pid 4998] <... umount2 resumed>) = 0 [pid 5127] <... ioctl resumed>) = 0 [pid 4998] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5127] close(3) = 0 [pid 5123] <... mount resumed>) = 0 [pid 4998] close(4) = 0 [pid 4998] rmdir("./9/file0") = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] close(3) = 0 [pid 4998] rmdir("./9") = 0 [pid 4998] mkdir("./10", 0777 [pid 5127] mkdir("./file0", 0777 [pid 5123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4998] <... mkdir resumed>) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 4998] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 77.347057][ T5123] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 77.358552][ T5119] REISERFS (device loop5): using 3.5.x disk format [ 77.362981][ T5127] loop4: detected capacity change from 0 to 8192 [ 77.376235][ T5120] REISERFS (device loop2): Using r5 hash to sort names [ 77.383548][ T5120] REISERFS (device loop2): using 3.5.x disk format [ 77.391451][ T5121] REISERFS (device loop3): using 3.5.x disk format [pid 4998] close(3 [pid 5127] <... mkdir resumed>) = 0 [pid 5123] <... openat resumed>) = 3 [pid 4998] <... close resumed>) = 0 [pid 5127] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5123] chdir("./file0" [pid 5121] <... mount resumed>) = 0 [pid 5120] <... mount resumed>) = 0 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5123] <... chdir resumed>) = 0 [pid 5121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5123] ioctl(4, LOOP_CLR_FD [pid 5121] <... openat resumed>) = 3 [pid 5120] <... openat resumed>) = 3 [pid 5123] <... ioctl resumed>) = 0 [pid 5121] chdir("./file0" [pid 5120] chdir("./file0" [pid 5123] close(4 [pid 5121] <... chdir resumed>) = 0 [pid 5120] <... chdir resumed>) = 0 [pid 5123] <... close resumed>) = 0 [pid 5121] ioctl(4, LOOP_CLR_FD [pid 5120] ioctl(4, LOOP_CLR_FD [pid 5123] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5121] <... ioctl resumed>) = 0 [pid 5120] <... ioctl resumed>) = 0 [pid 5123] <... openat resumed>) = 4 [pid 5121] close(4 [pid 5120] close(4 [pid 5123] ioctl(4, FS_IOC_GETVERSION [pid 5121] <... close resumed>) = 0 [pid 5120] <... close resumed>) = 0 [pid 5123] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5121] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5120] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 5130 attached [pid 5123] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5121] <... openat resumed>) = 4 [pid 5120] <... openat resumed>) = 4 [pid 5119] <... mount resumed>) = 0 [pid 4998] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5130 [pid 5130] chdir("./10" [pid 5123] <... mmap resumed>) = 0x20000000 [pid 5121] ioctl(4, FS_IOC_GETVERSION [pid 5120] ioctl(4, FS_IOC_GETVERSION [pid 5130] <... chdir resumed>) = 0 [pid 5123] exit_group(0 [pid 5121] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5120] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5123] <... exit_group resumed>) = ? [pid 5121] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [ 77.399393][ T5120] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 77.410189][ T5121] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 77.417208][ T5119] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 77.432393][ T5127] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5120] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5119] <... openat resumed>) = 3 [pid 5130] <... prctl resumed>) = 0 [pid 5123] +++ exited with 0 +++ [pid 5121] <... mmap resumed>) = 0x20000000 [pid 5120] <... mmap resumed>) = 0x20000000 [pid 5121] exit_group(0 [pid 5120] exit_group(0 [pid 5121] <... exit_group resumed>) = ? [pid 5120] <... exit_group resumed>) = ? [pid 5121] +++ exited with 0 +++ [pid 5120] +++ exited with 0 +++ [pid 5130] setpgid(0, 0 [pid 5119] chdir("./file0" [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5130] <... setpgid resumed>) = 0 [pid 5119] <... chdir resumed>) = 0 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5119] ioctl(4, LOOP_CLR_FD [pid 5130] <... openat resumed>) = 3 [pid 5119] <... ioctl resumed>) = 0 [pid 5130] write(3, "1000", 4 [pid 5119] close(4 [pid 5130] <... write resumed>) = 4 [pid 5119] <... close resumed>) = 0 [pid 5130] close(3 [pid 5119] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5001] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5130] <... close resumed>) = 0 [pid 5119] <... openat resumed>) = 4 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5130] symlink("/dev/binderfs", "./binderfs" [pid 5119] ioctl(4, FS_IOC_GETVERSION [pid 5001] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5000] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5130] <... symlink resumed>) = 0 [pid 5119] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5001] <... openat resumed>) = 3 [pid 5000] <... openat resumed>) = 3 [pid 4999] <... openat resumed>) = 3 [pid 5130] memfd_create("syzkaller", 0 [pid 5119] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5001] fstat(3, [pid 5000] fstat(3, [pid 4999] fstat(3, [pid 5130] <... memfd_create resumed>) = 3 [pid 5119] <... mmap resumed>) = 0x20000000 [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5119] exit_group(0 [pid 5001] getdents64(3, [pid 5000] getdents64(3, [pid 4999] getdents64(3, [pid 5130] <... mmap resumed>) = 0x7fd82860d000 [pid 5119] <... exit_group resumed>) = ? [pid 5001] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5119] +++ exited with 0 +++ [pid 5001] lstat("./9/binderfs", [pid 5000] lstat("./10/binderfs", [pid 4999] lstat("./9/binderfs", [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5001] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4999] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5001] unlink("./9/binderfs" [pid 5000] unlink("./10/binderfs" [pid 4999] unlink("./9/binderfs" [pid 5001] <... unlink resumed>) = 0 [pid 5000] <... unlink resumed>) = 0 [pid 4999] <... unlink resumed>) = 0 [pid 5003] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] unlink("./9/binderfs") = 0 [pid 5003] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 77.458117][ T5127] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 77.469199][ T5127] REISERFS (device loop4): using ordered data mode [ 77.476311][ T5127] reiserfs: using flush barriers [ 77.483020][ T5127] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5130] munmap(0x7fd82860d000, 4194304) = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5130] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5130] close(3) = 0 [pid 5130] mkdir("./file0", 0777) = 0 [pid 5130] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 4999] <... umount2 resumed>) = 0 [ 77.565785][ T5130] loop0: detected capacity change from 0 to 8192 [ 77.576615][ T5127] REISERFS (device loop4): checking transaction log (loop4) [ 77.585132][ T5130] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 4999] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4999] lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] <... umount2 resumed>) = 0 [pid 4999] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5000] <... umount2 resumed>) = 0 [pid 4999] <... openat resumed>) = 4 [pid 4999] fstat(4, [pid 5003] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] getdents64(4, [pid 5003] lstat("./9/file0", [pid 4999] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5003] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 77.612923][ T5130] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 77.622927][ T5130] REISERFS (device loop0): using ordered data mode [ 77.629717][ T5130] reiserfs: using flush barriers [ 77.636224][ T5127] REISERFS (device loop4): Using r5 hash to sort names [ 77.643821][ T5130] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5003] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] close(4) = 0 [pid 4999] rmdir("./9/file0") = 0 [pid 4999] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] close(3) = 0 [pid 4999] rmdir("./9") = 0 [pid 5003] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] mkdir("./10", 0777) = 0 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5003] <... openat resumed>) = 4 [pid 4999] ioctl(3, LOOP_CLR_FD [pid 5003] fstat(4, [pid 4999] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] close(3) = 0 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5132 [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5003] close(4) = 0 [pid 5003] rmdir("./9/file0") = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./9") = 0 [ 77.663072][ T5127] REISERFS (device loop4): using 3.5.x disk format [pid 5003] mkdir("./10", 0777) = 0 ./strace-static-x86_64: Process 5132 attached [pid 5132] chdir("./10") = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5132] write(3, "1000", 4) = 4 [pid 5132] close(3) = 0 [pid 5132] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5000] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5132] memfd_create("syzkaller", 0 [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./10/file0", [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5000] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5000] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5132] <... memfd_create resumed>) = 3 [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5003] close(3 [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... close resumed>) = 0 [pid 5000] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5000] <... openat resumed>) = 4 [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] <... umount2 resumed>) = 0 [pid 5000] fstat(4, [pid 5001] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5133 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] getdents64(4, [pid 5001] lstat("./9/file0", [pid 5000] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5001] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] getdents64(4, [pid 5001] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 77.694849][ T5130] REISERFS (device loop0): checking transaction log (loop0) [ 77.709263][ T5130] REISERFS (device loop0): Using r5 hash to sort names [ 77.732749][ T5127] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5000] close(4 [pid 5132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5001] <... openat resumed>) = 4 [pid 5000] <... close resumed>) = 0 ./strace-static-x86_64: Process 5133 attached [pid 5133] chdir("./10") = 0 [pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5133] setpgid(0, 0) = 0 [pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5133] write(3, "1000", 4) = 4 [pid 5133] close(3) = 0 [pid 5133] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5133] memfd_create("syzkaller", 0) = 3 [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5001] fstat(4, [pid 5000] rmdir("./10/file0" [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] <... rmdir resumed>) = 0 [pid 5001] getdents64(4, [pid 5000] getdents64(3, [pid 5001] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5130] <... mount resumed>) = 0 [pid 5001] getdents64(4, [pid 5000] close(3 [pid 5130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5001] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] <... close resumed>) = 0 [pid 5130] <... openat resumed>) = 3 [pid 5001] close(4 [pid 5000] rmdir("./10" [pid 5130] chdir("./file0" [pid 5001] <... close resumed>) = 0 [pid 5000] <... rmdir resumed>) = 0 [pid 5001] rmdir("./9/file0" [pid 5130] <... chdir resumed>) = 0 [pid 5000] mkdir("./11", 0777 [pid 5001] <... rmdir resumed>) = 0 [pid 5000] <... mkdir resumed>) = 0 [pid 5130] ioctl(4, LOOP_CLR_FD [pid 5001] getdents64(3, [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5130] <... ioctl resumed>) = 0 [pid 5001] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5130] close(4 [pid 5001] close(3 [pid 5000] <... openat resumed>) = 3 [pid 5130] <... close resumed>) = 0 [pid 5001] <... close resumed>) = 0 [pid 5000] ioctl(3, LOOP_CLR_FD [pid 5130] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5001] rmdir("./9" [pid 5000] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5130] <... openat resumed>) = 4 [pid 5001] <... rmdir resumed>) = 0 [pid 5000] close(3 [pid 5130] ioctl(4, FS_IOC_GETVERSION [pid 5000] <... close resumed>) = 0 [pid 5001] mkdir("./10", 0777 [pid 5130] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5130] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5001] <... mkdir resumed>) = 0 [pid 5130] <... mmap resumed>) = 0x20000000 [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5000] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5134 [pid 5130] exit_group(0) = ? [pid 5001] <... openat resumed>) = 3 [pid 5130] +++ exited with 0 +++ [pid 5132] <... write resumed>) = 4194304 [pid 5001] ioctl(3, LOOP_CLR_FD [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [pid 5132] munmap(0x7fd82860d000, 4194304 [pid 5001] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5001] close(3) = 0 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5135 [pid 4998] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5132] <... munmap resumed>) = 0 [pid 5127] <... mount resumed>) = 0 [pid 4998] <... openat resumed>) = 3 [pid 5132] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5127] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4998] fstat(3, [pid 5132] <... openat resumed>) = 4 [pid 5132] ioctl(4, LOOP_SET_FD, 3 [pid 4998] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5127] <... openat resumed>) = 3 [ 77.737317][ T5130] REISERFS (device loop0): using 3.5.x disk format [ 77.748659][ T5130] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. ./strace-static-x86_64: Process 5134 attached [pid 5134] chdir("./11") = 0 [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5127] chdir("./file0" [pid 4998] getdents64(3, [pid 5127] <... chdir resumed>) = 0 [pid 5127] ioctl(4, LOOP_CLR_FD [pid 4998] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5127] <... ioctl resumed>) = 0 [pid 4998] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5127] close(4 [pid 5134] setpgid(0, 0 [pid 5127] <... close resumed>) = 0 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5127] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 4998] lstat("./10/binderfs", ./strace-static-x86_64: Process 5135 attached [pid 5134] <... setpgid resumed>) = 0 [pid 5133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5132] <... ioctl resumed>) = 0 [pid 5127] <... openat resumed>) = 4 [pid 4998] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5135] chdir("./10" [pid 5132] close(3 [pid 5127] ioctl(4, FS_IOC_GETVERSION [pid 5132] <... close resumed>) = 0 [pid 4998] unlink("./10/binderfs" [pid 5127] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5135] <... chdir resumed>) = 0 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5132] mkdir("./file0", 0777 [pid 5127] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 4998] <... unlink resumed>) = 0 [pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5134] <... openat resumed>) = 3 [pid 5134] write(3, "1000", 4) = 4 [pid 5132] <... mkdir resumed>) = 0 [pid 5134] close(3 [pid 5135] <... prctl resumed>) = 0 [pid 5134] <... close resumed>) = 0 [pid 5132] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5127] <... mmap resumed>) = 0x20000000 [pid 4998] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5135] setpgid(0, 0 [pid 5134] symlink("/dev/binderfs", "./binderfs" [pid 5135] <... setpgid resumed>) = 0 [pid 5134] <... symlink resumed>) = 0 [pid 5127] exit_group(0 [pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5134] memfd_create("syzkaller", 0 [pid 5127] <... exit_group resumed>) = ? [pid 5135] <... openat resumed>) = 3 [pid 5134] <... memfd_create resumed>) = 3 [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5135] write(3, "1000", 4 [pid 5127] +++ exited with 0 +++ [pid 5135] <... write resumed>) = 4 [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5135] close(3) = 0 [pid 5135] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5002] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5135] memfd_create("syzkaller", 0) = 3 [pid 5002] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5002] <... openat resumed>) = 3 [pid 5135] <... mmap resumed>) = 0x7fd82860d000 [pid 5002] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [ 77.797750][ T5132] loop1: detected capacity change from 0 to 8192 [pid 5002] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] unlink("./9/binderfs") = 0 [pid 5002] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5134] munmap(0x7fd82860d000, 4194304) = 0 [pid 5134] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 77.852165][ T5132] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 77.873882][ T5132] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [pid 5134] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5134] close(3) = 0 [pid 5134] mkdir("./file0", 0777) = 0 [pid 5134] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [ 77.931993][ T5134] loop2: detected capacity change from 0 to 8192 [ 77.948142][ T5132] REISERFS (device loop1): using ordered data mode [ 77.955581][ T5132] reiserfs: using flush barriers [ 77.967922][ T5134] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5135] munmap(0x7fd82860d000, 4194304) = 0 [pid 5135] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5135] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5135] close(3) = 0 [pid 5135] mkdir("./file0", 0777 [pid 5002] <... umount2 resumed>) = 0 [pid 4998] <... umount2 resumed>) = 0 [pid 5135] <... mkdir resumed>) = 0 [pid 5135] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 4998] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5002] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./10/file0", [pid 5002] lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 77.985363][ T5132] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.000641][ T5135] loop3: detected capacity change from 0 to 8192 [ 78.017930][ T5134] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 78.028372][ T5132] REISERFS (device loop1): checking transaction log (loop1) [pid 5002] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4998] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5133] <... write resumed>) = 4194304 [pid 5133] munmap(0x7fd82860d000, 4194304) = 0 [pid 5133] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5133] ioctl(4, LOOP_SET_FD, 3 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5002] <... openat resumed>) = 4 [pid 4998] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5133] <... ioctl resumed>) = 0 [pid 5133] close(3) = 0 [pid 5133] mkdir("./file0", 0777) = 0 [pid 5133] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5002] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5002] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5002] close(4) = 0 [pid 5002] rmdir("./9/file0") = 0 [ 78.031034][ T5135] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.036199][ T5134] REISERFS (device loop2): using ordered data mode [ 78.055656][ T5134] reiserfs: using flush barriers [ 78.056612][ T5133] loop5: detected capacity change from 0 to 8192 [ 78.062435][ T5135] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [pid 5002] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] <... openat resumed>) = 4 [pid 5002] close(3 [pid 4998] fstat(4, [pid 5002] <... close resumed>) = 0 [pid 5002] rmdir("./9" [pid 4998] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 78.076611][ T5134] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.076987][ T5135] REISERFS (device loop3): using ordered data mode [ 78.094425][ T5133] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.099447][ T5132] REISERFS (device loop1): Using r5 hash to sort names [ 78.112517][ T5133] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 78.119766][ T5134] REISERFS (device loop2): checking transaction log (loop2) [pid 5002] <... rmdir resumed>) = 0 [pid 4998] getdents64(4, [pid 5002] mkdir("./10", 0777 [pid 4998] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5002] <... mkdir resumed>) = 0 [pid 4998] getdents64(4, [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4998] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5002] <... openat resumed>) = 3 [pid 4998] close(4 [pid 5002] ioctl(3, LOOP_CLR_FD [pid 4998] <... close resumed>) = 0 [pid 5002] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4998] rmdir("./10/file0" [pid 5002] close(3 [pid 4998] <... rmdir resumed>) = 0 [pid 5002] <... close resumed>) = 0 [pid 4998] getdents64(3, [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4998] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] close(3) = 0 [pid 5002] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5140 [pid 4998] rmdir("./10") = 0 [pid 4998] mkdir("./11", 0777) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 78.136157][ T5135] reiserfs: using flush barriers [ 78.136991][ T5133] REISERFS (device loop5): using ordered data mode [ 78.142929][ T5132] REISERFS (device loop1): using 3.5.x disk format [ 78.148527][ T5135] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.170565][ T5133] reiserfs: using flush barriers [pid 4998] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4998] close(3) = 0 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5141 ./strace-static-x86_64: Process 5140 attached ./strace-static-x86_64: Process 5141 attached [pid 5141] chdir("./11" [pid 5140] chdir("./10" [pid 5141] <... chdir resumed>) = 0 [pid 5140] <... chdir resumed>) = 0 [pid 5141] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5141] <... prctl resumed>) = 0 [pid 5140] <... prctl resumed>) = 0 [ 78.176516][ T5133] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.193288][ T5133] REISERFS (device loop5): checking transaction log (loop5) [ 78.201234][ T5135] REISERFS (device loop3): checking transaction log (loop3) [ 78.203682][ T5133] REISERFS (device loop5): Using r5 hash to sort names [ 78.209197][ T5132] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 78.225070][ T5135] REISERFS (device loop3): Using r5 hash to sort names [pid 5141] setpgid(0, 0 [pid 5140] setpgid(0, 0 [pid 5141] <... setpgid resumed>) = 0 [pid 5140] <... setpgid resumed>) = 0 [pid 5141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5141] <... openat resumed>) = 3 [pid 5140] <... openat resumed>) = 3 [pid 5141] write(3, "1000", 4 [pid 5140] write(3, "1000", 4 [pid 5141] <... write resumed>) = 4 [pid 5140] <... write resumed>) = 4 [pid 5141] close(3 [pid 5140] close(3 [pid 5141] <... close resumed>) = 0 [pid 5140] <... close resumed>) = 0 [pid 5141] symlink("/dev/binderfs", "./binderfs" [pid 5140] symlink("/dev/binderfs", "./binderfs" [pid 5141] <... symlink resumed>) = 0 [pid 5140] <... symlink resumed>) = 0 [pid 5141] memfd_create("syzkaller", 0 [pid 5140] memfd_create("syzkaller", 0 [pid 5141] <... memfd_create resumed>) = 3 [pid 5140] <... memfd_create resumed>) = 3 [pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5132] <... mount resumed>) = 0 [pid 5141] <... mmap resumed>) = 0x7fd82860d000 [pid 5140] <... mmap resumed>) = 0x7fd82860d000 [pid 5135] <... mount resumed>) = 0 [pid 5132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5132] <... openat resumed>) = 3 [pid 5135] <... openat resumed>) = 3 [pid 5133] <... mount resumed>) = 0 [pid 5132] chdir("./file0" [pid 5135] chdir("./file0" [pid 5132] <... chdir resumed>) = 0 [ 78.227617][ T5134] REISERFS (device loop2): Using r5 hash to sort names [ 78.241915][ T5135] REISERFS (device loop3): using 3.5.x disk format [ 78.250011][ T5135] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 78.260665][ T5133] REISERFS (device loop5): using 3.5.x disk format [ 78.267455][ T5133] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 78.277503][ T5134] REISERFS (device loop2): using 3.5.x disk format [pid 5133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5135] <... chdir resumed>) = 0 [pid 5132] ioctl(4, LOOP_CLR_FD [pid 5135] ioctl(4, LOOP_CLR_FD [pid 5134] <... mount resumed>) = 0 [pid 5133] <... openat resumed>) = 3 [pid 5132] <... ioctl resumed>) = 0 [pid 5135] <... ioctl resumed>) = 0 [pid 5134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5133] chdir("./file0" [pid 5132] close(4 [pid 5135] close(4 [pid 5134] <... openat resumed>) = 3 [pid 5133] <... chdir resumed>) = 0 [pid 5132] <... close resumed>) = 0 [pid 5135] <... close resumed>) = 0 [pid 5133] ioctl(4, LOOP_CLR_FD [pid 5132] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5135] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5134] chdir("./file0" [pid 5133] <... ioctl resumed>) = 0 [pid 5132] <... openat resumed>) = 4 [pid 5135] <... openat resumed>) = 4 [pid 5134] <... chdir resumed>) = 0 [pid 5133] close(4 [pid 5132] ioctl(4, FS_IOC_GETVERSION [pid 5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5135] ioctl(4, FS_IOC_GETVERSION [pid 5134] ioctl(4, LOOP_CLR_FD [pid 5133] <... close resumed>) = 0 [pid 5132] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5135] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5134] <... ioctl resumed>) = 0 [pid 5133] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5132] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5135] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5134] close(4 [pid 5133] <... openat resumed>) = 4 [pid 5132] <... mmap resumed>) = 0x20000000 [pid 5135] <... mmap resumed>) = 0x20000000 [pid 5134] <... close resumed>) = 0 [pid 5133] ioctl(4, FS_IOC_GETVERSION [pid 5135] exit_group(0 [pid 5134] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5133] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5132] exit_group(0 [pid 5135] <... exit_group resumed>) = ? [pid 5134] <... openat resumed>) = 4 [pid 5133] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5132] <... exit_group resumed>) = ? [pid 5135] +++ exited with 0 +++ [pid 5133] <... mmap resumed>) = 0x20000000 [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=12 /* 0.12 s */} --- [pid 5132] +++ exited with 0 +++ [pid 5134] ioctl(4, FS_IOC_GETVERSION [pid 5133] exit_group(0 [pid 5134] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5133] <... exit_group resumed>) = ? [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5134] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5001] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5133] +++ exited with 0 +++ [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5134] <... mmap resumed>) = 0x20000000 [pid 5003] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [ 78.284999][ T5134] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [pid 5001] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5134] exit_group(0 [pid 5001] <... openat resumed>) = 3 [pid 4999] <... openat resumed>) = 3 [pid 5134] <... exit_group resumed>) = ? [pid 5001] fstat(3, [pid 4999] fstat(3, [pid 5134] +++ exited with 0 +++ [pid 5003] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] getdents64(3, [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 4999] getdents64(3, [pid 5003] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5001] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5000] restart_syscall(<... resuming interrupted clone ...> [pid 4999] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5003] <... openat resumed>) = 3 [pid 5001] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] <... restart_syscall resumed>) = 0 [pid 4999] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] fstat(3, [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] lstat("./10/binderfs", [pid 4999] lstat("./10/binderfs", [pid 5003] getdents64(3, [pid 5001] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5003] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5001] unlink("./10/binderfs" [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] unlink("./10/binderfs" [pid 5003] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... unlink resumed>) = 0 [pid 5000] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4999] <... unlink resumed>) = 0 [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] <... openat resumed>) = 3 [pid 4999] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] lstat("./10/binderfs", [pid 5000] fstat(3, [pid 5003] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] unlink("./10/binderfs" [pid 5000] getdents64(3, [pid 5003] <... unlink resumed>) = 0 [pid 5000] <... getdents64 resumed>0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5003] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5000] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5000] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] unlink("./11/binderfs") = 0 [pid 5000] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5141] <... write resumed>) = 4194304 [pid 5141] munmap(0x7fd82860d000, 4194304) = 0 [pid 5141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5141] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5141] close(3) = 0 [pid 5141] mkdir("./file0", 0777) = 0 [ 78.425000][ T5141] loop0: detected capacity change from 0 to 8192 [pid 5141] mount("/dev/loop0", "./file0", "reiserfs", 0, "" [pid 5140] <... write resumed>) = 4194304 [pid 5140] munmap(0x7fd82860d000, 4194304) = 0 [pid 5140] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 78.472782][ T5141] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 5140] ioctl(4, LOOP_SET_FD, 3 [pid 5000] <... umount2 resumed>) = 0 [pid 5140] <... ioctl resumed>) = 0 [pid 5003] <... umount2 resumed>) = 0 [pid 5001] <... umount2 resumed>) = 0 [pid 5000] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... umount2 resumed>) = 0 [pid 5003] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5003] lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4999] lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5001] lstat("./10/file0", [pid 5003] <... openat resumed>) = 4 [pid 5001] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5140] close(3) = 0 [pid 5000] lstat("./11/file0", [pid 5140] mkdir("./file0", 0777 [pid 5000] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5140] <... mkdir resumed>) = 0 [pid 5001] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4999] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] fstat(4, [pid 5001] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5003] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4999] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5001] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5003] getdents64(4, [pid 5000] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5003] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4999] fstat(4, [pid 5001] fstat(4, [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4999] getdents64(4, [pid 5003] close(4 [pid 5001] getdents64(4, [pid 5003] <... close resumed>) = 0 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5001] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5000] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5003] rmdir("./10/file0" [pid 5001] getdents64(4, [pid 4999] getdents64(4, [pid 5001] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4999] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5001] close(4 [pid 4999] close(4) = 0 [pid 5140] mount("/dev/loop4", "./file0", "reiserfs", 0, "" [pid 5000] getdents64(4, [pid 5001] <... close resumed>) = 0 [pid 5000] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4999] rmdir("./10/file0" [pid 5001] rmdir("./10/file0" [pid 4999] <... rmdir resumed>) = 0 [pid 5001] <... rmdir resumed>) = 0 [pid 5003] <... rmdir resumed>) = 0 [pid 5000] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5000] close(4) = 0 [pid 5000] rmdir("./11/file0") = 0 [pid 5003] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [pid 5003] rmdir("./10" [pid 5001] getdents64(3, [pid 5003] <... rmdir resumed>) = 0 [pid 5001] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] getdents64(3, [pid 5001] close(3 [pid 4999] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5001] <... close resumed>) = 0 [pid 4999] close(3 [pid 5001] rmdir("./10" [pid 4999] <... close resumed>) = 0 [pid 5001] <... rmdir resumed>) = 0 [pid 5000] getdents64(3, [pid 4999] rmdir("./10" [pid 5003] mkdir("./11", 0777 [pid 5000] <... getdents64 resumed>0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4999] <... rmdir resumed>) = 0 [pid 5003] <... mkdir resumed>) = 0 [pid 5001] mkdir("./11", 0777 [ 78.513029][ T5140] loop4: detected capacity change from 0 to 8192 [ 78.520746][ T5141] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 78.530789][ T5141] REISERFS (device loop0): using ordered data mode [ 78.538161][ T5141] reiserfs: using flush barriers [ 78.545252][ T5141] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5000] close(3 [pid 5001] <... mkdir resumed>) = 0 [pid 5000] <... close resumed>) = 0 [pid 4999] mkdir("./11", 0777 [pid 5000] rmdir("./11" [pid 4999] <... mkdir resumed>) = 0 [pid 5003] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5000] <... rmdir resumed>) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5001] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5000] mkdir("./12", 0777 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5001] <... openat resumed>) = 3 [pid 5000] <... mkdir resumed>) = 0 [pid 4999] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5001] ioctl(3, LOOP_CLR_FD [pid 5000] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4999] <... openat resumed>) = 3 [pid 5003] close(3 [pid 5001] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5000] <... openat resumed>) = 3 [pid 4999] ioctl(3, LOOP_CLR_FD [pid 5003] <... close resumed>) = 0 [pid 5001] close(3 [pid 5000] ioctl(3, LOOP_CLR_FD [pid 4999] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] <... close resumed>) = 0 [pid 5000] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4999] close(3 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5000] close(3 [pid 4999] <... close resumed>) = 0 [pid 5003] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5144 [pid 5000] <... close resumed>) = 0 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5146 attached [pid 5001] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5145 [ 78.562532][ T5141] REISERFS (device loop0): checking transaction log (loop0) [ 78.573665][ T5141] REISERFS (device loop0): Using r5 hash to sort names [ 78.573832][ T5140] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.594690][ T5140] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 78.599720][ T5141] REISERFS (device loop0): using 3.5.x disk format [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5146] chdir("./11" [pid 4999] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5146 ./strace-static-x86_64: Process 5145 attached [pid 5145] chdir("./11" [pid 5146] <... chdir resumed>) = 0 [pid 5000] <... clone resumed>, child_tidptr=0x555555b7f5d0) = 5147 [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5146] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5144 attached [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5146] write(3, "1000", 4) = 4 [pid 5146] close(3) = 0 [pid 5146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5146] memfd_create("syzkaller", 0 [pid 5145] <... chdir resumed>) = 0 [pid 5146] <... memfd_create resumed>) = 3 [pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5145] <... prctl resumed>) = 0 [pid 5146] <... mmap resumed>) = 0x7fd82860d000 [pid 5145] setpgid(0, 0 [pid 5144] chdir("./11") = 0 [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5144] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5147 attached [pid 5145] <... setpgid resumed>) = 0 [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5147] chdir("./12" [ 78.605666][ T5140] REISERFS (device loop4): using ordered data mode [ 78.616923][ T5140] reiserfs: using flush barriers [ 78.628788][ T5140] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5147] <... chdir resumed>) = 0 [pid 5145] <... openat resumed>) = 3 [pid 5145] write(3, "1000", 4 [pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5145] <... write resumed>) = 4 [pid 5147] <... prctl resumed>) = 0 [pid 5145] close(3 [pid 5147] setpgid(0, 0 [pid 5145] <... close resumed>) = 0 [pid 5147] <... setpgid resumed>) = 0 [pid 5145] symlink("/dev/binderfs", "./binderfs" [pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5145] <... symlink resumed>) = 0 [pid 5147] <... openat resumed>) = 3 [pid 5145] memfd_create("syzkaller", 0 [pid 5147] write(3, "1000", 4 [pid 5145] <... memfd_create resumed>) = 3 [pid 5147] <... write resumed>) = 4 [pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5147] close(3 [pid 5145] <... mmap resumed>) = 0x7fd82860d000 [pid 5147] <... close resumed>) = 0 [pid 5144] <... openat resumed>) = 3 [pid 5141] <... mount resumed>) = 0 [pid 5147] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5147] memfd_create("syzkaller", 0) = 3 [pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [pid 5144] write(3, "1000", 4 [pid 5141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5144] <... write resumed>) = 4 [pid 5141] <... openat resumed>) = 3 [pid 5144] close(3 [pid 5141] chdir("./file0" [pid 5144] <... close resumed>) = 0 [pid 5141] <... chdir resumed>) = 0 [pid 5140] <... mount resumed>) = 0 [pid 5144] symlink("/dev/binderfs", "./binderfs" [pid 5141] ioctl(4, LOOP_CLR_FD [pid 5144] <... symlink resumed>) = 0 [pid 5141] <... ioctl resumed>) = 0 [pid 5140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5144] memfd_create("syzkaller", 0 [pid 5141] close(4 [pid 5144] <... memfd_create resumed>) = 3 [pid 5141] <... close resumed>) = 0 [pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5141] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5140] <... openat resumed>) = 3 [pid 5144] <... mmap resumed>) = 0x7fd82860d000 [pid 5141] <... openat resumed>) = 4 [pid 5140] chdir("./file0" [pid 5141] ioctl(4, FS_IOC_GETVERSION [pid 5140] <... chdir resumed>) = 0 [pid 5141] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 5141] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5140] ioctl(4, LOOP_CLR_FD [pid 5141] <... mmap resumed>) = 0x20000000 [pid 5141] exit_group(0 [ 78.661300][ T5141] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 78.671918][ T5140] REISERFS (device loop4): checking transaction log (loop4) [ 78.680242][ T5140] REISERFS (device loop4): Using r5 hash to sort names [ 78.687134][ T5140] REISERFS (device loop4): using 3.5.x disk format [ 78.694513][ T5140] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [pid 5140] <... ioctl resumed>) = 0 [pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5145] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5141] <... exit_group resumed>) = ? [pid 5140] close(4 [pid 5147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5141] +++ exited with 0 +++ [pid 5140] <... close resumed>) = 0 [pid 4998] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5141, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 4998] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4998] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 4998] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5145] <... write resumed>) = 4194304 [pid 5140] openat(AT_FDCWD, "pids.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 4998] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5145] munmap(0x7fd82860d000, 4194304 [pid 5140] <... openat resumed>) = 4 [pid 4998] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4998] unlink("./11/binderfs" [pid 5145] <... munmap resumed>) = 0 [pid 5140] ioctl(4, FS_IOC_GETVERSION [pid 4998] <... unlink resumed>) = 0 [pid 5145] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5140] <... ioctl resumed>, 0) = -1 EFAULT (Bad address) [pid 4998] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5145] <... openat resumed>) = 4 [pid 5140] mmap(0x20000000, 11755520, PROT_READ|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0 [pid 5147] <... write resumed>) = 4194304 [pid 5144] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 [pid 5147] munmap(0x7fd82860d000, 4194304 [pid 5146] <... write resumed>) = 4194304 [pid 5145] ioctl(4, LOOP_SET_FD, 3 [pid 5140] <... mmap resumed>) = 0x20000000 [pid 5147] <... munmap resumed>) = 0 [pid 5140] exit_group(0 [pid 5147] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5146] munmap(0x7fd82860d000, 4194304 [pid 5147] <... openat resumed>) = 4 [pid 5145] <... ioctl resumed>) = 0 [pid 5140] <... exit_group resumed>) = ? [pid 5147] ioctl(4, LOOP_SET_FD, 3 [pid 5140] +++ exited with 0 +++ [pid 5002] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5002] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5002] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5002] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5002] getdents64(3, 0x555555b80620 /* 4 entries */, 32768) = 112 [pid 5002] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5002] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5002] unlink("./10/binderfs") = 0 [pid 5002] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5147] <... ioctl resumed>) = 0 [pid 5146] <... munmap resumed>) = 0 [pid 5145] close(3 [pid 5147] close(3 [pid 5146] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5145] <... close resumed>) = 0 [pid 5147] <... close resumed>) = 0 [pid 5146] <... openat resumed>) = 4 [pid 5145] mkdir("./file0", 0777 [pid 5147] mkdir("./file0", 0777 [pid 5146] ioctl(4, LOOP_SET_FD, 3 [pid 5145] <... mkdir resumed>) = 0 [pid 5147] <... mkdir resumed>) = 0 [pid 5147] mount("/dev/loop2", "./file0", "reiserfs", 0, "" [pid 5146] <... ioctl resumed>) = 0 [pid 5145] mount("/dev/loop3", "./file0", "reiserfs", 0, "" [pid 5146] close(3 [pid 5144] <... write resumed>) = 4194304 [pid 5146] <... close resumed>) = 0 [pid 5144] munmap(0x7fd82860d000, 4194304 [pid 5146] mkdir("./file0", 0777 [pid 5144] <... munmap resumed>) = 0 [pid 5146] <... mkdir resumed>) = 0 [pid 5144] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5146] mount("/dev/loop1", "./file0", "reiserfs", 0, "" [pid 5144] <... openat resumed>) = 4 [ 78.831837][ T5145] loop3: detected capacity change from 0 to 8192 [ 78.842480][ T5147] loop2: detected capacity change from 0 to 8192 [ 78.865787][ T5146] loop1: detected capacity change from 0 to 8192 [pid 5144] ioctl(4, LOOP_SET_FD, 3 [pid 4998] <... umount2 resumed>) = 0 [pid 4998] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 4998] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 4998] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4998] getdents64(4, 0x555555b88660 /* 2 entries */, 32768) = 48 [pid 4998] getdents64(4, 0x555555b88660 /* 0 entries */, 32768) = 0 [pid 4998] close(4) = 0 [pid 4998] rmdir("./11/file0") = 0 [pid 4998] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 4998] close(3) = 0 [pid 4998] rmdir("./11") = 0 [pid 4998] mkdir("./12", 0777) = 0 [pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 4998] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 78.883545][ T5144] loop5: detected capacity change from 0 to 8192 [ 78.890777][ T5145] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.906879][ T5147] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.921128][ T5146] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [pid 4998] close(3 [pid 5144] <... ioctl resumed>) = 0 [pid 4998] <... close resumed>) = 0 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5151 [pid 5144] close(3./strace-static-x86_64: Process 5151 attached [pid 5002] <... umount2 resumed>) = 0 [pid 5151] chdir("./12" [pid 5002] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5151] <... chdir resumed>) = 0 [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5151] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5002] lstat("./10/file0", [pid 5151] <... prctl resumed>) = 0 [pid 5002] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5151] setpgid(0, 0) = 0 [pid 5002] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5002] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5151] <... openat resumed>) = 3 [pid 5002] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5151] write(3, "1000", 4 [pid 5144] <... close resumed>) = 0 [pid 5002] <... openat resumed>) = 4 [pid 5151] <... write resumed>) = 4 [pid 5002] fstat(4, [pid 5151] close(3 [pid 5002] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5151] <... close resumed>) = 0 [pid 5151] symlink("/dev/binderfs", "./binderfs" [pid 5002] getdents64(4, [pid 5151] <... symlink resumed>) = 0 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 2 entries */, 32768) = 48 [pid 5151] memfd_create("syzkaller", 0 [pid 5002] getdents64(4, [pid 5151] <... memfd_create resumed>) = 3 [pid 5002] <... getdents64 resumed>0x555555b88660 /* 0 entries */, 32768) = 0 [pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5002] close(4 [pid 5151] <... mmap resumed>) = 0x7fd82860d000 [pid 5002] <... close resumed>) = 0 [pid 5144] mkdir("./file0", 0777 [pid 5002] rmdir("./10/file0") = 0 [pid 5002] getdents64(3, 0x555555b80620 /* 0 entries */, 32768) = 0 [pid 5002] close(3) = 0 [pid 5144] <... mkdir resumed>) = 0 [pid 5002] rmdir("./10" [pid 5144] mount("/dev/loop5", "./file0", "reiserfs", 0, "" [pid 5002] <... rmdir resumed>) = 0 [pid 5002] mkdir("./11", 0777) = 0 [pid 5002] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5002] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 78.934748][ T5145] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 78.944716][ T5147] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 78.954821][ T5146] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 78.965136][ T5145] REISERFS (device loop3): using ordered data mode [ 78.972951][ T5146] REISERFS (device loop1): using ordered data mode [ 78.980015][ T5146] reiserfs: using flush barriers [pid 5002] close(3) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b7f5d0) = 5153 ./strace-static-x86_64: Process 5153 attached [pid 5153] chdir("./11") = 0 [pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5153] setpgid(0, 0) = 0 [pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5153] write(3, "1000", 4) = 4 [pid 5153] close(3) = 0 [pid 5153] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5153] memfd_create("syzkaller", 0) = 3 [pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd82860d000 [ 78.990529][ T5147] REISERFS (device loop2): using ordered data mode [ 78.990928][ T5146] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.997108][ T5147] reiserfs: using flush barriers [ 79.019977][ T5144] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 79.028760][ T5145] reiserfs: using flush barriers [ 79.038908][ T5144] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 79.045182][ T5147] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 79.048088][ T5144] REISERFS (device loop5): using ordered data mode [ 79.064612][ T5145] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30